Re: [kernel-hardening] [PATCH v5 03/32] x86/cpa: In populate_pgd, don't set the pgd entry until it's populated

On Sat, 23 Jul 2016 16:58:16 +0200, Nicolai Stange said: > valdis.kletni...@vt.edu writes: > The reason the patch didn't work for Valdis might be that there is > another issue in next-20150722 with the same symptoms (provided you > don't watch the serial console). Valdis, did you apply the provide

Re: [kernel-hardening] [PATCH v5 03/32] x86/cpa: In populate_pgd, don't set the pgd entry until it's populated

valdis.kletni...@vt.edu writes: > On Thu, 21 Jul 2016 22:34:33 -0700, Andy Lutomirski said: > >> How much memory do you have and what's your config? My code is >> obviously buggy, but I'm wondering why neither I nor the 0day bot caught >> this. > > Probably because your devel box and the 0day bot

Re: [kernel-hardening] [PATCH v5 03/32] x86/cpa: In populate_pgd, don't set the pgd entry until it's populated

On Thu, 21 Jul 2016 22:34:33 -0700, Andy Lutomirski said: > How much memory do you have and what's your config? My code is > obviously buggy, but I'm wondering why neither I nor the 0day bot caught > this. Probably because your devel box and the 0day bot both have 4-level page tables and the dua

Re: [kernel-hardening] [PATCH v5 03/32] x86/cpa: In populate_pgd, don't set the pgd entry until it's populated

* Andy Lutomirski wrote: > This garbage (as evidenced by my bug and my failed attempt to fix it) > only works if you never have a low-level page table that isn't linked > into a higher-level page table, and it mostly requires you to do > everything exactly the way it was originally done so all t

Re: [kernel-hardening] [PATCH v5 03/32] x86/cpa: In populate_pgd, don't set the pgd entry until it's populated

On Fri, Jul 22, 2016 at 11:21 AM, Andy Lutomirski wrote: > On Fri, Jul 22, 2016 at 3:21 AM, Ingo Molnar wrote: >> >> * Andy Lutomirski wrote: >> >>> On 07/21/2016 09:43 PM, valdis.kletni...@vt.edu wrote: >>> >On Mon, 11 Jul 2016 13:53:36 -0700, Andy Lutomirski said: >>> >>This avoids pointless r

Re: [kernel-hardening] [PATCH v5 03/32] x86/cpa: In populate_pgd, don't set the pgd entry until it's populated

On Fri, Jul 22, 2016 at 3:21 AM, Ingo Molnar wrote: > > * Andy Lutomirski wrote: > >> On 07/21/2016 09:43 PM, valdis.kletni...@vt.edu wrote: >> >On Mon, 11 Jul 2016 13:53:36 -0700, Andy Lutomirski said: >> >>This avoids pointless races in which another CPU or task might see a >> >>partially popul

Re: [kernel-hardening] [PATCH v5 03/32] x86/cpa: In populate_pgd, don't set the pgd entry until it's populated

* Andy Lutomirski wrote: > On 07/21/2016 09:43 PM, valdis.kletni...@vt.edu wrote: > >On Mon, 11 Jul 2016 13:53:36 -0700, Andy Lutomirski said: > >>This avoids pointless races in which another CPU or task might see a > >>partially populated global pgd entry. These races should normally > >>be ha

Re: [kernel-hardening] [PATCH v5 03/32] x86/cpa: In populate_pgd, don't set the pgd entry until it's populated

On 07/21/2016 09:43 PM, valdis.kletni...@vt.edu wrote: On Mon, 11 Jul 2016 13:53:36 -0700, Andy Lutomirski said: This avoids pointless races in which another CPU or task might see a partially populated global pgd entry. These races should normally be harmless, but, if another CPU propagates the

Re: [kernel-hardening] [PATCH v5 03/32] x86/cpa: In populate_pgd, don't set the pgd entry until it's populated

On Mon, 11 Jul 2016 13:53:36 -0700, Andy Lutomirski said: > This avoids pointless races in which another CPU or task might see a > partially populated global pgd entry. These races should normally > be harmless, but, if another CPU propagates the entry via > vmalloc_fault and then populate_pgd fai