lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3ebac012ccc6da2ec700fa14e6193cbf5ca98951.camel@surriel.com>
Date: Sat, 11 Jan 2025 21:39:38 -0500
From: Rik van Riel <riel@...riel.com>
To: Jann Horn <jannh@...gle.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org, kernel-team@...a.com, 
	dave.hansen@...ux.intel.com, luto@...nel.org, peterz@...radead.org, 
	tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, hpa@...or.com, 
	akpm@...ux-foundation.org, nadav.amit@...il.com,
 zhengqi.arch@...edance.com, 	linux-mm@...ck.org
Subject: Re: [PATCH 12/12] x86/mm: only invalidate final translations with
 INVLPGB

On Fri, 2025-01-03 at 19:40 +0100, Jann Horn wrote:
> On Mon, Dec 30, 2024 at 6:53 PM Rik van Riel <riel@...riel.com>
> wrote:
> > 
> > +++ b/arch/x86/include/asm/invlpgb.h
> > @@ -51,7 +51,7 @@ static inline void invlpgb_flush_user(unsigned
> > long pcid,
> >  static inline void invlpgb_flush_user_nr(unsigned long pcid,
> > unsigned long addr,
> >                                          int nr, bool pmd_stride)
> >  {
> > -       __invlpgb(0, pcid, addr, nr - 1, pmd_stride, INVLPGB_PCID |
> > INVLPGB_VA);
> > +       __invlpgb(0, pcid, addr, nr - 1, pmd_stride, INVLPGB_PCID |
> > INVLPGB_VA | INVLPGB_FINAL_ONLY);
> >  }
> 
> Please note this final-only behavior in a comment above the function
> and/or rename the function to make this clear.
> 
> I think this currently interacts badly with pmdp_collapse_flush(),
> which is used by retract_page_tables(). pmdp_collapse_flush() removes

I've added a freed_tables argument to invlpgb_flush_user_nr_nosync

> a PMD entry pointing to a page table with pmdp_huge_get_and_clear(),
> then calls flush_tlb_range(), which on x86 calls flush_tlb_mm_range()
> with the "freed_tables" parameter set to false. But that's really a
> preexisting bug, not something introduced by your series. I've sent a
> patch for that, see
> <
> https://lore.kernel.org/r/20250103-x86-collapse-flush-fix-v1-1-3c521856cfa6@google.com
> >.
> 
With your change, I believe the next version of my patch
series should handle this case correctly, too.

-- 
All Rights Reversed.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ