Received: by 2002:ac0:8c9a:0:0:0:0:0 with SMTP id r26csp79307ima; Thu, 31 Jan 2019 23:22:43 -0800 (PST) X-Google-Smtp-Source: ALg8bN4NcPNAnbo5WGlBFIEAj/ec7pVy/2BCjyJmmFMm2vmSzVspxH5adDSTyxUxgN8mHR5NksR/ X-Received: by 2002:a62:b9a:: with SMTP id 26mr38491686pfl.196.1549005763216; Thu, 31 Jan 2019 23:22:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549005763; cv=none; d=google.com; s=arc-20160816; b=hIgDWrFQcldDrVb7eSjs2O2QdxdYAMTM8ri1cBtJPcvpKJu9op+oh7AoKIjykofVcb imCGd+7++fRG/NSc2qni67NNTIFiXCtchVdcxrakXzn3Qo7Pfo1tfM+52Fl20IP5fWeB GgXNOm/0gpF4NlEElhLn7uTd8rQ3OIPwz+mzzBM8Ck6GSrwdo9zGAecJokzK4rTlQhK4 ba7YMqOx2YvZmQWgOvjoza7P3YCjQn3GeY6q5vdf/sYQQ4tvSvl9Q+cGQaiLlNvJ8rIL nbLtjp4Kxe3JTpvDW9hhNTt2KUcGdMrFAp8HH8iutKEHsipgUuOSppzovK8lKaeagtI0 TbQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=P18BFRM3FHB2HT0zP5dgNZMDiNjCSTJ5pMr531eoN/M=; b=NRoiSK7iEGP8XmmMo3exi4FvnrVdEHf27IjraqNpctCPf2RitD9Kz+xecL3Ofo4ZKl QgcyUwQzhfAdOPTTfGCn9EpYA0+Y8jeWXB+VPfPUnPU9nMt77csuA9+Vi2OgRxQN0Et4 diQAHoHl42Ev5sdnZJlRbVk+uut4J1bXdrt+iF4cQEkQtAFzBS1bLfVxylPwxUljWHWA viwtgF7Pf5Fi6JK69hgCLw5/9orCpWY4hGLG+5K3H3ErErtUWCfJ0JIenIieYEcxVyli ge5c0n+tIV9kCQjKtAujayBxAQONfLMhmLAx3VLi+9zYi8CXiqOVvLAkuU1eocQ9LC4+ Cetw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=Dz9K88dH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x61si6846854plb.303.2019.01.31.23.22.24; Thu, 31 Jan 2019 23:22:43 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=Dz9K88dH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726734AbfBAHWP (ORCPT + 99 others); Fri, 1 Feb 2019 02:22:15 -0500 Received: from mail-lj1-f195.google.com ([209.85.208.195]:36112 "EHLO mail-lj1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725807AbfBAHWP (ORCPT ); Fri, 1 Feb 2019 02:22:15 -0500 Received: by mail-lj1-f195.google.com with SMTP id g11-v6so4939083ljk.3 for ; Thu, 31 Jan 2019 23:22:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=P18BFRM3FHB2HT0zP5dgNZMDiNjCSTJ5pMr531eoN/M=; b=Dz9K88dHG0MbOo5xXIKHy6zdQlsgU8yR75VOq/fcOVBfdMTH0TkY2f7OZ29Vni7G7T PrPv8xbCSagWseLm8k1O37oAaGqIQshCQSPPfK6Op87yEDO24e8qkElqk+QU7F0wW8Bm eG7DkoUiiW6lL19Q6f2MiV+avBrpKbTpyAAkI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=P18BFRM3FHB2HT0zP5dgNZMDiNjCSTJ5pMr531eoN/M=; b=BaVOwQQk+5lOnMA6DjopcozAWt2d6WSCB9ic6hbYGgz8t6MHu/bBU8iSFDv0c4kT9s MxlI86Wj4EZBcK1ZKvB7cspNgol14dggmvHcQaQT4smP/Nld2zgou31oWulDBtfzKske i0UvBzEGyjqXSUVKYNKrIFwLQfKbyevpXPd40BgDH2hxBLQtnsOmwfxB57pVWQ8Lo09L q5CxOi2tBvB7/nB4e6LkuChkJ8V46Jj4X80kZ4TOSVgnv2i3+dZ84T+rJKFJ2FFV+GLc L1T93CaRRioj6790HWSvWxAGHtp3g8S2SgjYrwD9VMsggvZCUrKyJO+N5iu55iuMCm3r CbOQ== X-Gm-Message-State: AJcUukfqkKNEv7A4icIbXVkZR7J8G4IuwWvEI8ThyOAQWZKqhLNZS11f V06PsvvRhTWy65AtmMep0jJrqKHbMB4= X-Received: by 2002:a2e:3509:: with SMTP id z9-v6mr31937390ljz.54.1549005731848; Thu, 31 Jan 2019 23:22:11 -0800 (PST) Received: from mail-lf1-f54.google.com (mail-lf1-f54.google.com. [209.85.167.54]) by smtp.gmail.com with ESMTPSA id e97-v6sm1158341lji.51.2019.01.31.23.22.10 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 31 Jan 2019 23:22:10 -0800 (PST) Received: by mail-lf1-f54.google.com with SMTP id b20so4252804lfa.12 for ; Thu, 31 Jan 2019 23:22:10 -0800 (PST) X-Received: by 2002:a19:ef15:: with SMTP id n21mr29965253lfh.21.1549005729676; Thu, 31 Jan 2019 23:22:09 -0800 (PST) MIME-Version: 1.0 References: <20190130124420.1834-1-vbabka@suse.cz> <20190130124420.1834-3-vbabka@suse.cz> <20190131095644.GR18811@dhcp22.suse.cz> <20190131102348.GT18811@dhcp22.suse.cz> <20190201051355.GV6173@dastard> In-Reply-To: From: Linus Torvalds Date: Thu, 31 Jan 2019 23:21:53 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 2/3] mm/filemap: initiate readahead even if IOCB_NOWAIT is set for the I/O To: Dave Chinner Cc: Michal Hocko , Jiri Kosina , Vlastimil Babka , Andrew Morton , Linux List Kernel Mailing , Linux-MM , Linux API , Peter Zijlstra , Greg KH , Jann Horn , Dominique Martinet , Andy Lutomirski , Kevin Easton , Matthew Wilcox , Cyril Hrubis , Tejun Heo , "Kirill A . Shutemov" , Daniel Gruss , linux-fsdevel Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 31, 2019 at 11:05 PM Linus Torvalds wrote: > > And part of "best effort" is very much "not a security information leak". Side note: it's entirely possible that the preadv2(RWF_NOWAIT) interface is actually already effectively too slow to be effectively used as much of an attack vector. One of the advantages of mincore() for the attack was that you could just get a lot of page status information in one go. With RWF_NOWAIT, you only really get "up to the first non-cached page", so it's already a weaker signal than mincore() gave. System calls aren't horrendously slow (at least not with fixed non-meltdown CPU's), but it might still be a somewhat noticeable inconvenience in an attack that is already probably not all that easy to do on an arbitrary target. So it might not be a huge deal. But I think we should at least try to make things less useful for these kinds of attack vectors. And no, that doesn't mean "stop all theoretical attacks". It means "let's try to make things less convenient as a data leak". That's why things like "oh, you can still see the signal if you can keep the backing device congested" is not something I'd worry about. It's just another (big) inconvenience, and not all that simple to do. At some point, it's simply not worth it as an attack vector any more. Linus