[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH XEN v8 24/29] tools/libs/call: linux: touch newly allocated pages after madvise lockdown



On Tue, Jan 19, 2016 at 03:03:31PM +0000, Ian Campbell wrote:
> On Tue, 2016-01-19 at 14:58 +0000, Wei Liu wrote:
> > On Tue, Jan 19, 2016 at 03:54:54PM +0100, Roger Pau Monné wrote:
> > > El 19/01/16 a les 14.24, Wei Liu ha escrit:
> > > > On Fri, Jan 15, 2016 at 01:23:03PM +0000, Ian Campbell wrote:
> > > > > This avoids a potential issue with a fork after allocation but
> > > > > before
> > > > > madvise.
> > > > > 
> > > > > Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
> > > > > ---
> > > > > v7: New, replacing "tools/libs/call: linux: avoid forking between
> > > > > mmap
> > > > >     and madvise".
> > > > > ---
> > > > >  tools/libs/call/linux.c | 14 +++++++++++++-
> > > > >  1 file changed, 13 insertions(+), 1 deletion(-)
> > > > > 
> > > > > diff --git a/tools/libs/call/linux.c b/tools/libs/call/linux.c
> > > > > index 3641e41..651f380 100644
> > > > > --- a/tools/libs/call/linux.c
> > > > > +++ b/tools/libs/call/linux.c
> > > > 
> > > > I didn't notice you only handled this for Linux until now.
> > > > 
> > > > I think FreeBSD and NetBSD need similar treatment, too? But then
> > > > current
> > > > BSD* code doesn't even support DONTFORK in madvise.
> > > > 
> > > > Adding Roger for more input.
> > > 
> > > Hm, right, thanks for noticing this. I don't think FreeBSD needs a
> > > similar treatment (pre-faulting), because mlock will remove any CoW
> > > when
> > > making the pages wired.
> > > 
> > > Also, AFAICT we don't need to call madvise or minherit(2) because
> > > mlock(2) already takes care of preventing the memory region from being
> > > copied to the child on fork:
> > > 
> > > "Locked mappings are not inherited by the child process after a
> > > fork(2)." [0]
> > > 
> > > So I think we are safe on the FreeBSD side.
> > > 
> > 
> > But what if the process forks between mmap and mlock? I think that
> > warrants touching the area like we do for Linux here.
> 
> mlock guarantees the memory is populated, I think, which is equivalent to
> touching it.
> 
> On Linux we use madvise not mlock, which doesn't make the same claims.
> 

I see. I wonder why we didn't use mlock(2) in Linux too in the first
place.

Wei.

> > 
> Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.