Re: [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Borislav Petkov <bp@xxxxxxxxx>
Subject: Re: [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW
From: "Yu, Yu-cheng" <yu-cheng.yu@xxxxxxxxx>
Date: Mon, 25 Jan 2021 14:18:37 -0800
Cc: x86@xxxxxxxxxx, "H. Peter Anvin" <hpa@xxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-doc@xxxxxxxxxxxxxxx, linux-mm@xxxxxxxxx, linux-arch@xxxxxxxxxxxxxxx, linux-api@xxxxxxxxxxxxxxx, Arnd Bergmann <arnd@xxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Balbir Singh <bsingharora@xxxxxxxxx>, Cyrill Gorcunov <gorcunov@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, Eugene Syromiatnikov <esyr@xxxxxxxxxx>, Florian Weimer <fweimer@xxxxxxxxxx>, "H.J. Lu" <hjl.tools@xxxxxxxxx>, Jann Horn <jannh@xxxxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Mike Kravetz <mike.kravetz@xxxxxxxxxx>, Nadav Amit <nadav.amit@xxxxxxxxx>, Oleg Nesterov <oleg@xxxxxxxxxx>, Pavel Machek <pavel@xxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Randy Dunlap <rdunlap@xxxxxxxxxxxxx>, "Ravi V. Shankar" <ravi.v.shankar@xxxxxxxxx>, Vedvyas Shanbhogue <vedvyas.shanbhogue@xxxxxxxxx>, Dave Martin <Dave.Martin@xxxxxxx>, Weijiang Yang <weijiang.yang@xxxxxxxxx>, Pengfei Xu <pengfei.xu@xxxxxxxxx>
In-reply-to: <20210125215558.GK23070@zn.tnic>
References: <20201229213053.16395-1-yu-cheng.yu@intel.com> <20201229213053.16395-12-yu-cheng.yu@intel.com> <20210125182709.GC23290@zn.tnic> <8084836b-4990-90e8-5c9a-97a920f0239e@intel.com> <20210125215558.GK23070@zn.tnic>
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1

On 1/25/2021 1:55 PM, Borislav Petkov wrote:

On Mon, Jan 25, 2021 at 01:27:51PM -0800, Yu, Yu-cheng wrote:

Maybe I'm missing something but those two can happen outside of the
loop, no? Or is *ptep somehow changing concurrently while the loop is
doing the CMPXCHG and you need to recreate it each time?

IOW, you can generate upfront and do the empty loop...


*ptep can change concurrently.


Care to elaborate?

For example, when a thread reads a W=1, D=0 PTE and before changing itto W=0,D=0, another thread could have written to the page and the PTE isW=1, D=1 now. When try_cmpxchg() detects the difference, old_pte isread again.

Follow-Ups:
- Re: [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW
  - From: Borislav Petkov

References:
- [PATCH v17 00/26] Control-flow Enforcement: Shadow Stack
  - From: Yu-cheng Yu
- [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW
  - From: Yu-cheng Yu
- Re: [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW
  - From: Borislav Petkov
- Re: [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW
  - From: Yu, Yu-cheng
- Re: [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW
  - From: Borislav Petkov

Prev by Date: Re: [PATCH v2] Documentation/admin-guide: kernel-parameters: update CMA entries
Next by Date: Re: [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW
Previous by thread: Re: [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW
Next by thread: Re: [PATCH v17 11/26] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Linux FS] [Yosemite Forum] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper] [Linux Resources]