From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C1BC7C282D8 for ; Fri, 1 Feb 2019 07:22:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 83DC620857 for ; Fri, 1 Feb 2019 07:22:13 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b="Dz9K88dH" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726092AbfBAHWN (ORCPT ); Fri, 1 Feb 2019 02:22:13 -0500 Received: from mail-lf1-f68.google.com ([209.85.167.68]:37908 "EHLO mail-lf1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725807AbfBAHWM (ORCPT ); Fri, 1 Feb 2019 02:22:12 -0500 Received: by mail-lf1-f68.google.com with SMTP id a8so4293364lfk.5 for ; Thu, 31 Jan 2019 23:22:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=P18BFRM3FHB2HT0zP5dgNZMDiNjCSTJ5pMr531eoN/M=; b=Dz9K88dHG0MbOo5xXIKHy6zdQlsgU8yR75VOq/fcOVBfdMTH0TkY2f7OZ29Vni7G7T PrPv8xbCSagWseLm8k1O37oAaGqIQshCQSPPfK6Op87yEDO24e8qkElqk+QU7F0wW8Bm eG7DkoUiiW6lL19Q6f2MiV+avBrpKbTpyAAkI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=P18BFRM3FHB2HT0zP5dgNZMDiNjCSTJ5pMr531eoN/M=; b=pgM1EK8lOB87d55RWe8/gZe/DV8iYPKbrN34+o4zVLmyfZfRKCivGpwOZ2jwzA8Bs1 nBLWIOlVBl7GQzO1eoDrLaYKH52LRSOD3qAYtbYI8OLjH0uUUlrI979achUv5UBmRMIe RaVpcEtIrSBAd5/DUjR1y/SyvC7pBAdBMeH4kfdjPjA47+2Any2j5/9KyqsZuZMBaQ26 VS7T6Z3COtX0PF4OXikzK5n7AmmAWW6WwdyX6c1Rnrf9UFofVzZHgb+jSp/veVU4DKgy NRtoRlP7muU3Oc1q5sGsSjRn3YfQYjMp17V2vWSBQqhZGmEXIVOGU0b0h4O+otVfT72/ iM4w== X-Gm-Message-State: AHQUAuZUOW2BX7x+gyNCUz7THqi4ScLAzGMGrpLYm+nglRrMfTn1dcgw ifpLLeGx0oJjc1pRykH8bBPuf3b8pe4= X-Google-Smtp-Source: AHgI3IYU5LFWFOvYVarsQoLVIY8TSylUOOqvWrozf0ARC6lls9qlGa8Ct0SWz/9K3/J0PXtwlIzwNQ== X-Received: by 2002:a19:c18d:: with SMTP id r135mr287479lff.59.1549005730897; Thu, 31 Jan 2019 23:22:10 -0800 (PST) Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com. [209.85.167.51]) by smtp.gmail.com with ESMTPSA id b25-v6sm1147551lji.94.2019.01.31.23.22.10 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 31 Jan 2019 23:22:10 -0800 (PST) Received: by mail-lf1-f51.google.com with SMTP id f5so4248665lfc.13 for ; Thu, 31 Jan 2019 23:22:10 -0800 (PST) X-Received: by 2002:a19:ef15:: with SMTP id n21mr29965253lfh.21.1549005729676; Thu, 31 Jan 2019 23:22:09 -0800 (PST) MIME-Version: 1.0 References: <20190130124420.1834-1-vbabka@suse.cz> <20190130124420.1834-3-vbabka@suse.cz> <20190131095644.GR18811@dhcp22.suse.cz> <20190131102348.GT18811@dhcp22.suse.cz> <20190201051355.GV6173@dastard> In-Reply-To: From: Linus Torvalds Date: Thu, 31 Jan 2019 23:21:53 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 2/3] mm/filemap: initiate readahead even if IOCB_NOWAIT is set for the I/O To: Dave Chinner Cc: Michal Hocko , Jiri Kosina , Vlastimil Babka , Andrew Morton , Linux List Kernel Mailing , Linux-MM , Linux API , Peter Zijlstra , Greg KH , Jann Horn , Dominique Martinet , Andy Lutomirski , Kevin Easton , Matthew Wilcox , Cyril Hrubis , Tejun Heo , "Kirill A . Shutemov" , Daniel Gruss , linux-fsdevel Content-Type: text/plain; charset="UTF-8" Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org On Thu, Jan 31, 2019 at 11:05 PM Linus Torvalds wrote: > > And part of "best effort" is very much "not a security information leak". Side note: it's entirely possible that the preadv2(RWF_NOWAIT) interface is actually already effectively too slow to be effectively used as much of an attack vector. One of the advantages of mincore() for the attack was that you could just get a lot of page status information in one go. With RWF_NOWAIT, you only really get "up to the first non-cached page", so it's already a weaker signal than mincore() gave. System calls aren't horrendously slow (at least not with fixed non-meltdown CPU's), but it might still be a somewhat noticeable inconvenience in an attack that is already probably not all that easy to do on an arbitrary target. So it might not be a huge deal. But I think we should at least try to make things less useful for these kinds of attack vectors. And no, that doesn't mean "stop all theoretical attacks". It means "let's try to make things less convenient as a data leak". That's why things like "oh, you can still see the signal if you can keep the backing device congested" is not something I'd worry about. It's just another (big) inconvenience, and not all that simple to do. At some point, it's simply not worth it as an attack vector any more. Linus