[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH XEN v8 24/29] tools/libs/call: linux: touch newly allocated pages after madvise lockdown



On Tue, 2016-01-19 at 14:58 +0000, Wei Liu wrote:
> On Tue, Jan 19, 2016 at 03:54:54PM +0100, Roger Pau Monnà wrote:
> > El 19/01/16 a les 14.24, Wei Liu ha escrit:
> > > On Fri, Jan 15, 2016 at 01:23:03PM +0000, Ian Campbell wrote:
> > > > This avoids a potential issue with a fork after allocation but
> > > > before
> > > > madvise.
> > > > 
> > > > Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
> > > > ---
> > > > v7: New, replacing "tools/libs/call: linux: avoid forking between
> > > > mmap
> > > > ÂÂÂÂand madvise".
> > > > ---
> > > > Âtools/libs/call/linux.c | 14 +++++++++++++-
> > > > Â1 file changed, 13 insertions(+), 1 deletion(-)
> > > > 
> > > > diff --git a/tools/libs/call/linux.c b/tools/libs/call/linux.c
> > > > index 3641e41..651f380 100644
> > > > --- a/tools/libs/call/linux.c
> > > > +++ b/tools/libs/call/linux.c
> > > 
> > > I didn't notice you only handled this for Linux until now.
> > > 
> > > I think FreeBSD and NetBSD need similar treatment, too? But then
> > > current
> > > BSD* code doesn't even support DONTFORK in madvise.
> > > 
> > > Adding Roger for more input.
> > 
> > Hm, right, thanks for noticing this. I don't think FreeBSD needs a
> > similar treatment (pre-faulting), because mlock will remove any CoW
> > when
> > making the pages wired.
> > 
> > Also, AFAICT we don't need to call madvise or minherit(2) because
> > mlock(2) already takes care of preventing the memory region from being
> > copied to the child on fork:
> > 
> > "Locked mappings are not inherited by the child process after a
> > fork(2)." [0]
> > 
> > So I think we are safe on the FreeBSD side.
> > 
> 
> But what if the process forks between mmap and mlock? I think that
> warrants touching the area like we do for Linux here.

mlock guarantees the memory is populated, I think, which is equivalent to
touching it.

On Linux we use madvise not mlock, which doesn't make the same claims.

> 
Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.