| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMgjq7Aosd20rpFa8thPaGQ9dL-qLeq6Ki7S0H0VirQy5rh=Kw@mail.gmail.com> Date: Fri, 8 Aug 2025 02:09:31 +0800 From: Kairui Song <ryncsn@...il.com> To: Jann Horn <jannh@...gle.com> Cc: linux-mm@...ck.org, Andrew Morton <akpm@...ux-foundation.org>, "Liam R. Howlett" <Liam.Howlett@...cle.com>, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, Vlastimil Babka <vbabka@...e.cz>, Pedro Falcato <pfalcato@...e.de>, Matthew Wilcox <willy@...radead.org>, Hugh Dickins <hughd@...gle.com>, David Hildenbrand <david@...hat.com>, Chris Li <chrisl@...nel.org>, Barry Song <baohua@...nel.org>, Baoquan He <bhe@...hat.com>, Nhat Pham <nphamcs@...il.com>, Kemeng Shi <shikemeng@...weicloud.com>, linux-kernel@...r.kernel.org Subject: Re: [RFC PATCH 3/3] mm/mincore: avoid touching the PTL On Fri, Aug 8, 2025 at 1:45 AM Jann Horn <jannh@...gle.com> wrote: > On Thu, Aug 7, 2025 at 7:28 PM Kairui Song <ryncsn@...il.com> wrote: > > On Fri, Aug 8, 2025 at 12:06 AM Jann Horn <jannh@...gle.com> wrote: > > > > > > On Thu, Aug 7, 2025 at 5:27 PM Kairui Song <ryncsn@...il.com> wrote: > > > > mincore only interested in the existence of a page, which is a > > > > changing state by nature, locking and making it stable is not needed. > > > > And now neither mincore_page or mincore_swap requires PTL, this PTL > > > > locking can be dropped. > > > > > > This means you can race such that you end up looking at an unrelated > > > page of another process, right? > > > > I was thinking If the PTE is gone, it will make mincore go check the > > page cache, but even if we hold the PTL here, the next mincore call > > (if called soon enough) could check the page cache using the same > > address. And it never checks any actual page if the PTE is not none. > > > > Perhaps you mean that it's now doing the page / swap cache lookup > > without holding PTL so if the PTE changed, then the lookup could be > > using an invalidated index, and may find an unrelated page. > > Yes, that's what I meant. > > > A changing PTE also means the mincore return value is changing, and if > > called earlier or later by a little bit, the result of that address > > could be opposite, and mincore only checks if the page existed, > > it's hard to say the returned value is a false positive / negative? > > > > Or could this introduce a new security issue? > > I don't have specific security concerns here; but this is a change > that trades accuracy and simplicity for performance. > > > > And your patch intentionally allows that to happen in order to make mincore() faster? > > > > When doing a clean up (patch 1) I noticed and didn't understand why we > > need a PTL here. It will no longer block others and go faster as we > > remove one lock, I can drop this one if we are not comfortable with > > it. > > If you had a specific performance concern here, I think we could > consider changing this, but in my view it would sort of be breaking > the locking rules (by using a swap index that is not guaranteed to be > kept alive) and would need an explanatory comment explaining the > tradeoff. Thanks for the explanation. >From the swap side, get_swap_device also ensures the offset is still in the valid lookup range so the worst thing is a very rare inaccurate value. PTE change will mean the page is being swapped in/out or zapped, so if the mincore is called by like a jitter earlier / later, the result changes. So I thought it hard to define the accuracy in such a case considering the timing. > > Since you only wrote the patch because you thought the lock was > unnecessary, I'd prefer it if you drop this patch. Understandable, I can update and keep patch 1 and 2, which improves the performance and clean it up without causing any potential accuracy issues.
Powered by blists - more mailing lists