* Re: [MIPS] Fix aliasing bug in copy_user_highpage, take 2.
[not found] <S20036863AbXJOPrf/20071015154735Z+80955@ftp.linux-mips.org>
@ 2007-10-15 17:31 ` Atsushi Nemoto
2007-10-15 18:28 ` Ralf Baechle
0 siblings, 1 reply; 6+ messages in thread
From: Atsushi Nemoto @ 2007-10-15 17:31 UTC (permalink / raw)
To: linux-mips; +Cc: ralf
On Mon, 15 Oct 2007 16:47:30 +0100, linux-mips@linux-mips.org wrote:
> Turns out 6a36458d9348265327d074bdd40bfb1c5b6fb2cb wasn't quite right.
> When called for a page that isn't marked dirty it would artificially
> create an alias instead of doing the obvious thing and access the page
> via KSEG0.
>
> The same issue also exists in copy_to_user_page and copy_from_user_page
> which was causing the machine to die under rare circumstances for example
> when running ps if the BUG_ON() assertion added by the earlier fix was
> getting triggered.
This commit added a SetPageDcacheDirty() call for both
copy_to_user_page() and copy_from_user_page(). The call in
copy_from_user_page() is really needed?
---
Atsushi Nemoto
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [MIPS] Fix aliasing bug in copy_user_highpage, take 2.
2007-10-15 17:31 ` [MIPS] Fix aliasing bug in copy_user_highpage, take 2 Atsushi Nemoto
@ 2007-10-15 18:28 ` Ralf Baechle
2007-10-16 15:29 ` Atsushi Nemoto
0 siblings, 1 reply; 6+ messages in thread
From: Ralf Baechle @ 2007-10-15 18:28 UTC (permalink / raw)
To: Atsushi Nemoto; +Cc: linux-mips
On Tue, Oct 16, 2007 at 02:31:25AM +0900, Atsushi Nemoto wrote:
> On Mon, 15 Oct 2007 16:47:30 +0100, linux-mips@linux-mips.org wrote:
> > Turns out 6a36458d9348265327d074bdd40bfb1c5b6fb2cb wasn't quite right.
> > When called for a page that isn't marked dirty it would artificially
> > create an alias instead of doing the obvious thing and access the page
> > via KSEG0.
> >
> > The same issue also exists in copy_to_user_page and copy_from_user_page
> > which was causing the machine to die under rare circumstances for example
> > when running ps if the BUG_ON() assertion added by the earlier fix was
> > getting triggered.
>
> This commit added a SetPageDcacheDirty() call for both
> copy_to_user_page() and copy_from_user_page(). The call in
> copy_from_user_page() is really needed?
After copy_from_user_page the page will reside in the D-cache. So just
in case it ever gets mapped to userspace and modified there we better
make sure its kernel address will get flushed before mapping it to user
space. If not, we might see stale data if the page got modified under
its userspace address.
Ralf
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [MIPS] Fix aliasing bug in copy_user_highpage, take 2.
2007-10-15 18:28 ` Ralf Baechle
@ 2007-10-16 15:29 ` Atsushi Nemoto
2007-10-16 15:38 ` Ralf Baechle
0 siblings, 1 reply; 6+ messages in thread
From: Atsushi Nemoto @ 2007-10-16 15:29 UTC (permalink / raw)
To: ralf; +Cc: linux-mips
On Mon, 15 Oct 2007 19:28:11 +0100, Ralf Baechle <ralf@linux-mips.org> wrote:
> After copy_from_user_page the page will reside in the D-cache. So just
> in case it ever gets mapped to userspace and modified there we better
> make sure its kernel address will get flushed before mapping it to user
> space. If not, we might see stale data if the page got modified under
> its userspace address.
Hmm, setting SetPageDcacheDirty() will not make sure the modified data
flushed before reading via the kernel mapping. The flush_dcache_page()
should be used for such case, shouldn't it?
---
Atsushi Nemoto
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [MIPS] Fix aliasing bug in copy_user_highpage, take 2.
2007-10-16 15:29 ` Atsushi Nemoto
@ 2007-10-16 15:38 ` Ralf Baechle
2007-10-16 16:13 ` Atsushi Nemoto
0 siblings, 1 reply; 6+ messages in thread
From: Ralf Baechle @ 2007-10-16 15:38 UTC (permalink / raw)
To: Atsushi Nemoto; +Cc: linux-mips
On Wed, Oct 17, 2007 at 12:29:16AM +0900, Atsushi Nemoto wrote:
> On Mon, 15 Oct 2007 19:28:11 +0100, Ralf Baechle <ralf@linux-mips.org> wrote:
> > After copy_from_user_page the page will reside in the D-cache. So just
> > in case it ever gets mapped to userspace and modified there we better
> > make sure its kernel address will get flushed before mapping it to user
> > space. If not, we might see stale data if the page got modified under
> > its userspace address.
>
> Hmm, setting SetPageDcacheDirty() will not make sure the modified data
> flushed before reading via the kernel mapping. The flush_dcache_page()
> should be used for such case, shouldn't it?
You're right - and the intent is to _not_ flush the page. But we're
bringing it into the cache, so we better flush it before it will be mapped
to userspace. We want to delay the flush operation.
Ralf
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [MIPS] Fix aliasing bug in copy_user_highpage, take 2.
2007-10-16 15:38 ` Ralf Baechle
@ 2007-10-16 16:13 ` Atsushi Nemoto
2007-10-16 16:16 ` Ralf Baechle
0 siblings, 1 reply; 6+ messages in thread
From: Atsushi Nemoto @ 2007-10-16 16:13 UTC (permalink / raw)
To: ralf; +Cc: linux-mips
On Tue, 16 Oct 2007 16:38:06 +0100, Ralf Baechle <ralf@linux-mips.org> wrote:
> > Hmm, setting SetPageDcacheDirty() will not make sure the modified data
> > flushed before reading via the kernel mapping. The flush_dcache_page()
> > should be used for such case, shouldn't it?
>
> You're right - and the intent is to _not_ flush the page. But we're
> bringing it into the cache, so we better flush it before it will be mapped
> to userspace. We want to delay the flush operation.
I see, but I'm afraid of unnecessary flushing might hide another
bug...
Setting SetPageDcacheDirty() for non-modified page looks a bit
overkill for me. For example, in copy_user_highpage() we do not flush
the source page if the page was not mapped to userspace.
---
Atsushi Nemoto
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [MIPS] Fix aliasing bug in copy_user_highpage, take 2.
2007-10-16 16:13 ` Atsushi Nemoto
@ 2007-10-16 16:16 ` Ralf Baechle
0 siblings, 0 replies; 6+ messages in thread
From: Ralf Baechle @ 2007-10-16 16:16 UTC (permalink / raw)
To: Atsushi Nemoto; +Cc: linux-mips
On Wed, Oct 17, 2007 at 01:13:49AM +0900, Atsushi Nemoto wrote:
> On Tue, 16 Oct 2007 16:38:06 +0100, Ralf Baechle <ralf@linux-mips.org> wrote:
> > > Hmm, setting SetPageDcacheDirty() will not make sure the modified data
> > > flushed before reading via the kernel mapping. The flush_dcache_page()
> > > should be used for such case, shouldn't it?
> >
> > You're right - and the intent is to _not_ flush the page. But we're
> > bringing it into the cache, so we better flush it before it will be mapped
> > to userspace. We want to delay the flush operation.
>
> I see, but I'm afraid of unnecessary flushing might hide another
> bug...
>
> Setting SetPageDcacheDirty() for non-modified page looks a bit
> overkill for me. For example, in copy_user_highpage() we do not flush
> the source page if the page was not mapped to userspace.
kunmap_atomic() is supposed to deal with that.
It doesn't quite on the MIPS implementation so the kernel refuses highmem
with aliasing caches.
Ralf
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2007-10-16 16:16 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <S20036863AbXJOPrf/20071015154735Z+80955@ftp.linux-mips.org>
2007-10-15 17:31 ` [MIPS] Fix aliasing bug in copy_user_highpage, take 2 Atsushi Nemoto
2007-10-15 18:28 ` Ralf Baechle
2007-10-16 15:29 ` Atsushi Nemoto
2007-10-16 15:38 ` Ralf Baechle
2007-10-16 16:13 ` Atsushi Nemoto
2007-10-16 16:16 ` Ralf Baechle
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.