From: Mathieu Desnoyers <mathieu.desnoyers-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
To: One Thousand Gnomes
<gnomes-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org>
Cc: "Paul E. McKenney"
<paulmck-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>,
Boqun Feng <boqun.feng-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Peter Zijlstra <peterz-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>,
Paul Turner <pjt-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
Andrew Hunter <ahh-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>,
Dave Watson <davejwatson-b10kYP2dOMg@public.gmane.org>,
Josh Triplett <josh-iaAMLnmF4UmaiuxdJuQwMA@public.gmane.org>,
Will Deacon <will.deacon-5wv7dgnIgG8@public.gmane.org>,
linux-kernel
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Thomas Gleixner <tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>,
Andi Kleen <andi-Vw/NltI1exuRpAAqCnN02g@public.gmane.org>,
Chris Lameter <cl-vYTEC60ixJUAvxtiuMwx3w@public.gmane.org>,
Ingo Molnar <mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"H. Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>,
Ben Maurer <bmaurer-b10kYP2dOMg@public.gmane.org>,
rostedt <rostedt-nx8X9YLhiw1AfugRpC6u6w@public.gmane.org>,
Linus Torvalds
<torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
Russell King <linux-lFZ/pmaqli7XmaaqVzeoHQ@public.gmane.org>,
Catalin Marinas <catalin.>
Subject: Re: [RFC PATCH for 4.15 09/14] Provide cpu_opv system call
Date: Sat, 14 Oct 2017 14:22:10 +0000 (UTC) [thread overview]
Message-ID: <112864193.41278.1507990930227.JavaMail.zimbra@efficios.com> (raw)
In-Reply-To: <854849583.40647.1507906233368.JavaMail.zimbra-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
----- On Oct 13, 2017, at 10:50 AM, Mathieu Desnoyers mathieu.desnoyers-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org wrote:
> ----- On Oct 13, 2017, at 9:57 AM, One Thousand Gnomes
> gnomes-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org wrote:
>
>>> A maximum limit of 16 operations per cpu_opv syscall invocation is
>>> enforced, so user-space cannot generate a too long preempt-off critical
>>> section.
>>
>> Except that all the operations could be going to mmapped I/O space and if
>> I pick the right targets could take quite a long time to complete.
>
> We could check whether a struct page belongs to mmapped I/O space, and return
> EINVAL in that case.
>
>> It's
>> still only 16 operations - But 160ms is a lot worse than 10ms. In fact
>> with compare_iter I could make it much much worse still as I get 2 x
>> TMP_BUFLEN x 16 x worst case latency in my attack. That's enough to screw
>> up plenty of things.
>
> Would a check that ensures the page is not mmapped I/O space be sufficient
> to take care of this ? If happen to know which API I need to look for, it
> would be welcome.
I think is_zone_device_page() is what I was looking for.
Let me know if I missed something,
Thanks,
Mathieu
> Thanks,
>
> Mathieu
>
>
>>
>> Alan
>
> --
> Mathieu Desnoyers
> EfficiOS Inc.
> http://www.efficios.com
--
Mathieu Desnoyers
EfficiOS Inc.
http://www.efficios.com
WARNING: multiple messages have this Message-ID (diff)
From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
To: One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
Boqun Feng <boqun.feng@gmail.com>,
Peter Zijlstra <peterz@infradead.org>,
Paul Turner <pjt@google.com>, Andrew Hunter <ahh@google.com>,
Andy Lutomirski <luto@amacapital.net>,
Dave Watson <davejwatson@fb.com>,
Josh Triplett <josh@joshtriplett.org>,
Will Deacon <will.deacon@arm.com>,
linux-kernel <linux-kernel@vger.kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Andi Kleen <andi@firstfloor.org>, Chris Lameter <cl@linux.com>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Ben Maurer <bmaurer@fb.com>, rostedt <rostedt@goodmis.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Andrew Morton <akpm@linux-foundation.org>,
Russell King <linux@arm.linux.org.uk>,
Catalin Marinas <catalin.marinas@arm.com>,
Michael Kerrisk <mtk.manpages@gmail.com>,
linux-api <linux-api@vger.kernel.org>
Subject: Re: [RFC PATCH for 4.15 09/14] Provide cpu_opv system call
Date: Sat, 14 Oct 2017 14:22:10 +0000 (UTC) [thread overview]
Message-ID: <112864193.41278.1507990930227.JavaMail.zimbra@efficios.com> (raw)
In-Reply-To: <854849583.40647.1507906233368.JavaMail.zimbra@efficios.com>
----- On Oct 13, 2017, at 10:50 AM, Mathieu Desnoyers mathieu.desnoyers@efficios.com wrote:
> ----- On Oct 13, 2017, at 9:57 AM, One Thousand Gnomes
> gnomes@lxorguk.ukuu.org.uk wrote:
>
>>> A maximum limit of 16 operations per cpu_opv syscall invocation is
>>> enforced, so user-space cannot generate a too long preempt-off critical
>>> section.
>>
>> Except that all the operations could be going to mmapped I/O space and if
>> I pick the right targets could take quite a long time to complete.
>
> We could check whether a struct page belongs to mmapped I/O space, and return
> EINVAL in that case.
>
>> It's
>> still only 16 operations - But 160ms is a lot worse than 10ms. In fact
>> with compare_iter I could make it much much worse still as I get 2 x
>> TMP_BUFLEN x 16 x worst case latency in my attack. That's enough to screw
>> up plenty of things.
>
> Would a check that ensures the page is not mmapped I/O space be sufficient
> to take care of this ? If happen to know which API I need to look for, it
> would be welcome.
I think is_zone_device_page() is what I was looking for.
Let me know if I missed something,
Thanks,
Mathieu
> Thanks,
>
> Mathieu
>
>
>>
>> Alan
>
> --
> Mathieu Desnoyers
> EfficiOS Inc.
> http://www.efficios.com
--
Mathieu Desnoyers
EfficiOS Inc.
http://www.efficios.com
next prev parent reply other threads:[~2017-10-14 14:22 UTC|newest]
Thread overview: 113+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-12 23:03 [RFC PATCH v9 for 4.15 00/14] Restartable sequences and CPU op vector system calls Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH v9 for 4.15 01/14] Restartable sequences system call Mathieu Desnoyers
2017-10-13 0:36 ` Linus Torvalds
2017-10-13 0:36 ` Linus Torvalds
2017-10-13 9:35 ` Ben Maurer
2017-10-13 9:35 ` Ben Maurer
[not found] ` <DM5PR15MB1690DA99E4AA74FBE54CF7F9CF480-kTBAvIqET4EjX1lkf7hTyId3EbNNOtPMvxpqHgZTriW3zl9H0oFU5g@public.gmane.org>
2017-10-13 18:30 ` Linus Torvalds
2017-10-13 18:30 ` Linus Torvalds
[not found] ` <CA+55aFzPBES0JOYuZhuNM7NKN+G9ytZQT2daueFPw0j9HGpdGQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-10-13 20:54 ` Paul E. McKenney
2017-10-13 20:54 ` Paul E. McKenney
[not found] ` <20171013205418.GM3521-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-10-13 21:05 ` Linus Torvalds
2017-10-13 21:05 ` Linus Torvalds
[not found] ` <CA+55aFwvNS95ByZJTh1yG25QfaD0K0ZByK3iXeeRU8LafFiGFQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-10-13 21:21 ` Paul E. McKenney
2017-10-13 21:21 ` Paul E. McKenney
2017-10-13 21:36 ` Mathieu Desnoyers
2017-10-13 21:36 ` Mathieu Desnoyers
2017-10-16 16:04 ` Carlos O'Donell
2017-10-16 16:04 ` Carlos O'Donell
2017-10-16 16:46 ` Andi Kleen
2017-10-16 16:46 ` Andi Kleen
2017-10-16 22:17 ` Mathieu Desnoyers
2017-10-16 22:17 ` Mathieu Desnoyers
[not found] ` <21865534.42661.1508192263844.JavaMail.zimbra-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2017-10-17 16:19 ` Ben Maurer
2017-10-17 16:19 ` Ben Maurer
[not found] ` <CY4PR15MB168879D6220D976B04FE482CCF4C0-ZVJ2su15u+xeX4ZvlgGe+Yd3EbNNOtPMvxpqHgZTriW3zl9H0oFU5g@public.gmane.org>
2017-10-17 16:33 ` Mathieu Desnoyers
2017-10-17 16:33 ` Mathieu Desnoyers
[not found] ` <1292309161.43101.1508258000235.JavaMail.zimbra-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2017-10-17 16:41 ` Ben Maurer
2017-10-17 16:41 ` Ben Maurer
[not found] ` <CY4PR15MB16886FD43FB48592F3F5892FCF4C0-ZVJ2su15u+xeX4ZvlgGe+Yd3EbNNOtPMvxpqHgZTriW3zl9H0oFU5g@public.gmane.org>
2017-10-17 17:48 ` Mathieu Desnoyers
2017-10-17 17:48 ` Mathieu Desnoyers
2017-10-18 6:22 ` Greg KH
2017-10-18 6:22 ` Greg KH
[not found] ` <20171018062226.GB18857-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2017-10-18 16:28 ` Mathieu Desnoyers
2017-10-18 16:28 ` Mathieu Desnoyers
2017-10-14 3:01 ` Andi Kleen
2017-10-14 3:01 ` Andi Kleen
2017-10-14 4:05 ` Linus Torvalds
2017-10-14 4:05 ` Linus Torvalds
2017-10-14 11:37 ` Mathieu Desnoyers
2017-10-14 11:37 ` Mathieu Desnoyers
2017-10-13 12:50 ` Florian Weimer
2017-10-13 13:40 ` Mathieu Desnoyers
2017-10-13 13:40 ` Mathieu Desnoyers
2017-10-13 13:56 ` Florian Weimer
2017-10-13 13:56 ` Florian Weimer
2017-10-13 14:27 ` Mathieu Desnoyers
2017-10-13 14:27 ` Mathieu Desnoyers
2017-10-13 17:24 ` Andy Lutomirski
2017-10-13 17:24 ` Andy Lutomirski
[not found] ` <CALCETrXccCp8apoyUJV8kWLOavnFnenZoU-fbb6cOVZvWp-fnA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-10-13 17:53 ` Florian Weimer
2017-10-13 17:53 ` Florian Weimer
[not found] ` <3358e696-43e9-15d3-9634-68e9da79e121-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-10-13 18:17 ` Andy Lutomirski
2017-10-13 18:17 ` Andy Lutomirski
[not found] ` <CALCETrVWZxC=mT9p7HTrAwcAdMzaxwa=A-O0uQt79qy1Cpky_g-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-10-14 11:53 ` Mathieu Desnoyers
2017-10-14 11:53 ` Mathieu Desnoyers
2017-10-18 16:41 ` Ben Maurer
[not found] ` <CY4PR15MB1688286D6B1283A1C234BAE6CF4E0-ZVJ2su15u+xeX4ZvlgGe+Yd3EbNNOtPMvxpqHgZTriW3zl9H0oFU5g@public.gmane.org>
2017-10-18 18:11 ` Mathieu Desnoyers
2017-10-18 18:11 ` Mathieu Desnoyers
[not found] ` <515879378.43966.1508350299712.JavaMail.zimbra-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2017-10-19 11:35 ` Mathieu Desnoyers
2017-10-19 11:35 ` Mathieu Desnoyers
2017-10-19 17:01 ` Florian Weimer
2017-10-19 17:01 ` Florian Weimer
2017-10-23 17:30 ` Ben Maurer
2017-10-23 17:30 ` Ben Maurer
[not found] ` <CY4PR15MB16888F91F41A4A1D322C102CCF460-ZVJ2su15u+xeX4ZvlgGe+Yd3EbNNOtPMvxpqHgZTriW3zl9H0oFU5g@public.gmane.org>
2017-10-23 20:44 ` Mathieu Desnoyers
2017-10-23 20:44 ` Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 02/14] tracing: instrument restartable sequences Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 03/14] Restartable sequences: ARM 32 architecture support Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 04/14] Restartable sequences: wire up ARM 32 system call Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 05/14] Restartable sequences: x86 32/64 architecture support Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 06/14] Restartable sequences: wire up x86 32/64 system call Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 07/14] Restartable sequences: powerpc architecture support Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 08/14] Restartable sequences: Wire up powerpc system call Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 09/14] Provide cpu_opv " Mathieu Desnoyers
[not found] ` <20171012230326.19984-10-mathieu.desnoyers-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2017-10-13 13:57 ` Alan Cox
2017-10-13 13:57 ` Alan Cox
2017-10-13 14:50 ` Mathieu Desnoyers
2017-10-13 14:50 ` Mathieu Desnoyers
[not found] ` <854849583.40647.1507906233368.JavaMail.zimbra-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2017-10-14 14:22 ` Mathieu Desnoyers [this message]
2017-10-14 14:22 ` Mathieu Desnoyers
2017-10-13 17:20 ` Andy Lutomirski
2017-10-13 17:20 ` Andy Lutomirski
2017-10-14 2:50 ` Andi Kleen
2017-10-14 2:50 ` Andi Kleen
[not found] ` <20171014025029.GL2482-1g7Xle2YJi4/4alezvVtWx2eb7JE58TQ@public.gmane.org>
2017-10-14 13:35 ` Mathieu Desnoyers
2017-10-14 13:35 ` Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 10/14] cpu_opv: Wire up x86 32/64 " Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 11/14] cpu_opv: Wire up powerpc " Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 12/14] cpu_opv: Wire up ARM32 " Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 13/14] cpu_opv: Implement selftests Mathieu Desnoyers
2017-10-12 23:03 ` [RFC PATCH for 4.15 14/14] Restartable sequences: Provide self-tests Mathieu Desnoyers
2017-10-16 2:51 ` Michael Ellerman
2017-10-16 2:51 ` Michael Ellerman
2017-10-16 14:23 ` Mathieu Desnoyers
2017-10-16 14:23 ` Mathieu Desnoyers
[not found] ` <399058130.42156.1508163782335.JavaMail.zimbra-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2017-10-17 10:38 ` Michael Ellerman
2017-10-17 10:38 ` Michael Ellerman
2017-10-17 13:50 ` Mathieu Desnoyers
2017-10-17 13:50 ` Mathieu Desnoyers
[not found] ` <871sm3n6sy.fsf-W0DJWXSxmBNbyGPkN3NxC2scP1bn1w/D@public.gmane.org>
2017-10-16 18:50 ` Mathieu Desnoyers
2017-10-16 18:50 ` Mathieu Desnoyers
[not found] ` <1998166049.42520.1508179805908.JavaMail.zimbra-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2017-10-17 10:36 ` Michael Ellerman
2017-10-17 10:36 ` Michael Ellerman
[not found] ` <87d15mjc1g.fsf-W0DJWXSxmBNbyGPkN3NxC2scP1bn1w/D@public.gmane.org>
2017-10-17 13:50 ` Mathieu Desnoyers
2017-10-17 13:50 ` Mathieu Desnoyers
[not found] ` <1618170495.42951.1508248216596.JavaMail.zimbra-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2017-10-18 5:45 ` Michael Ellerman
2017-10-18 5:45 ` Michael Ellerman
[not found] ` <20171012230326.19984-15-mathieu.desnoyers-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2017-10-16 3:00 ` Michael Ellerman
2017-10-16 3:00 ` Michael Ellerman
2017-10-16 3:48 ` Boqun Feng
2017-10-16 3:48 ` Boqun Feng
2017-10-16 11:48 ` Michael Ellerman
2017-10-16 11:48 ` Michael Ellerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=112864193.41278.1507990930227.JavaMail.zimbra@efficios.com \
--to=mathieu.desnoyers-vg+e7yoek/dwk0htik3j/w@public.gmane.org \
--cc=ahh-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=andi-Vw/NltI1exuRpAAqCnN02g@public.gmane.org \
--cc=bmaurer-b10kYP2dOMg@public.gmane.org \
--cc=boqun.feng-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=cl-vYTEC60ixJUAvxtiuMwx3w@public.gmane.org \
--cc=davejwatson-b10kYP2dOMg@public.gmane.org \
--cc=gnomes-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org \
--cc=hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org \
--cc=josh-iaAMLnmF4UmaiuxdJuQwMA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-lFZ/pmaqli7XmaaqVzeoHQ@public.gmane.org \
--cc=luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org \
--cc=mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=paulmck-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
--cc=peterz-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=pjt-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org \
--cc=rostedt-nx8X9YLhiw1AfugRpC6u6w@public.gmane.org \
--cc=tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org \
--cc=torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=will.deacon-5wv7dgnIgG8@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.