lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <23000b6a-8a58-4c38-a032-ad62637d3fa4@lucifer.local>
Date: Wed, 19 Mar 2025 15:02:06 +0000
From: Lorenzo Stoakes <lorenzo.stoakes@...cle.com>
To: David Hildenbrand <david@...hat.com>
Cc: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>,
        James.Bottomley@...senpartnership.com, Liam.Howlett@...cle.com,
        akpm@...ux-foundation.org, arnd@...nel.org, brauner@...nel.org,
        chris@...kel.net, deller@....de, hch@...radead.org, jannh@...gle.com,
        jcmvbkbc@...il.com, jeffxu@...omium.org, jhubbard@...dia.com,
        linux-api@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, mattst88@...il.com, muchun.song@...ux.dev,
        paulmck@...nel.org, richard.henderson@...aro.org, shuah@...nel.org,
        sidhartha.kumar@...cle.com, surenb@...gle.com,
        tsbogend@...ha.franken.de, vbabka@...e.cz, willy@...radead.org,
        criu@...ts.linux.dev, Andrei Vagin <avagin@...il.com>,
        Pavel Tikhomirov <ptikhomirov@...tuozzo.com>
Subject: Re: [PATCH v4 0/5] implement lightweight guard pages

On Wed, Mar 19, 2025 at 03:52:56PM +0100, David Hildenbrand wrote:
> On 19.03.25 15:50, Alexander Mikhalitsyn wrote:
> > On Mon, Oct 28, 2024 at 02:13:26PM +0000, Lorenzo Stoakes wrote:

[snip]


> >
> > Dear Lorenzo,
> > Dear colleagues,
> >
> > sorry about raising an old thread.
> >

No worries!

> > It looks like this feature is now used in glibc [1]. And we noticed failures in CRIU [2]
> > CI on Fedora Rawhide userspace. Now a question is how we can properly detect such
> > "guarded" pages from user space. As I can see from MADV_GUARD_INSTALL implementation,
> > it does not modify VMA flags anyhow, but only page tables. It means that /proc/<pid>/maps
> > and /proc/<pid>/smaps interfaces are useless in this case. (Please, correct me if I'm missing
> > anything here.)

Sorry to hear that.

> >
> > I wonder if you have any ideas / suggestions regarding Checkpoint/Restore here. We (CRIU devs) are happy
> > to develop some patches to bring some uAPI to expose MADV_GUARDs, but before going into this we decided
> > to raise this question in LKML.

There's no need.

>
>
> See [1] and [2]
>
> [1]
> https://lkml.kernel.org/r/cover.1740139449.git.lorenzo.stoakes@oracle.com
> [2] https://lwn.net/Articles/1011366/

As per David, there is already a feature heading for 6.15 which will allow
this to be exposed by /proc/$pid/pagemap.

In addition, I plan to add a 'maybe has guard regions' flag that can be
observed in smaps to assist narrowing down which VMAs to check.

However unfortunately due to the nature of the feature there is no getting
around the need to traverse page tables.

That thread (and LWN article :) go into extensive detail as to why. In
essence - it's the basis of its design to express this information at the
page table level only, and any attempt to encode this at the VMA level
(other than a 'maybe' flag) would eliminate the purpose of the feature.

Let me know if there's any way I can help!

Cheers, Lorenzo

>
>
> --
> Cheers,
>
> David / dhildenb
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ