lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 31 Mar 2022 00:04:09 +0000
From:   "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "linux-mm@...ck.org" <linux-mm@...ck.org>,
        "song@...nel.org" <song@...nel.org>,
        "bpf@...r.kernel.org" <bpf@...r.kernel.org>,
        "x86@...nel.org" <x86@...nel.org>
CC:     "daniel@...earbox.net" <daniel@...earbox.net>,
        "andrii@...nel.org" <andrii@...nel.org>,
        "kernel-team@...com" <kernel-team@...com>,
        "pmenzel@...gen.mpg.de" <pmenzel@...gen.mpg.de>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        "ast@...nel.org" <ast@...nel.org>
Subject: Re: [PATCH bpf 0/4] introduce HAVE_ARCH_HUGE_VMALLOC_FLAG for
 bpf_prog_pack

On Wed, 2022-03-30 at 15:56 -0700, Song Liu wrote:
> [1] 
> https://lore.kernel.org/lkml/5bd16e2c06a2df357400556c6ae01bb5d3c5c32a.camel@intel.com/

The issues I brought up around VM_FLUSH_RESET_PERMS are not fixed in
this series. And I think the solution I proposed is kind of wonky with
respect to hibernate. So I think maybe hibernate should be fixed to not
impose restrictions on the direct map, so the wonkiness is not needed.
But then this "fixes" series becomes quite extensive.

I wonder, why not just push the patch 1 here, then re-enable this thing
when it is all properly fixed up. It looked like your code could handle
the allocation not actually getting large pages.

Another solution that would keep large pages but still need fixing up
later: Just don't use VM_FLUSH_RESET_PERMS for now. Call
set_memory_nx() and then set_memory_rw() on the module space address
before vfree(). This will clean up everything that's needed with
respect to direct map permissions. Have vmalloc warn if is sees
VM_FLUSH_RESET_PERMS and huge pages together.

Powered by blists - more mailing lists