lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Zz41KbB4b86eQ1jj@tassilo>
Date: Wed, 20 Nov 2024 11:14:49 -0800
From: Andi Kleen <ak@...ux.intel.com>
To: Pasha Tatashin <pasha.tatashin@...een.com>
Cc: linux-kernel@...r.kernel.org, linux-mm@...ck.org,
	linux-doc@...r.kernel.org, linux-fsdevel@...r.kernel.org,
	cgroups@...r.kernel.org, linux-kselftest@...r.kernel.org,
	akpm@...ux-foundation.org, corbet@....net, derek.kiernan@....com,
	dragan.cvetic@....com, arnd@...db.de, gregkh@...uxfoundation.org,
	viro@...iv.linux.org.uk, brauner@...nel.org, jack@...e.cz,
	tj@...nel.org, hannes@...xchg.org, mhocko@...nel.org,
	roman.gushchin@...ux.dev, shakeel.butt@...ux.dev,
	muchun.song@...ux.dev, Liam.Howlett@...cle.com,
	lorenzo.stoakes@...cle.com, vbabka@...e.cz, jannh@...gle.com,
	shuah@...nel.org, vegard.nossum@...cle.com, vattunuru@...vell.com,
	schalla@...vell.com, david@...hat.com, willy@...radead.org,
	osalvador@...e.de, usama.anjum@...labora.com, andrii@...nel.org,
	ryan.roberts@....com, peterx@...hat.com, oleg@...hat.com
Subject: Re: [RFCv1 0/6] Page Detective

> - Quickly identify all user processes mapping a given page.

Can be done with /proc/*/pagemap today. Maybe it's not "quick"
because it won't use the rmap chains, but is that a serious
issue?

> - Determine if and where the kernel maps the page, which is also
> important given the opportunity to remove guest memory from the kernel
> direct map (as discussed at LPC'24).

At least x86 already has a kernel page table dumper in debugfs
that can be used for this. The value of a second redundant
one seems low.

> We also plan to extend this functionality to include KVM and IOMMU
> page tables in the future.

Yes dumpers for those would likely be useful.

(at least for the case when one hand is tied behind your back
by security policies forbidding /proc/kcore access)

> <pagemap> provides an interface to traversing through user page
> tables, but the other information cannot be extracted using the
> existing interfaces.

Like what? You mean the reference counts?

/proc/k* doesn't have any reference counts, and no space
for full counts, but I suspect usually all you need to know is a
few states like (>1, 1, 0, maybe negative) which could be mapped to a
few spare kpageflags bits.

That said I thought Willy wanted to move a lot of these
elsewhere anyways with the folio revolution, so it might 
be a short lived interface anyways.

-Andi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ