| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0a794201-6886-482d-8533-dd7fd9e59de9@gmail.com>
Date: Tue, 22 Oct 2024 09:44:39 +0800
From: Alex Shi <seakeel@...il.com>
To: Dongliang Mu <dzm91@...t.edu.cn>, si.yanteng@...ux.dev, alexs@...nel.org,
corbet@....net, Yanteng Si <siyanteng@...ngson.cn>
Cc: hust-os-kernel-patches@...glegroups.com, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 5/6] docs/zh_CN: update the translation of
mm/page_table_check.rst
Reviewed-by: Alex Shi <alexs@...nel.org>
On 10/19/24 16:54, Dongliang Mu wrote:
> Update to commit 8430557fc584 ("mm/page_table_check: support
> userfault wr-protect entries")
>
> scripts/checktransupdate.py reports:
>
> Documentation/translations/zh_CN/mm/page_table_check.rst
> commit 8430557fc584 ("mm/page_table_check: support userfault wr-protect
> entries")
> commit 81a31a860bb6 ("mm: page_table_check: Make it dependent on
> EXCLUSIVE_SYSTEM_RAM")
> commit ee86588960e2 ("docs/mm: remove useless markup")
> 3 commits needs resolving in total
>
> Signed-off-by: Dongliang Mu <dzm91@...t.edu.cn>
> ---
> .../translations/zh_CN/mm/page_table_check.rst | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
>
> diff --git a/Documentation/translations/zh_CN/mm/page_table_check.rst b/Documentation/translations/zh_CN/mm/page_table_check.rst
> index e8077310a76c..dc34570dceff 100644
> --- a/Documentation/translations/zh_CN/mm/page_table_check.rst
> +++ b/Documentation/translations/zh_CN/mm/page_table_check.rst
> @@ -54,3 +54,16 @@
>
> 可以选择用PAGE_TABLE_CHECK_ENFORCED来构建内核,以便在没有额外的内核参数的情况下获得页表
> 支持。
> +
> +实现注意事项
> +============
> +
> +我们特意决定不使用 VMA 信息,以避免依赖于 MM 状态(除了有限的 “struct page” 信息)。页表检查
> +独立于 Linux-MM 状态机,它验证用户可访问的页面不会被错误地共享。
> +
> +PAGE_TABLE_CHECK 依赖于 EXCLUSIVE_SYSTEM_RAM。原因在于,若没有 EXCLUSIVE_SYSTEM_RAM,
> +用户被允许通过 /dev/mem 将任意物理内存区域映射到用户空间。同时,页面可能在映射到用户空间期间
> +改变自己的属性(例如,从匿名页面变为命名页面),导致页表检查检测到“损坏”。
> +
> +即使有 EXCLUSIVE_SYSTEM_RAM,I/O 页面可能仍然被允许通过 /dev/mem 映射。然而,这些页面始终
> +被视为命名页面,所以它们不会破坏页表检查中使用的逻辑。
Powered by blists - more mailing lists