several caprevoke optimizations #2195
Open
+142
−28
Commits on Oct 9, 2024
-
caprevoke: Make the skip_fault optimization smarter
If, when scanning, we reach a VA that is unmapped and corresponds to a non-resident page, and the VM object is swap-backed and has no swap blocks assigned, we skip to the next resident page. Extend this optimization to the case where the object has swap blocks assigned: the in-memory tracking structure for a swap block includes a bitmap of all the capability tags, so when skipping we can search for the closer of - the next resident page - the next page backed by a swap block that has at least one capability tag.
-
caprevoke: Skip VM objects that have OBJ_HASCAP clear
This skips over vnode mappings that have PROT_READ_CAP set in max_prot and thus avoids a lot of needless scanning. Add some counters so that we can see the relative effectiveness of different checks in reducing the number of scanned virtual pages.
-
caprevoke: Bail if the target process exited during an async scan
This avoids some needless work in cases where a short-lived process triggers async revocation.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.