| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Aug 2019 10:03:49 -0400
From: "Michael S. Tsirkin" <mst@...hat.com>
To: Jason Wang <jasowang@...hat.com>
Cc: Jason Gunthorpe <jgg@...pe.ca>, kvm@...r.kernel.org,
virtualization@...ts.linux-foundation.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [PATCH V2 7/9] vhost: do not use RCU to synchronize MMU notifier
with worker
On Fri, Aug 02, 2019 at 05:40:07PM +0800, Jason Wang wrote:
> Btw, I come up another idea, that is to disable preemption when vhost thread
> need to access the memory. Then register preempt notifier and if vhost
> thread is preempted, we're sure no one will access the memory and can do the
> cleanup.
Great, more notifiers :(
Maybe can live with
1- disable preemption while using the cached pointer
2- teach vhost to recover from memory access failures,
by switching to regular from/to user path
So if you want to try that, fine since it's a step in
the right direction.
But I think fundamentally it's not what we want to do long term.
It's always been a fundamental problem with this patch series that only
metadata is accessed through a direct pointer.
The difference in ways you handle metadata and data is what is
now coming and messing everything up.
So if continuing the direct map approach,
what is needed is a cache of mapped VM memory, then on a cache miss
we'd queue work along the lines of 1-2 above.
That's one direction to take. Another one is to give up on that and
write our own version of uaccess macros. Add a "high security" flag to
the vhost module and if not active use these for userspace memory
access.
--
MST
Powered by blists - more mailing lists