From: linux@arm.linux.org.uk (Russell King - ARM Linux)
To: linux-arm-kernel@lists.infradead.org
Subject: Kernel related (?) user space crash at ARM11 MPCore
Date: Mon, 21 Sep 2009 22:26:37 +0100 [thread overview]
Message-ID: <20090921212637.GG30821@n2100.arm.linux.org.uk> (raw)
In-Reply-To: <20090921201043.GA14700@shareable.org>
On Mon, Sep 21, 2009 at 09:10:43PM +0100, Jamie Lokier wrote:
> Russell King - ARM Linux wrote:
> > On Mon, Sep 21, 2009 at 10:44:23AM +0100, Catalin Marinas wrote:
> > > I would still call this I-D cache coherency issue since the two caches
> > > have a different view of the RAM but I agree that the D-cache is the one
> > > holding the data (with a slight chance for the I-cache not to be in sync
> > > with main RAM, though we could treat it separately).
> > >
> > > We can sort out the D-cache issue with your approach for cleaning it in
> > > the copy_user_highpage() function, but, as I said, we affect the
> > > standard CoW mechanism for data pages quite a lot.
> >
> > Let me restate my approach more clearly:
> >
> > 1. Remember that a VMA has been executable.
> > 2. Only do the additional handing if the VMA has been executable.
>
> Sorry, I'm a little confused, and I'm trying to understand what I can
> safely assume is reliable when using mprotect.
>
> If the problem is data in the D-cache not being flushed to be read as
> data from a text page (i.e. nothing to do with I-cache, it's all about
> the D-cache between different mappings), why is the previous
> executableness of the VMA relevant to the solution?
We're using the previous state to indicate what the likely future state
of the page is going to be.
> And here's a little something:
>
> http://www.mail-archive.com/aufs-users at lists.sourceforge.net/msg02093.html
>
> It's about MIPS, but has an awful lot of things in common with the bug
> being discussed in this thread: dynamic linker, constants embedded in
> the code, using mprotect rx->rw->rx, missing I-cache flush, only
> affects COW, copy_user_highpage(), is worked around by switching the
> cache from write-back to write-through...
>
> Useful?
Depends. ARMv7 has the requirement that memory is not mapped in using
different cache settings (we already violate that, and ARM Ltd's aware
of that, but no one yet knows how to solve it in Linux.)
Given that, I'm not sure we want to dig ourselves deeper into having
mappings of differing cache attributes - we actually want to eliminate
them.
> I found that while searching to see if mprotect rw->rx implies I-cache
> flush. On IRIX it's explicitly documented to, in fact it has
> PROT_EXEC_NOFLUSH in case you want to optimise that away :-) Haven't
> found anything to confirm or deny it for Linux or anything else,
> though.
Linux has no hook for doing this; you can't even detect it via mprotect()
because the old vm_flags are overwritten before any arch code gets a
look-in.
> Hopefully it's clear that munmap of the region, followed by mmap
> PROT_READ|PROTE_EXEC to restore the mapping with different permissions
> (when it has a backing file) - hopefully it's clear that _that_ will
> do the needed I-cache flush.
Not necessarily, especially if the file is mapped using MAP_PRIVATE.
next prev parent reply other threads:[~2009-09-21 21:26 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <4A7AEEB6.5060903@googlemail.com>
[not found] ` <1250184014.14019.40.camel@pc1117.cambridge.arm.com>
[not found] ` <1250501311.9858.24.camel@pc1117.cambridge.arm.com>
[not found] ` <20090817140422.GA10764@n2100.arm.linux.org.uk>
2009-08-29 12:27 ` Kernel related (?) user space crash at ARM11 MPCore Catalin Marinas
2009-08-31 8:30 ` Catalin Marinas
2009-09-07 15:29 ` Catalin Marinas
2009-09-07 15:56 ` Dirk Behme
2009-09-07 16:43 ` Catalin Marinas
2009-09-07 17:31 ` Mikael Pettersson
2009-09-07 21:40 ` Catalin Marinas
2009-09-03 11:58 ` Dirk Behme
[not found] ` <1250529916.11185.80.camel@pc1117.cambridge.arm.com>
[not found] ` <20090919224022.GA738@n2100.arm.linux.org.uk>
[not found] ` <1253435940.498.15.camel@pc1117.cambridge.arm.com>
2009-09-20 9:31 ` Russell King - ARM Linux
2009-09-20 19:02 ` Russell King - ARM Linux
2009-09-20 22:46 ` Catalin Marinas
2009-09-21 8:31 ` Jamie Lokier
2009-09-21 8:41 ` Russell King - ARM Linux
2009-09-21 9:41 ` Jamie Lokier
2009-09-21 10:08 ` Catalin Marinas
2009-09-21 8:49 ` Catalin Marinas
2009-09-21 8:54 ` Russell King - ARM Linux
2009-09-21 9:44 ` Catalin Marinas
2009-09-21 10:07 ` Russell King - ARM Linux
2009-09-21 10:42 ` Catalin Marinas
2009-09-21 20:10 ` Jamie Lokier
2009-09-21 21:26 ` Russell King - ARM Linux [this message]
2009-09-21 22:14 ` Catalin Marinas
2009-09-21 22:25 ` Jamie Lokier
2009-09-22 8:43 ` Catalin Marinas
2009-09-21 21:58 ` Catalin Marinas
2009-09-21 22:12 ` Jamie Lokier
2009-09-21 22:31 ` Russell King - ARM Linux
2009-09-21 22:34 ` Catalin Marinas
2009-09-21 21:38 ` Russell King - ARM Linux
2009-09-21 22:28 ` Catalin Marinas
2009-09-21 22:37 ` Jamie Lokier
2009-09-21 22:33 ` Jamie Lokier
2009-09-22 9:21 ` Catalin Marinas
2009-09-22 10:19 ` Catalin Marinas
2009-09-22 17:17 ` Catalin Marinas
2009-09-23 6:03 ` Dirk Behme
2009-09-23 9:13 ` Catalin Marinas
2009-09-23 10:38 ` Catalin Marinas
2009-09-23 12:12 ` Mikael Pettersson
2009-09-23 12:42 ` Russell King - ARM Linux
2009-09-23 12:51 ` Catalin Marinas
2009-09-23 12:55 ` Catalin Marinas
2009-10-15 14:57 ` Russell King - ARM Linux
2009-10-15 15:20 ` Catalin Marinas
2009-10-15 15:28 ` Russell King - ARM Linux
2009-10-15 15:56 ` Catalin Marinas
2009-10-20 11:39 ` Catalin Marinas
2009-10-25 13:39 ` Russell King - ARM Linux
2009-10-26 18:40 ` Catalin Marinas
2009-10-25 14:48 ` Russell King - ARM Linux
2009-10-26 18:45 ` Catalin Marinas
2009-10-26 19:17 ` Russell King - ARM Linux
2009-10-15 15:48 ` Dirk Behme
2009-10-15 15:53 ` Catalin Marinas
2009-10-25 13:04 ` Russell King - ARM Linux
2009-10-26 18:18 ` Catalin Marinas
2009-09-20 22:02 ` Catalin Marinas
2009-09-22 5:44 ` Shilimkar, Santosh
2009-09-22 9:01 ` Catalin Marinas
2009-09-22 9:34 ` Shilimkar, Santosh
[not found] ` <1249981883.27150.14.camel@pc1117.cambridge.arm.com>
[not found] ` <4A818CBC.8040000@googlemail.com>
[not found] ` <1250006770.30628.1.camel@pc1117.cambridge.arm.com>
[not found] ` <4A819C54.3080606@googlemail.com>
[not found] ` <1250009043.30628.9.camel@pc1117.cambridge.arm.com>
[not found] ` <87ab25vazg.fsf@brigitte.kvy.fi>
[not found] ` <1250080338.20332.32.camel@pc1117.cambridge.arm.com>
[not found] ` <87k518yc8a.fsf@brigitte.kvy.fi>
2009-09-11 9:21 ` smsc911x.c driver and SMP (was Re: Kernel related (?) user space crash at ARM11 MPCore) Catalin Marinas
2009-09-11 12:55 ` Bill Gatliff
2009-09-11 13:00 ` Catalin Marinas
2009-09-11 15:20 ` Bill Gatliff
2009-09-11 16:06 ` Catalin Marinas
2009-10-06 6:12 ` smsc911x.c driver and SMP Antti P Miettinen
2010-08-31 0:07 ` Shinya Kuribayashi
2010-08-31 6:22 ` Antti P Miettinen
2010-08-31 9:10 ` Shinya Kuribayashi
2010-08-31 8:33 ` Catalin Marinas
2010-08-31 8:42 ` Shinya Kuribayashi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090921212637.GG30821@n2100.arm.linux.org.uk \
--to=linux@arm.linux.org.uk \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).