From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "Dave Hansen" <dave.hansen@intel.com>,
"Dmitrii Kuvaiskii" <dmitrii.kuvaiskii@intel.com>,
<dave.hansen@linux.intel.com>, <kai.huang@intel.com>,
<haitao.huang@linux.intel.com>, <reinette.chatre@intel.com>,
<linux-sgx@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Cc: mona.vij@intel.com, kailun.qin@intel.com, stable@vger.kernel.org,
"Marcelina Kościelnicka" <mwk@invisiblethingslab.com>
Subject: Re: [PATCH v2 1/2] x86/sgx: Resolve EAUG race where losing thread returns SIGBUS
Date: Wed, 15 May 2024 17:28:43 +0300 [thread overview]
Message-ID: <D1AAFDCSFYH1.11RF8JUS2NEZS@kernel.org> (raw)
In-Reply-To: <58e9d453-7909-4157-86fd-a2d5561e728e@intel.com>
On Wed May 15, 2024 at 5:15 PM EEST, Dave Hansen wrote:
> On 5/15/24 06:54, Jarkko Sakkinen wrote:
> > I'd cut out 90% of the description out and just make the argument of
> > the wrong error code, and done. The sequence is great for showing
> > how this could happen. The prose makes my head hurt tbh.
>
> The changelog is too long, but not fatally so. I'd much rather have a
> super verbose description than something super sparse.
>
> Would something like this make more sense to folks?
>
> Imagine an mmap()'d file. Two threads touch the same address at
> the same time and fault. Both allocate a physical page and race
> to install a PTE for that page. Only one will win the race. The
> loser frees its page, but still continues handling the fault as
> a success and returns VM_FAULT_NOPAGE from the fault handler.
>
> The same race can happen with SGX. But there's a bug: the loser
> in the SGX steers into a failure path. The loser EREMOVE's the
> winner's EPC page, then returns SIGBUS, likely killing the app.
>
> Fix the SGX loser's behavior. Change the return code to
> VM_FAULT_NOPAGE to avoid SIGBUS and call sgx_free_epc_page()
> which avoids EREMOVE'ing the winner's page and only frees the
> page that the loser allocated.
Yes!
I did read the whole thing. My comment was only related to the
chain of maintainers who also have to deal with this patch
eventually.
BR, Jarkko
next prev parent reply other threads:[~2024-05-15 14:28 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-15 13:12 [PATCH v2 0/2] x86/sgx: Fix two data races in EAUG/EREMOVE flows Dmitrii Kuvaiskii
2024-05-15 13:12 ` [PATCH v2 1/2] x86/sgx: Resolve EAUG race where losing thread returns SIGBUS Dmitrii Kuvaiskii
2024-05-15 13:54 ` Jarkko Sakkinen
2024-05-15 13:56 ` Jarkko Sakkinen
2024-05-15 14:15 ` Dave Hansen
2024-05-15 14:28 ` Jarkko Sakkinen [this message]
2024-05-15 15:58 ` Reinette Chatre
2024-05-15 16:39 ` Jarkko Sakkinen
2024-05-15 22:01 ` Haitao Huang
2024-05-15 13:12 ` [PATCH v2 2/2] x86/sgx: Resolve EREMOVE page vs EAUG page data race Dmitrii Kuvaiskii
2024-05-15 14:44 ` Jarkko Sakkinen
2024-05-15 15:52 ` Reinette Chatre
2024-05-15 21:59 ` Haitao Huang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D1AAFDCSFYH1.11RF8JUS2NEZS@kernel.org \
--to=jarkko@kernel.org \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dmitrii.kuvaiskii@intel.com \
--cc=haitao.huang@linux.intel.com \
--cc=kai.huang@intel.com \
--cc=kailun.qin@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-sgx@vger.kernel.org \
--cc=mona.vij@intel.com \
--cc=mwk@invisiblethingslab.com \
--cc=reinette.chatre@intel.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).