From: Kees Cook <keescook@chromium.org>
To: David Hildenbrand <david@redhat.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
"Matthew Wilcox" <willy@infradead.org>,
"Michal Hocko" <mhocko@kernel.org>,
"Andrew Morton" <akpm@linux-foundation.org>,
kvm-ppc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
kvm@vger.kernel.org, linux-hyperv@vger.kernel.org,
devel@driverdev.osuosl.org, xen-devel@lists.xenproject.org,
x86@kernel.org, "Alexander Duyck" <alexander.duyck@gmail.com>,
"Alexander Duyck" <alexander.h.duyck@linux.intel.com>,
"Alex Williamson" <alex.williamson@redhat.com>,
"Allison Randal" <allison@lohutok.net>,
"Andy Lutomirski" <luto@kernel.org>,
"Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
"Anshuman Khandual" <anshuman.khandual@arm.com>,
"Anthony Yznaga" <anthony.yznaga@oracle.com>,
"Ben Chan" <benchan@chromium.org>,
"Benjamin Herrenschmidt" <benh@kernel.crashing.org>,
"Borislav Petkov" <bp@alien8.de>,
"Boris Ostrovsky" <boris.ostrovsky@oracle.com>,
"Christophe Leroy" <christophe.leroy@c-s.fr>,
"Cornelia Huck" <cohuck@redhat.com>,
"Dan Carpenter" <dan.carpenter@oracle.com>,
"Dan Williams" <dan.j.williams@intel.com>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
"Fabio Estevam" <festevam@gmail.com>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"Haiyang Zhang" <haiyangz@microsoft.com>,
"H. Peter Anvin" <hpa@zytor.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Isaac J. Manjarres" <isaacm@codeaurora.org>,
"Jeremy Sowden" <jeremy@azazel.net>,
"Jim Mattson" <jmattson@google.com>,
"Joerg Roedel" <joro@8bytes.org>,
"Johannes Weiner" <hannes@cmpxchg.org>,
"Juergen Gross" <jgross@suse.com>,
"KarimAllah Ahmed" <karahmed@amazon.de>,
"Kate Stewart" <kstewart@linuxfoundation.org>,
"K. Y. Srinivasan" <kys@microsoft.com>,
"Madhumitha Prabakaran" <madhumithabiw@gmail.com>,
"Matt Sickler" <Matt.Sickler@daktronics.com>,
"Mel Gorman" <mgorman@techsingularity.net>,
"Michael Ellerman" <mpe@ellerman.id.au>,
"Michal Hocko" <mhocko@suse.com>,
"Mike Rapoport" <rppt@linux.ibm.com>,
"Mike Rapoport" <rppt@linux.vnet.ibm.com>,
"Nicholas Piggin" <npiggin@gmail.com>,
"Nishka Dasgupta" <nishkadg.linux@gmail.com>,
"Oscar Salvador" <osalvador@suse.de>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Paul Mackerras" <paulus@ozlabs.org>,
"Paul Mackerras" <paulus@samba.org>,
"Pavel Tatashin" <pasha.tatashin@soleen.com>,
"Pavel Tatashin" <pavel.tatashin@microsoft.com>,
"Peter Zijlstra" <peterz@infradead.org>, "Qian Cai" <cai@lca.pw>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Rob Springer" <rspringer@google.com>,
"Sasha Levin" <sashal@kernel.org>,
"Sean Christopherson" <sean.j.christopherson@intel.com>,
"Simon Sandström" <simon@nikanor.nu>,
"Stefano Stabellini" <sstabellini@kernel.org>,
"Stephen Hemminger" <sthemmin@microsoft.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Todd Poynor" <toddpoynor@google.com>,
"Vandana BN" <bnvandana@gmail.com>,
"Vitaly Kuznetsov" <vkuznets@redhat.com>,
"Vlastimil Babka" <vbabka@suse.cz>,
"Wanpeng Li" <wanpengli@tencent.com>,
YueHaibing <yuehaibing@huawei.com>
Subject: Re: [PATCH RFC v1 02/12] mm/usercopy.c: Prepare check_page_span() for PG_reserved changes
Date: Wed, 23 Oct 2019 09:25:49 -0700 [thread overview]
Message-ID: <201910230924.DE879ED80F@keescook> (raw)
In-Reply-To: <a8313fb1-50f3-9083-fd07-297ddf86658e@redhat.com>
On Wed, Oct 23, 2019 at 10:20:14AM +0200, David Hildenbrand wrote:
> On 22.10.19 19:12, David Hildenbrand wrote:
> > Right now, ZONE_DEVICE memory is always set PG_reserved. We want to
> > change that.
> >
> > Let's make sure that the logic in the function won't change. Once we no
> > longer set these pages to reserved, we can rework this function to
> > perform separate checks for ZONE_DEVICE (split from PG_reserved checks).
> >
> > Cc: Kees Cook <keescook@chromium.org>
> > Cc: Andrew Morton <akpm@linux-foundation.org>
> > Cc: Kate Stewart <kstewart@linuxfoundation.org>
> > Cc: Allison Randal <allison@lohutok.net>
> > Cc: "Isaac J. Manjarres" <isaacm@codeaurora.org>
> > Cc: Qian Cai <cai@lca.pw>
> > Cc: Thomas Gleixner <tglx@linutronix.de>
> > Signed-off-by: David Hildenbrand <david@redhat.com>
> > ---
> > mm/usercopy.c | 5 +++--
> > 1 file changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/mm/usercopy.c b/mm/usercopy.c
> > index 660717a1ea5c..a3ac4be35cde 100644
> > --- a/mm/usercopy.c
> > +++ b/mm/usercopy.c
> > @@ -203,14 +203,15 @@ static inline void check_page_span(const void *ptr, unsigned long n,
> > * device memory), or CMA. Otherwise, reject since the object spans
> > * several independently allocated pages.
> > */
> > - is_reserved = PageReserved(page);
> > + is_reserved = PageReserved(page) || is_zone_device_page(page);
> > is_cma = is_migrate_cma_page(page);
> > if (!is_reserved && !is_cma)
> > usercopy_abort("spans multiple pages", NULL, to_user, 0, n);
> > for (ptr += PAGE_SIZE; ptr <= end; ptr += PAGE_SIZE) {
> > page = virt_to_head_page(ptr);
> > - if (is_reserved && !PageReserved(page))
> > + if (is_reserved && !(PageReserved(page) ||
> > + is_zone_device_page(page)))
> > usercopy_abort("spans Reserved and non-Reserved pages",
> > NULL, to_user, 0, n);
> > if (is_cma && !is_migrate_cma_page(page))
> >
>
> @Kees, would it be okay to stop checking against ZONE_DEVICE pages here or
> is there a good rationale behind this?
>
> (I would turn this patch into a simple update of the comment if we agree
> that we don't care)
There has been work to actually remove the page span checks entirely,
but there wasn't consensus on what the right way forward was. I continue
to leaning toward just dropping it entirely, but Matthew Wilcox has some
alternative ideas that could use some further thought/testing.
--
Kees Cook
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: David Hildenbrand <david@redhat.com>
Cc: "Kate Stewart" <kstewart@linuxfoundation.org>,
"Sasha Levin" <sashal@kernel.org>,
linux-hyperv@vger.kernel.org, "Michal Hocko" <mhocko@suse.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
kvm@vger.kernel.org,
"Pavel Tatashin" <pavel.tatashin@microsoft.com>,
"KarimAllah Ahmed" <karahmed@amazon.de>,
"Benjamin Herrenschmidt" <benh@kernel.crashing.org>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
"Alexander Duyck" <alexander.duyck@gmail.com>,
"Michal Hocko" <mhocko@kernel.org>,
"Paul Mackerras" <paulus@ozlabs.org>,
linux-mm@kvack.org, "Paul Mackerras" <paulus@samba.org>,
"Michael Ellerman" <mpe@ellerman.id.au>,
"H. Peter Anvin" <hpa@zytor.com>,
"Wanpeng Li" <wanpengli@tencent.com>,
"Alexander Duyck" <alexander.h.duyck@linux.intel.com>,
"Pavel Tatashin" <pasha.tatashin@soleen.com>,
devel@driverdev.osuosl.org,
"Stefano Stabellini" <sstabellini@kernel.org>,
"Stephen Hemminger" <sthemmin@microsoft.com>,
"Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
"Joerg Roedel" <joro@8bytes.org>,
x86@kernel.org, YueHaibing <yuehaibing@huawei.com>,
"Matthew Wilcox" <willy@infradead.org>,
"Mike Rapoport" <rppt@linux.ibm.com>,
"Madhumitha Prabakaran" <madhumithabiw@gmail.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Ingo Molnar" <mingo@redhat.com>,
"Vlastimil Babka" <vbabka@suse.cz>,
"Nishka Dasgupta" <nishkadg.linux@gmail.com>,
"Anthony Yznaga" <anthony.yznaga@oracle.com>,
"Oscar Salvador" <osalvador@suse.de>,
"Dan Carpenter" <dan.carpenter@oracle.com>,
"Isaac J. Manjarres" <isaacm@codeaurora.org>,
"Juergen Gross" <jgross@suse.com>,
"Anshuman Khandual" <anshuman.khandual@arm.com>,
"Haiyang Zhang" <haiyangz@microsoft.com>,
"Simon Sandström" <simon@nikanor.nu>,
"Dan Williams" <dan.j.williams@intel.com>,
kvm-ppc@vger.kernel.org, "Qian Cai" <cai@lca.pw>,
"Alex Williamson" <alex.williamson@redhat.com>,
"Mike Rapoport" <rppt@linux.vnet.ibm.com>,
"Borislav Petkov" <bp@alien8.de>,
"Nicholas Piggin" <npiggin@gmail.com>,
"Andy Lutomirski" <luto@kernel.org>,
xen-devel@lists.xenproject.org,
"Boris Ostrovsky" <boris.ostrovsky@oracle.com>,
"Todd Poynor" <toddpoynor@google.com>,
"Vitaly Kuznetsov" <vkuznets@redhat.com>,
"Allison Randal" <allison@lohutok.net>,
"Jim Mattson" <jmattson@google.com>,
"Christophe Leroy" <christophe.leroy@c-s.fr>,
"Vandana BN" <bnvandana@gmail.com>,
"Mel Gorman" <mgorman@techsingularity.net>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"Cornelia Huck" <cohuck@redhat.com>,
linux-kernel@vger.kernel.org,
"Sean Christopherson" <sean.j.christopherson@intel.com>,
"Rob Springer" <rspringer@google.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Johannes Weiner" <hannes@cmpxchg.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
linuxppc-dev@lists.ozlabs.org
Subject: Re: [PATCH RFC v1 02/12] mm/usercopy.c: Prepare check_page_span() for PG_reserved changes
Date: Wed, 23 Oct 2019 09:25:49 -0700 [thread overview]
Message-ID: <201910230924.DE879ED80F@keescook> (raw)
In-Reply-To: <a8313fb1-50f3-9083-fd07-297ddf86658e@redhat.com>
On Wed, Oct 23, 2019 at 10:20:14AM +0200, David Hildenbrand wrote:
> On 22.10.19 19:12, David Hildenbrand wrote:
> > Right now, ZONE_DEVICE memory is always set PG_reserved. We want to
> > change that.
> >
> > Let's make sure that the logic in the function won't change. Once we no
> > longer set these pages to reserved, we can rework this function to
> > perform separate checks for ZONE_DEVICE (split from PG_reserved checks).
> >
> > Cc: Kees Cook <keescook@chromium.org>
> > Cc: Andrew Morton <akpm@linux-foundation.org>
> > Cc: Kate Stewart <kstewart@linuxfoundation.org>
> > Cc: Allison Randal <allison@lohutok.net>
> > Cc: "Isaac J. Manjarres" <isaacm@codeaurora.org>
> > Cc: Qian Cai <cai@lca.pw>
> > Cc: Thomas Gleixner <tglx@linutronix.de>
> > Signed-off-by: David Hildenbrand <david@redhat.com>
> > ---
> > mm/usercopy.c | 5 +++--
> > 1 file changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/mm/usercopy.c b/mm/usercopy.c
> > index 660717a1ea5c..a3ac4be35cde 100644
> > --- a/mm/usercopy.c
> > +++ b/mm/usercopy.c
> > @@ -203,14 +203,15 @@ static inline void check_page_span(const void *ptr, unsigned long n,
> > * device memory), or CMA. Otherwise, reject since the object spans
> > * several independently allocated pages.
> > */
> > - is_reserved = PageReserved(page);
> > + is_reserved = PageReserved(page) || is_zone_device_page(page);
> > is_cma = is_migrate_cma_page(page);
> > if (!is_reserved && !is_cma)
> > usercopy_abort("spans multiple pages", NULL, to_user, 0, n);
> > for (ptr += PAGE_SIZE; ptr <= end; ptr += PAGE_SIZE) {
> > page = virt_to_head_page(ptr);
> > - if (is_reserved && !PageReserved(page))
> > + if (is_reserved && !(PageReserved(page) ||
> > + is_zone_device_page(page)))
> > usercopy_abort("spans Reserved and non-Reserved pages",
> > NULL, to_user, 0, n);
> > if (is_cma && !is_migrate_cma_page(page))
> >
>
> @Kees, would it be okay to stop checking against ZONE_DEVICE pages here or
> is there a good rationale behind this?
>
> (I would turn this patch into a simple update of the comment if we agree
> that we don't care)
There has been work to actually remove the page span checks entirely,
but there wasn't consensus on what the right way forward was. I continue
to leaning toward just dropping it entirely, but Matthew Wilcox has some
alternative ideas that could use some further thought/testing.
--
Kees Cook
_______________________________________________
devel mailing list
devel@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: David Hildenbrand <david@redhat.com>
Cc: "Kate Stewart" <kstewart@linuxfoundation.org>,
"Sasha Levin" <sashal@kernel.org>,
linux-hyperv@vger.kernel.org, "Michal Hocko" <mhocko@suse.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
kvm@vger.kernel.org,
"Pavel Tatashin" <pavel.tatashin@microsoft.com>,
"KarimAllah Ahmed" <karahmed@amazon.de>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
"Alexander Duyck" <alexander.duyck@gmail.com>,
"Michal Hocko" <mhocko@kernel.org>,
linux-mm@kvack.org, "Paul Mackerras" <paulus@samba.org>,
"H. Peter Anvin" <hpa@zytor.com>,
"Wanpeng Li" <wanpengli@tencent.com>,
"Alexander Duyck" <alexander.h.duyck@linux.intel.com>,
"K. Y. Srinivasan" <kys@microsoft.com>,
"Fabio Estevam" <festevam@gmail.com>,
"Ben Chan" <benchan@chromium.org>,
"Pavel Tatashin" <pasha.tatashin@soleen.com>,
devel@driverdev.osuosl.org,
"Stefano Stabellini" <sstabellini@kernel.org>,
"Stephen Hemminger" <sthemmin@microsoft.com>,
"Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
"Joerg Roedel" <joro@8bytes.org>,
x86@kernel.org, YueHaibing <yuehaibing@huawei.com>,
"Matthew Wilcox" <willy@infradead.org>,
"Mike Rapoport" <rppt@linux.ibm.com>,
"Madhumitha Prabakaran" <madhumithabiw@gmail.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Ingo Molnar" <mingo@redhat.com>,
"Vlastimil Babka" <vbabka@suse.cz>,
"Nishka Dasgupta" <nishkadg.linux@gmail.com>,
"Anthony Yznaga" <anthony.yznaga@oracle.com>,
"Oscar Salvador" <osalvador@suse.de>,
"Dan Carpenter" <dan.carpenter@oracle.com>,
"Isaac J. Manjarres" <isaacm@codeaurora.org>,
"Matt Sickler" <Matt.Sickler@daktronics.com>,
"Juergen Gross" <jgross@suse.com>,
"Anshuman Khandual" <anshuman.khandual@arm.com>,
"Haiyang Zhang" <haiyangz@microsoft.com>,
"Simon Sandström" <simon@nikanor.nu>,
"Dan Williams" <dan.j.williams@intel.com>,
kvm-ppc@vger.kernel.org, "Qian Cai" <cai@lca.pw>,
"Alex Williamson" <alex.williamson@redhat.com>,
"Mike Rapoport" <rppt@linux.vnet.ibm.com>,
"Borislav Petkov" <bp@alien8.de>,
"Nicholas Piggin" <npiggin@gmail.com>,
"Andy Lutomirski" <luto@kernel.org>,
xen-devel@lists.xenproject.org,
"Boris Ostrovsky" <boris.ostrovsky@oracle.com>,
"Todd Poynor" <toddpoynor@google.com>,
"Vitaly Kuznetsov" <vkuznets@redhat.com>,
"Allison Randal" <allison@lohutok.net>,
"Jim Mattson" <jmattson@google.com>,
"Vandana BN" <bnvandana@gmail.com>,
"Jeremy Sowden" <jeremy@azazel.net>,
"Mel Gorman" <mgorman@techsingularity.net>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"Cornelia Huck" <cohuck@redhat.com>,
linux-kernel@vger.kernel.org,
"Sean Christopherson" <sean.j.christopherson@intel.com>,
"Rob Springer" <rspringer@google.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Johannes Weiner" <hannes@cmpxchg.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
linuxppc-dev@lists.ozlabs.org
Subject: Re: [PATCH RFC v1 02/12] mm/usercopy.c: Prepare check_page_span() for PG_reserved changes
Date: Wed, 23 Oct 2019 09:25:49 -0700 [thread overview]
Message-ID: <201910230924.DE879ED80F@keescook> (raw)
In-Reply-To: <a8313fb1-50f3-9083-fd07-297ddf86658e@redhat.com>
On Wed, Oct 23, 2019 at 10:20:14AM +0200, David Hildenbrand wrote:
> On 22.10.19 19:12, David Hildenbrand wrote:
> > Right now, ZONE_DEVICE memory is always set PG_reserved. We want to
> > change that.
> >
> > Let's make sure that the logic in the function won't change. Once we no
> > longer set these pages to reserved, we can rework this function to
> > perform separate checks for ZONE_DEVICE (split from PG_reserved checks).
> >
> > Cc: Kees Cook <keescook@chromium.org>
> > Cc: Andrew Morton <akpm@linux-foundation.org>
> > Cc: Kate Stewart <kstewart@linuxfoundation.org>
> > Cc: Allison Randal <allison@lohutok.net>
> > Cc: "Isaac J. Manjarres" <isaacm@codeaurora.org>
> > Cc: Qian Cai <cai@lca.pw>
> > Cc: Thomas Gleixner <tglx@linutronix.de>
> > Signed-off-by: David Hildenbrand <david@redhat.com>
> > ---
> > mm/usercopy.c | 5 +++--
> > 1 file changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/mm/usercopy.c b/mm/usercopy.c
> > index 660717a1ea5c..a3ac4be35cde 100644
> > --- a/mm/usercopy.c
> > +++ b/mm/usercopy.c
> > @@ -203,14 +203,15 @@ static inline void check_page_span(const void *ptr, unsigned long n,
> > * device memory), or CMA. Otherwise, reject since the object spans
> > * several independently allocated pages.
> > */
> > - is_reserved = PageReserved(page);
> > + is_reserved = PageReserved(page) || is_zone_device_page(page);
> > is_cma = is_migrate_cma_page(page);
> > if (!is_reserved && !is_cma)
> > usercopy_abort("spans multiple pages", NULL, to_user, 0, n);
> > for (ptr += PAGE_SIZE; ptr <= end; ptr += PAGE_SIZE) {
> > page = virt_to_head_page(ptr);
> > - if (is_reserved && !PageReserved(page))
> > + if (is_reserved && !(PageReserved(page) ||
> > + is_zone_device_page(page)))
> > usercopy_abort("spans Reserved and non-Reserved pages",
> > NULL, to_user, 0, n);
> > if (is_cma && !is_migrate_cma_page(page))
> >
>
> @Kees, would it be okay to stop checking against ZONE_DEVICE pages here or
> is there a good rationale behind this?
>
> (I would turn this patch into a simple update of the comment if we agree
> that we don't care)
There has been work to actually remove the page span checks entirely,
but there wasn't consensus on what the right way forward was. I continue
to leaning toward just dropping it entirely, but Matthew Wilcox has some
alternative ideas that could use some further thought/testing.
--
Kees Cook
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: David Hildenbrand <david@redhat.com>
Cc: "Kate Stewart" <kstewart@linuxfoundation.org>,
"Sasha Levin" <sashal@kernel.org>,
linux-hyperv@vger.kernel.org, "Michal Hocko" <mhocko@suse.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
kvm@vger.kernel.org,
"Pavel Tatashin" <pavel.tatashin@microsoft.com>,
"KarimAllah Ahmed" <karahmed@amazon.de>,
"Benjamin Herrenschmidt" <benh@kernel.crashing.org>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
"Alexander Duyck" <alexander.duyck@gmail.com>,
"Michal Hocko" <mhocko@kernel.org>,
"Paul Mackerras" <paulus@ozlabs.org>,
linux-mm@kvack.org, "Paul Mackerras" <paulus@samba.org>,
"Michael Ellerman" <mpe@ellerman.id.au>,
"H. Peter Anvin" <hpa@zytor.com>,
"Wanpeng Li" <wanpengli@tencent.com>,
"Alexander Duyck" <alexander.h.duyck@linux.intel.com>,
"K. Y. Srinivasan" <kys@microsoft.com>,
"Fabio Estevam" <festevam@gmail.com>,
"Ben Chan" <benchan@chromium.org>,
"Pavel Tatashin" <pasha.tatashin@soleen.com>,
devel@driverdev.osuosl.org,
"Stefano Stabellini" <sstabellini@kernel.org>,
"Stephen Hemminger" <sthemmin@microsoft.com>,
"Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
"Joerg Roedel" <joro@8bytes.org>,
x86@kernel.org, YueHaibing <yuehaibing@huawei.com>,
"Matthew Wilcox" <willy@infradead.org>,
"Mike Rapoport" <rppt@linux.ibm.com>,
"Madhumitha Prabakaran" <madhumithabiw@gmail.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Ingo Molnar" <mingo@redhat.com>,
"Vlastimil Babka" <vbabka@suse.cz>,
"Nishka Dasgupta" <nishkadg.linux@gmail.com>,
"Anthony Yznaga" <anthony.yznaga@oracle.com>,
"Oscar Salvador" <osalvador@suse.de>,
"Dan Carpenter" <dan.carpenter@oracle.com>,
"Isaac J. Manjarres" <isaacm@codeaurora.org>,
"Matt Sickler" <Matt.Sickler@daktronics.com>,
"Juergen Gross" <jgross@suse.com>,
"Anshuman Khandual" <anshuman.khandual@arm.com>,
"Haiyang Zhang" <haiyangz@microsoft.com>,
"Simon Sandström" <simon@nikanor.nu>,
"Dan Williams" <dan.j.williams@intel.com>,
kvm-ppc@vger.kernel.org, "Qian Cai" <cai@lca.pw>,
"Alex Williamson" <alex.williamson@redhat.com>,
"Mike Rapoport" <rppt@linux.vnet.ibm.com>,
"Borislav Petkov" <bp@alien8.de>,
"Nicholas Piggin" <npiggin@gmail.com>,
"Andy Lutomirski" <luto@kernel.org>,
xen-devel@lists.xenproject.org,
"Boris Ostrovsky" <boris.ostrovsky@oracle.com>,
"Todd Poynor" <toddpoynor@google.com>,
"Vitaly Kuznetsov" <vkuznets@redhat.com>,
"Allison Randal" <allison@lohutok.net>,
"Jim Mattson" <jmattson@google.com>,
"Christophe Leroy" <christophe.leroy@c-s.fr>,
"Vandana BN" <bnvandana@gmail.com>,
"Jeremy Sowden" <jeremy@azazel.net>,
"Mel Gorman" <mgorman@techsingularity.net>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"Cornelia Huck" <cohuck@redhat.com>,
linux-kernel@vger.kernel.org,
"Sean Christopherson" <sean.j.christopherson@intel.com>,
"Rob Springer" <rspringer@google.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Johannes Weiner" <hannes@cmpxchg.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
linuxppc-dev@lists.ozlabs.org
Subject: Re: [Xen-devel] [PATCH RFC v1 02/12] mm/usercopy.c: Prepare check_page_span() for PG_reserved changes
Date: Wed, 23 Oct 2019 09:25:49 -0700 [thread overview]
Message-ID: <201910230924.DE879ED80F@keescook> (raw)
In-Reply-To: <a8313fb1-50f3-9083-fd07-297ddf86658e@redhat.com>
On Wed, Oct 23, 2019 at 10:20:14AM +0200, David Hildenbrand wrote:
> On 22.10.19 19:12, David Hildenbrand wrote:
> > Right now, ZONE_DEVICE memory is always set PG_reserved. We want to
> > change that.
> >
> > Let's make sure that the logic in the function won't change. Once we no
> > longer set these pages to reserved, we can rework this function to
> > perform separate checks for ZONE_DEVICE (split from PG_reserved checks).
> >
> > Cc: Kees Cook <keescook@chromium.org>
> > Cc: Andrew Morton <akpm@linux-foundation.org>
> > Cc: Kate Stewart <kstewart@linuxfoundation.org>
> > Cc: Allison Randal <allison@lohutok.net>
> > Cc: "Isaac J. Manjarres" <isaacm@codeaurora.org>
> > Cc: Qian Cai <cai@lca.pw>
> > Cc: Thomas Gleixner <tglx@linutronix.de>
> > Signed-off-by: David Hildenbrand <david@redhat.com>
> > ---
> > mm/usercopy.c | 5 +++--
> > 1 file changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/mm/usercopy.c b/mm/usercopy.c
> > index 660717a1ea5c..a3ac4be35cde 100644
> > --- a/mm/usercopy.c
> > +++ b/mm/usercopy.c
> > @@ -203,14 +203,15 @@ static inline void check_page_span(const void *ptr, unsigned long n,
> > * device memory), or CMA. Otherwise, reject since the object spans
> > * several independently allocated pages.
> > */
> > - is_reserved = PageReserved(page);
> > + is_reserved = PageReserved(page) || is_zone_device_page(page);
> > is_cma = is_migrate_cma_page(page);
> > if (!is_reserved && !is_cma)
> > usercopy_abort("spans multiple pages", NULL, to_user, 0, n);
> > for (ptr += PAGE_SIZE; ptr <= end; ptr += PAGE_SIZE) {
> > page = virt_to_head_page(ptr);
> > - if (is_reserved && !PageReserved(page))
> > + if (is_reserved && !(PageReserved(page) ||
> > + is_zone_device_page(page)))
> > usercopy_abort("spans Reserved and non-Reserved pages",
> > NULL, to_user, 0, n);
> > if (is_cma && !is_migrate_cma_page(page))
> >
>
> @Kees, would it be okay to stop checking against ZONE_DEVICE pages here or
> is there a good rationale behind this?
>
> (I would turn this patch into a simple update of the comment if we agree
> that we don't care)
There has been work to actually remove the page span checks entirely,
but there wasn't consensus on what the right way forward was. I continue
to leaning toward just dropping it entirely, but Matthew Wilcox has some
alternative ideas that could use some further thought/testing.
--
Kees Cook
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2019-10-23 16:25 UTC|newest]
Thread overview: 112+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-22 17:12 [PATCH RFC v1 00/12] mm: Don't mark hotplugged pages PG_reserved (including ZONE_DEVICE) David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 01/12] mm/memory_hotplug: Don't allow to online/offline memory blocks with holes David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-24 3:53 ` Anshuman Khandual
2019-10-24 3:53 ` [Xen-devel] " Anshuman Khandual
2019-10-24 3:53 ` Anshuman Khandual
2019-10-24 3:53 ` Anshuman Khandual
2019-10-24 7:55 ` David Hildenbrand
2019-10-24 7:55 ` [Xen-devel] " David Hildenbrand
2019-10-24 7:55 ` David Hildenbrand
2019-10-24 7:55 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 02/12] mm/usercopy.c: Prepare check_page_span() for PG_reserved changes David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-23 8:20 ` David Hildenbrand
2019-10-23 8:20 ` [Xen-devel] " David Hildenbrand
2019-10-23 8:20 ` David Hildenbrand
2019-10-23 8:20 ` David Hildenbrand
2019-10-23 16:25 ` Kees Cook [this message]
2019-10-23 16:25 ` [Xen-devel] " Kees Cook
2019-10-23 16:25 ` Kees Cook
2019-10-23 16:25 ` Kees Cook
2019-10-23 16:32 ` David Hildenbrand
2019-10-23 16:32 ` [Xen-devel] " David Hildenbrand
2019-10-23 16:32 ` David Hildenbrand
2019-10-23 16:32 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 03/12] KVM: x86/mmu: Prepare kvm_is_mmio_pfn() " David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 04/12] KVM: Prepare kvm_is_reserved_pfn() " David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 05/12] vfio/type1: Prepare is_invalid_reserved_pfn() " David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 06/12] staging/gasket: Prepare gasket_release_page() " David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-23 8:17 ` David Hildenbrand
2019-10-23 8:17 ` [Xen-devel] " David Hildenbrand
2019-10-23 8:17 ` David Hildenbrand
2019-10-23 8:17 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 07/12] staging: kpc2000: Prepare transfer_complete_cb() " David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:55 ` Matt Sickler
2019-10-22 17:55 ` [Xen-devel] " Matt Sickler
2019-10-22 17:55 ` Matt Sickler
2019-10-22 17:55 ` Matt Sickler
2019-10-22 21:01 ` David Hildenbrand
2019-10-22 21:01 ` [Xen-devel] " David Hildenbrand
2019-10-22 21:01 ` David Hildenbrand
2019-10-22 21:01 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 08/12] powerpc/book3s: Prepare kvmppc_book3s_instantiate_page() " David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 09/12] powerpc/64s: Prepare hash_page_do_lazy_icache() " David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 10/12] powerpc/mm: Prepare maybe_pte_to_page() " David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 11/12] x86/mm: Prepare __ioremap_check_ram() " David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` [PATCH RFC v1 12/12] mm/memory_hotplug: Don't mark pages PG_reserved when initializing the memmap David Hildenbrand
2019-10-22 17:12 ` [Xen-devel] " David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 17:12 ` David Hildenbrand
2019-10-22 21:54 ` [PATCH RFC v1 00/12] mm: Don't mark hotplugged pages PG_reserved (including ZONE_DEVICE) Dan Williams
2019-10-22 21:54 ` [Xen-devel] " Dan Williams
2019-10-22 21:54 ` Dan Williams
2019-10-22 21:54 ` Dan Williams
2019-10-23 7:26 ` David Hildenbrand
2019-10-23 7:26 ` [Xen-devel] " David Hildenbrand
2019-10-23 7:26 ` David Hildenbrand
2019-10-23 7:26 ` David Hildenbrand
2019-10-23 17:09 ` Dan Williams
2019-10-23 17:09 ` [Xen-devel] " Dan Williams
2019-10-23 17:09 ` Dan Williams
2019-10-23 17:09 ` Dan Williams
2019-10-23 17:27 ` David Hildenbrand
2019-10-23 17:27 ` [Xen-devel] " David Hildenbrand
2019-10-23 17:27 ` David Hildenbrand
2019-10-23 17:27 ` David Hildenbrand
2019-10-23 19:39 ` Dan Williams
2019-10-23 19:39 ` [Xen-devel] " Dan Williams
2019-10-23 19:39 ` Dan Williams
2019-10-23 19:39 ` Dan Williams
2019-10-23 21:22 ` David Hildenbrand
2019-10-23 21:22 ` [Xen-devel] " David Hildenbrand
2019-10-23 21:22 ` David Hildenbrand
2019-10-23 21:22 ` David Hildenbrand
2019-10-24 12:50 ` David Hildenbrand
2019-10-24 12:50 ` [Xen-devel] " David Hildenbrand
2019-10-24 12:50 ` David Hildenbrand
2019-10-24 12:50 ` David Hildenbrand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201910230924.DE879ED80F@keescook \
--to=keescook@chromium.org \
--cc=Matt.Sickler@daktronics.com \
--cc=akpm@linux-foundation.org \
--cc=alex.williamson@redhat.com \
--cc=alexander.duyck@gmail.com \
--cc=alexander.h.duyck@linux.intel.com \
--cc=allison@lohutok.net \
--cc=aneesh.kumar@linux.ibm.com \
--cc=anshuman.khandual@arm.com \
--cc=anthony.yznaga@oracle.com \
--cc=benchan@chromium.org \
--cc=benh@kernel.crashing.org \
--cc=bnvandana@gmail.com \
--cc=boris.ostrovsky@oracle.com \
--cc=bp@alien8.de \
--cc=cai@lca.pw \
--cc=christophe.leroy@c-s.fr \
--cc=cohuck@redhat.com \
--cc=dan.carpenter@oracle.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=david@redhat.com \
--cc=devel@driverdev.osuosl.org \
--cc=festevam@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=haiyangz@microsoft.com \
--cc=hannes@cmpxchg.org \
--cc=hpa@zytor.com \
--cc=isaacm@codeaurora.org \
--cc=jeremy@azazel.net \
--cc=jgross@suse.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=karahmed@amazon.de \
--cc=kstewart@linuxfoundation.org \
--cc=kvm-ppc@vger.kernel.org \
--cc=kvm@vger.kernel.org \
--cc=kys@microsoft.com \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=luto@kernel.org \
--cc=madhumithabiw@gmail.com \
--cc=mgorman@techsingularity.net \
--cc=mhocko@kernel.org \
--cc=mhocko@suse.com \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=nishkadg.linux@gmail.com \
--cc=npiggin@gmail.com \
--cc=osalvador@suse.de \
--cc=pasha.tatashin@soleen.com \
--cc=paulus@ozlabs.org \
--cc=paulus@samba.org \
--cc=pavel.tatashin@microsoft.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rkrcmar@redhat.com \
--cc=rppt@linux.ibm.com \
--cc=rppt@linux.vnet.ibm.com \
--cc=rspringer@google.com \
--cc=sashal@kernel.org \
--cc=sean.j.christopherson@intel.com \
--cc=simon@nikanor.nu \
--cc=sstabellini@kernel.org \
--cc=sthemmin@microsoft.com \
--cc=tglx@linutronix.de \
--cc=toddpoynor@google.com \
--cc=vbabka@suse.cz \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=willy@infradead.org \
--cc=x86@kernel.org \
--cc=xen-devel@lists.xenproject.org \
--cc=yuehaibing@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.