Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp675218imd; Fri, 26 Oct 2018 15:13:07 -0700 (PDT) X-Google-Smtp-Source: AJdET5f+kc3wHMLTdsaI31AnvbMsWBc8PURxFyBLr6xf1x2Xm3yuk0fIcdlsZUT4SyL8LijMPIJH X-Received: by 2002:a62:3c6:: with SMTP id 189-v6mr806765pfd.19.1540591987270; Fri, 26 Oct 2018 15:13:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540591987; cv=none; d=google.com; s=arc-20160816; b=GDHaZLsLK99DbtscLXxvAjyB9Xgsf5o9//Dute3JnY8aTwuYebo7MMa9Qrpo2G2cGo Q9Mn9zQz6D3dWQ7/p3u2s7K+g3Jvbnkh988IMF8L7aDxqTq7QO+ExXlkjuVP/KTQbuh+ NgILpTmcd3yLLKo70fiNgNCDW++/80sP20f+Ovy0P2zWLV1Y66o/q06vZ40J9LGJ9CsD PYtsCt7tZ6VcGO9yxa7+V3Y2k3FBPbsd57MN/2d2OqfGsw4MlWsErZBoKJH+1Q6COQ94 DA/YudGrXQhHVRiy37AJGTpNNvIDizMTaGnJsPpG1jqpq2d0HjenYiWGEH2fchAG7lPT 51cQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version:dkim-signature; bh=a4UC4yKFcXdXacrJcB52mxNOCfLa+dsVv9PFieIFAtI=; b=nrfCTOUpR8DICyDxul4q1ybAMz0slK2TrM/T87pSzmiBJH9bNkCFvhkN/NKR2hdC5x KTGrSh+U+kZRVaC/fWvBTb95HVHjIe1VsiSDb6W0ckNoXMsM9t+xKpvb83FQHFg1f/6z L0MCEf15I1gjTIulP7mW2T3Y9AXkSiz9genbpfChxlw3flmpXxXsA47M1A3A8dkZVX1t DR4nRdnqVdbAQIudgpwPp2xR7761rqnkq55AaYfrbyNvdFEVW616mrU27DDki16Um07I DOtwS82YqpoX/Yj8/WL6tPS5lRo482Zr56Z0VgWexzKAa6D8d/Oru/4KA3QtibrnKzhN iH7Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=GUNZ0oRu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r3-v6si12708327pga.321.2018.10.26.15.12.42; Fri, 26 Oct 2018 15:13:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=GUNZ0oRu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727785AbeJ0GvH (ORCPT + 99 others); Sat, 27 Oct 2018 02:51:07 -0400 Received: from mail-pf1-f196.google.com ([209.85.210.196]:47017 "EHLO mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726418AbeJ0GvH (ORCPT ); Sat, 27 Oct 2018 02:51:07 -0400 Received: by mail-pf1-f196.google.com with SMTP id r64-v6so1168151pfb.13 for ; Fri, 26 Oct 2018 15:12:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=a4UC4yKFcXdXacrJcB52mxNOCfLa+dsVv9PFieIFAtI=; b=GUNZ0oRuo+hP0p3TJrKS7sW6+O5E3Uh6RpfVHOqs8zAn/u16Z3bnKPdNwbKleoUUWX NgcgI8sGW+SvRkCgVJAoJH4aZKxCyi5lMk8YtCngv+pgvVy98ETiU1yLD9UitGdrjbK5 Pww3ZH6dgMlj1NUiwMF52RcGuSkIqKz0ClN8MVmJWezt1mFrINfVE5QfMOWXjbERUicC 7HnCIFvyqKb5iD0LhlNqHm6bXxq/gxwc1kmXEj2IdA8Gsb+5EPpIc9W0ycieCz1Ya5QM a0NbvUGzR8HBOVmL+xElUXJCu8FrV2uXc08OWiN0wqzmSb7Ciz2tmstboFBOfamllKH/ K+wQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=a4UC4yKFcXdXacrJcB52mxNOCfLa+dsVv9PFieIFAtI=; b=IPZ6jvgMPlIfWe+ukhEbHGpkEMs4qf4rkB34dbxe2ANZYlupAmStoGJ6fZrUridaH1 wqIpLPal5cUyvQskGHIbw/745kZtghT09NYE5qoBG5Twsd6e40n+qgTewl2qrnBOKIpF RzEBVvbAK2a1OtHdz0jaeeCL1Q1QtjUWzt9+zh2Cp/cpDCbYWExdjLj8f8HIsMSPRKyC stldIUKsIpK+3nuL/98WxdRaEa4obOhUpQfZaEFmZThNYjkpSiBRRek7XwT6JsBotQUF c7h9Nougvb6xAVQfZEbzodcX4sMf3MSj7weHnY4zF+wHOOry7gV0XUG6xmdW93DVgqdT alNA== X-Gm-Message-State: AGRZ1gKXVuRw9EFbMH0nmEIBCEk3Fr2Nu2yfyBNHuL0KT6GzBU1xO4Rh Y41IHWePHhAtpre4B1rqbTg2Qw== X-Received: by 2002:a63:3287:: with SMTP id y129mr5173696pgy.337.1540591940720; Fri, 26 Oct 2018 15:12:20 -0700 (PDT) Received: from ?IPv6:2601:646:c200:7429:2c01:d6c7:c113:66a2? ([2601:646:c200:7429:2c01:d6c7:c113:66a2]) by smtp.gmail.com with ESMTPSA id t11-v6sm15402577pgn.38.2018.10.26.15.12.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 26 Oct 2018 15:12:19 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) Subject: Re: [PATCH 1/2] x86/pkeys: copy pkey state at fork() From: Andy Lutomirski X-Mailer: iPhone Mail (16A404) In-Reply-To: Date: Fri, 26 Oct 2018 15:12:17 -0700 Cc: Dave Hansen , Dave Hansen , kernel list , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" , X86 ML , Peter Zijlstra , Michael Ellerman , Will Deacon , Andy Lutomirski , jroedel@suse.de Content-Transfer-Encoding: quoted-printable Message-Id: References: <20181026195146.9C7C1136@viggo.jf.intel.com> <0e5fd8bc-0b18-ea88-ed95-ec81a44d0783@intel.com> To: Daniel Micay Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Oct 26, 2018, at 2:39 PM, Daniel Micay wrote: >=20 > I ended up working around this with a pthread_atfork handler disabling > my usage of the feature in the child process for the time being. I > don't have an easy way to detect if the bug is present within a > library so Can you not just make sure that the fix is backported to all relevant kernel= s? I suppose we could add a new flag for pkey_get() or something. > I'm going to need a kernel version check with a table of > kernel releases fixing the problem for each stable branch. That won=E2=80=99t work right on district kernels. Please don=E2=80=99t go t= here. >=20 > It would be helpful if there was a new cpuinfo flag to check if the > MPK state is preserved on fork in addition to the existing ospke flag. > The problem will fade away over time but in my experience there are a > lot of people using distributions with kernels not incorporating all > of the stable fixes. I expect other people will run into the problem > once hardware with MPK is more widely available and other people try > to use it for various things like moving GC or assorted security > features. Someone will end up running software adopting it on an older > kernel with the problem. >=20 > The clobbering issue I found with MAP_FIXED_NOREPLACE isn't quite > as annoying because it was easy to make a runtime test usable in a library= > to see if the feature works properly.