All of lore.kernel.org
 help / color / mirror / Atom feed
From: Zoltan Menyhart <Zoltan.Menyhart@bull.net>
To: linux-ia64@vger.kernel.org
Subject: Re: Read *pgd again in vhpt_miss handler
Date: Thu, 27 Apr 2006 11:04:10 +0000	[thread overview]
Message-ID: <4450A52A.5030406@bull.net> (raw)
In-Reply-To: <444F79CA.7060804@bull.net>

Chen, Kenneth W wrote:

> A more favorable change is to remove comparing pud/pmd entry, but
> condition the vhpt TLB purging upon detecting pte modification.
> I had this patch in my pocket for a while for other optimizations
> I'm working on and it looks like a good timing to post it now.

I cannot agree with you.

1. If *pte becomes invalid in the mean time, then the translation
   for the PTE page can be still valid.
   E.g. the swapper removes PTE-s and purges the translations for
   user pages only, never for a PTE page.

2. Let's have a look at your posting on the 30th os March, in the thread
  "accessed/dirty bit handler tuning":

> cpu0                            cpu1                  cpu2
> Vhpt miss:
>   walk page table
>                                 free_pgtables
>                                 ptc.g fault address
>                                 ptc.g hash address
>                                                       pud_alloc/pmd_alloc
>                                                       new page instantiation
>   itc.d faulting address
>   itc.d hash address
>   read pte
>   kill tlb for fault addr
>   rfi
> 
> Touch fault addr
> Walker install the tlb
> with staled vhpt tlb
> -> using someone else's page
>  -> data corruption

I did agree with you.

In addition, I wanted to add a protection for protecting the
pgd ... pte chain walking.
I wanted to use the mm semaphore => no need to walk again the
pgd ... pte chain.

I think your new patch widens the security hole.

Regards,

Zoltan

  parent reply	other threads:[~2006-04-27 11:04 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-04-26 13:46 Read *pgd again in vhpt_miss handler Zoltan Menyhart
2006-04-26 15:00 ` Chen, Kenneth W
2006-04-27 11:04 ` Zoltan Menyhart [this message]
2006-04-28  1:23 ` Christoph Lameter
2006-04-28  7:53 ` Zoltan Menyhart

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4450A52A.5030406@bull.net \
    --to=zoltan.menyhart@bull.net \
    --cc=linux-ia64@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.