From: Dmitry Vyukov <dvyukov@google.com>
To: Vlastimil Babka <vbabka@suse.cz>
Cc: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
David Hildenbrand <david@redhat.com>,
fw@deneb.enyo.de, James.Bottomley@hansenpartnership.com,
Liam.Howlett@oracle.com, akpm@linux-foundation.org,
arnd@arndb.de, brauner@kernel.org, chris@zankel.net,
deller@gmx.de, hch@infradead.org, ink@jurassic.park.msu.ru,
jannh@google.com, jcmvbkbc@gmail.com, jeffxu@chromium.org,
jhubbard@nvidia.com, linux-alpha@vger.kernel.org,
linux-api@vger.kernel.org, linux-arch@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
linux-mips@vger.kernel.org, linux-mm@kvack.org,
linux-parisc@vger.kernel.org, mattst88@gmail.com,
muchun.song@linux.dev, paulmck@kernel.org,
richard.henderson@linaro.org, shuah@kernel.org,
sidhartha.kumar@oracle.com, surenb@google.com,
tsbogend@alpha.franken.de, willy@infradead.org,
elver@google.com, Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH v2 0/5] implement lightweight guard pages
Date: Wed, 23 Oct 2024 11:17:05 +0200 [thread overview]
Message-ID: <CACT4Y+Z=fjoOxn8NY8kYJd2CC1SkmjkmAmqSzJbQiU04G=BEvw@mail.gmail.com> (raw)
In-Reply-To: <b1df934e-7012-4523-a513-d3d1536b7f72@suse.cz>
On Wed, 23 Oct 2024 at 11:06, Vlastimil Babka <vbabka@suse.cz> wrote:
>
> On 10/23/24 10:56, Dmitry Vyukov wrote:
> >>
> >> Overall while I sympathise with this, it feels dangerous and a pretty major
> >> change, because there'll be something somewhere that will break because it
> >> expects faults to be swallowed that we no longer do swallow.
> >>
> >> So I'd say it'd be something we should defer, but of course it's a highly
> >> user-facing change so how easy that would be I don't know.
> >>
> >> But I definitely don't think a 'introduce the ability to do cheap PROT_NONE
> >> guards' series is the place to also fundmentally change how user access
> >> page faults are handled within the kernel :)
> >
> > Will delivering signals on kernel access be a backwards compatible
> > change? Or will we need a different API? MADV_GUARD_POISON_KERNEL?
> > It's just somewhat painful to detect/update all userspace if we add
> > this feature in future. Can we say signal delivery on kernel accesses
> > is unspecified?
>
> Would adding signal delivery to guard PTEs only help enough the ASAN etc
> usecase? Wouldn't it be instead possible to add some prctl to opt-in the
> whole ASANized process to deliver all existing segfaults as signals instead
> of -EFAULT ?
ASAN per se does not need this (it does not use page protection).
However, if you mean bug detection tools in general, then, yes, that's
what I had in mind.
There are also things like stack guard pages in libc that would
benefit from that as well.
But I observed that some libraries intentionally use EFAULT to probe
for memory readability, i.e. use some cheap syscall to probe memory
before reading it. So changing behavior globally may not work.
prev parent reply other threads:[~2024-10-23 9:17 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-20 16:20 Lorenzo Stoakes
2024-10-20 16:20 ` [PATCH v2 1/5] mm: pagewalk: add the ability to install PTEs Lorenzo Stoakes
2024-10-21 13:27 ` Vlastimil Babka
2024-10-21 13:50 ` Lorenzo Stoakes
2024-10-20 16:20 ` [PATCH v2 2/5] mm: add PTE_MARKER_GUARD PTE marker Lorenzo Stoakes
2024-10-21 13:45 ` Vlastimil Babka
2024-10-21 19:57 ` Lorenzo Stoakes
2024-10-21 20:42 ` Lorenzo Stoakes
2024-10-21 21:13 ` Lorenzo Stoakes
2024-10-21 21:20 ` Dave Hansen
2024-10-21 14:13 ` Vlastimil Babka
2024-10-21 14:33 ` Lorenzo Stoakes
2024-10-21 14:54 ` Vlastimil Babka
2024-10-21 15:33 ` Lorenzo Stoakes
2024-10-21 15:41 ` Lorenzo Stoakes
2024-10-21 16:00 ` David Hildenbrand
2024-10-21 16:23 ` Lorenzo Stoakes
2024-10-21 16:44 ` David Hildenbrand
2024-10-21 16:51 ` Lorenzo Stoakes
2024-10-21 17:00 ` David Hildenbrand
2024-10-21 17:14 ` Lorenzo Stoakes
2024-10-21 17:21 ` David Hildenbrand
2024-10-21 17:26 ` Vlastimil Babka
2024-10-22 19:13 ` David Hildenbrand
2024-10-20 16:20 ` [PATCH v2 3/5] mm: madvise: implement lightweight guard page mechanism Lorenzo Stoakes
2024-10-21 17:05 ` David Hildenbrand
2024-10-21 17:15 ` Lorenzo Stoakes
2024-10-21 17:23 ` David Hildenbrand
2024-10-21 19:25 ` John Hubbard
2024-10-21 19:39 ` Lorenzo Stoakes
2024-10-21 20:18 ` David Hildenbrand
2024-10-21 20:11 ` Vlastimil Babka
2024-10-21 20:17 ` David Hildenbrand
2024-10-21 20:25 ` Vlastimil Babka
2024-10-21 20:30 ` Lorenzo Stoakes
2024-10-21 20:37 ` David Hildenbrand
2024-10-21 20:49 ` Lorenzo Stoakes
2024-10-21 21:20 ` David Hildenbrand
2024-10-21 21:33 ` Lorenzo Stoakes
2024-10-21 21:35 ` Vlastimil Babka
2024-10-21 21:46 ` Lorenzo Stoakes
2024-10-22 19:18 ` David Hildenbrand
2024-10-21 20:27 ` Lorenzo Stoakes
2024-10-21 20:45 ` Vlastimil Babka
2024-10-22 19:08 ` Jann Horn
2024-10-22 19:35 ` Lorenzo Stoakes
2024-10-22 19:57 ` Jann Horn
2024-10-22 20:45 ` Lorenzo Stoakes
2024-10-20 16:20 ` [PATCH v2 4/5] tools: testing: update tools UAPI header for mman-common.h Lorenzo Stoakes
2024-10-20 16:20 ` [PATCH v2 5/5] selftests/mm: add self tests for guard page feature Lorenzo Stoakes
2024-10-21 21:31 ` Shuah Khan
2024-10-22 10:25 ` Lorenzo Stoakes
2024-10-20 17:37 ` [PATCH v2 0/5] implement lightweight guard pages Florian Weimer
2024-10-20 19:45 ` Lorenzo Stoakes
2024-10-23 6:24 ` Dmitry Vyukov
2024-10-23 7:19 ` David Hildenbrand
2024-10-23 8:11 ` Lorenzo Stoakes
2024-10-23 8:56 ` Dmitry Vyukov
2024-10-23 9:06 ` Vlastimil Babka
2024-10-23 9:13 ` David Hildenbrand
2024-10-23 9:18 ` Lorenzo Stoakes
2024-10-23 9:29 ` David Hildenbrand
2024-10-23 11:31 ` Marco Elver
2024-10-23 11:36 ` David Hildenbrand
2024-10-23 11:40 ` Lorenzo Stoakes
2024-10-23 9:17 ` Dmitry Vyukov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CACT4Y+Z=fjoOxn8NY8kYJd2CC1SkmjkmAmqSzJbQiU04G=BEvw@mail.gmail.com' \
--to=dvyukov@google.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=Liam.Howlett@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=brauner@kernel.org \
--cc=chris@zankel.net \
--cc=david@redhat.com \
--cc=deller@gmx.de \
--cc=elver@google.com \
--cc=fw@deneb.enyo.de \
--cc=hch@infradead.org \
--cc=ink@jurassic.park.msu.ru \
--cc=jannh@google.com \
--cc=jcmvbkbc@gmail.com \
--cc=jeffxu@chromium.org \
--cc=jhubbard@nvidia.com \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-parisc@vger.kernel.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=mattst88@gmail.com \
--cc=muchun.song@linux.dev \
--cc=paulmck@kernel.org \
--cc=richard.henderson@linaro.org \
--cc=shuah@kernel.org \
--cc=sidhartha.kumar@oracle.com \
--cc=surenb@google.com \
--cc=torvalds@linux-foundation.org \
--cc=tsbogend@alpha.franken.de \
--cc=vbabka@suse.cz \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox