From: Joerg Roedel <joro@8bytes.org>
To: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@kernel.org>, "H . Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@intel.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Juergen Gross <jgross@suse.com>,
Peter Zijlstra <peterz@infradead.org>,
Borislav Petkov <bp@alien8.de>, Jiri Kosina <jkosina@suse.cz>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Brian Gerst <brgerst@gmail.com>,
David Laight <David.Laight@aculab.com>,
Denys Vlasenko <dvlasenk@redhat.com>,
Eduardo Valentin <eduval@amazon.com>,
Greg KH <gregkh@linuxfoundation.org>,
Will Deacon <will.deacon@arm.com>,
aliguori@amazon.com, daniel.gruss@iaik.tugraz.at,
hughd@google.com, keescook@google.com,
Andrea Arcangeli <aarcange@redhat.com>,
Waiman Long <llong@redhat.com>,
jroedel@suse.de, joro@8bytes.org
Subject: [PATCH 09/16] x86/mm/pti: Clone CPU_ENTRY_AREA on PMD level on x86_32
Date: Tue, 16 Jan 2018 17:36:52 +0100 [thread overview]
Message-ID: <1516120619-1159-10-git-send-email-joro@8bytes.org> (raw)
In-Reply-To: <1516120619-1159-1-git-send-email-joro@8bytes.org>
From: Joerg Roedel <jroedel@suse.de>
Cloning on the P4D level would clone the complete kernel
address space into the user-space page-tables for PAE
kernels. Cloning on PMD level is fine for PAE and legacy
paging.
Signed-off-by: Joerg Roedel <jroedel@suse.de>
---
arch/x86/mm/pti.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c
index ce38f165489b..20be21301a59 100644
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -308,6 +308,7 @@ pti_clone_pmds(unsigned long start, unsigned long end, pmdval_t clear)
}
}
+#ifdef CONFIG_X86_64
/*
* Clone a single p4d (i.e. a top-level entry on 4-level systems and a
* next-level entry on 5-level systems.
@@ -322,13 +323,29 @@ static void __init pti_clone_p4d(unsigned long addr)
kernel_p4d = p4d_offset(kernel_pgd, addr);
*user_p4d = *kernel_p4d;
}
+#endif
/*
* Clone the CPU_ENTRY_AREA into the user space visible page table.
*/
static void __init pti_clone_user_shared(void)
{
+#ifdef CONFIG_X86_32
+ /*
+ * On 32 bit PAE systems with 1GB of Kernel address space there is only
+ * one pgd/p4d for the whole kernel. Cloning that would map the whole
+ * address space into the user page-tables, making PTI useless. So clone
+ * the page-table on the PMD level to prevent that.
+ */
+ unsigned long start, end;
+
+ start = CPU_ENTRY_AREA_BASE;
+ end = start + (PAGE_SIZE * CPU_ENTRY_AREA_PAGES);
+
+ pti_clone_pmds(start, end, _PAGE_GLOBAL);
+#else
pti_clone_p4d(CPU_ENTRY_AREA_BASE);
+#endif
}
/*
--
2.13.6
WARNING: multiple messages have this Message-ID (diff)
From: Joerg Roedel <joro@8bytes.org>
To: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@kernel.org>, "H . Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@intel.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Juergen Gross <jgross@suse.com>,
Peter Zijlstra <peterz@infradead.org>,
Borislav Petkov <bp@alien8.de>, Jiri Kosina <jkosina@suse.cz>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Brian Gerst <brgerst@gmail.com>,
David Laight <David.Laight@aculab.com>,
Denys Vlasenko <dvlasenk@redhat.com>,
Eduardo Valentin <eduval@amazon.com>,
Greg KH <gregkh@linuxfoundation.org>,
Will Deacon <will.deacon@arm.com>,
aliguori@amazon.com, daniel.gruss@iaik.tugraz.at,
hughd@google.com, keescook@google.com,
Andrea Arcangeli <aarcange@redhat.com>,
Waiman Long <llong@redhat.com>,
jroedel@suse.de, joro@8bytes.org
Subject: [PATCH 09/16] x86/mm/pti: Clone CPU_ENTRY_AREA on PMD level on x86_32
Date: Tue, 16 Jan 2018 17:36:52 +0100 [thread overview]
Message-ID: <1516120619-1159-10-git-send-email-joro@8bytes.org> (raw)
In-Reply-To: <1516120619-1159-1-git-send-email-joro@8bytes.org>
From: Joerg Roedel <jroedel@suse.de>
Cloning on the P4D level would clone the complete kernel
address space into the user-space page-tables for PAE
kernels. Cloning on PMD level is fine for PAE and legacy
paging.
Signed-off-by: Joerg Roedel <jroedel@suse.de>
---
arch/x86/mm/pti.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c
index ce38f165489b..20be21301a59 100644
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -308,6 +308,7 @@ pti_clone_pmds(unsigned long start, unsigned long end, pmdval_t clear)
}
}
+#ifdef CONFIG_X86_64
/*
* Clone a single p4d (i.e. a top-level entry on 4-level systems and a
* next-level entry on 5-level systems.
@@ -322,13 +323,29 @@ static void __init pti_clone_p4d(unsigned long addr)
kernel_p4d = p4d_offset(kernel_pgd, addr);
*user_p4d = *kernel_p4d;
}
+#endif
/*
* Clone the CPU_ENTRY_AREA into the user space visible page table.
*/
static void __init pti_clone_user_shared(void)
{
+#ifdef CONFIG_X86_32
+ /*
+ * On 32 bit PAE systems with 1GB of Kernel address space there is only
+ * one pgd/p4d for the whole kernel. Cloning that would map the whole
+ * address space into the user page-tables, making PTI useless. So clone
+ * the page-table on the PMD level to prevent that.
+ */
+ unsigned long start, end;
+
+ start = CPU_ENTRY_AREA_BASE;
+ end = start + (PAGE_SIZE * CPU_ENTRY_AREA_PAGES);
+
+ pti_clone_pmds(start, end, _PAGE_GLOBAL);
+#else
pti_clone_p4d(CPU_ENTRY_AREA_BASE);
+#endif
}
/*
--
2.13.6
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2018-01-16 16:48 UTC|newest]
Thread overview: 183+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-16 16:36 [RFC PATCH 00/16] PTI support for x86-32 Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 16:36 ` [PATCH 01/16] x86/entry/32: Rename TSS_sysenter_sp0 to TSS_sysenter_stack Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 18:35 ` Thomas Gleixner
2018-01-16 18:35 ` Thomas Gleixner
2018-01-16 16:36 ` [PATCH 02/16] x86/entry/32: Enter the kernel via trampoline stack Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 20:30 ` Thomas Gleixner
2018-01-16 20:30 ` Thomas Gleixner
2018-01-16 22:37 ` Andy Lutomirski
2018-01-16 22:37 ` Andy Lutomirski
2018-01-16 22:45 ` Andy Lutomirski
2018-01-16 22:45 ` Andy Lutomirski
2018-01-17 9:18 ` Joerg Roedel
2018-01-17 9:18 ` Joerg Roedel
2018-01-17 18:10 ` Andy Lutomirski
2018-01-17 18:10 ` Andy Lutomirski
2018-01-19 9:55 ` Joerg Roedel
2018-01-19 9:55 ` Joerg Roedel
2018-01-19 16:30 ` Andy Lutomirski
2018-01-19 16:30 ` Andy Lutomirski
2018-01-22 10:11 ` Joerg Roedel
2018-01-22 10:11 ` Joerg Roedel
2018-01-22 17:46 ` Andy Lutomirski
2018-01-22 17:46 ` Andy Lutomirski
2018-01-17 2:47 ` Boris Ostrovsky
2018-01-17 2:47 ` Boris Ostrovsky
2018-01-17 9:02 ` Joerg Roedel
2018-01-17 9:02 ` Joerg Roedel
2018-01-17 14:04 ` Andrew Cooper
2018-01-17 14:04 ` Andrew Cooper
2018-01-17 15:22 ` Boris Ostrovsky
2018-01-17 15:22 ` Boris Ostrovsky
2018-01-16 16:36 ` [PATCH 03/16] x86/entry/32: Leave the kernel via the " Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 22:48 ` Andy Lutomirski
2018-01-16 22:48 ` Andy Lutomirski
2018-01-17 9:24 ` Joerg Roedel
2018-01-17 9:24 ` Joerg Roedel
2018-01-17 13:57 ` Brian Gerst
2018-01-17 13:57 ` Brian Gerst
2018-01-17 14:00 ` Brian Gerst
2018-01-17 14:00 ` Brian Gerst
2018-01-17 14:14 ` Joerg Roedel
2018-01-17 14:14 ` Joerg Roedel
2018-01-17 14:45 ` Josh Poimboeuf
2018-01-17 14:45 ` Josh Poimboeuf
2018-01-17 14:10 ` Joerg Roedel
2018-01-17 14:10 ` Joerg Roedel
2018-01-17 18:12 ` Andy Lutomirski
2018-01-17 18:12 ` Andy Lutomirski
2018-01-19 9:57 ` Joerg Roedel
2018-01-19 9:57 ` Joerg Roedel
2018-01-16 16:36 ` [PATCH 04/16] x86/pti: Define X86_CR3_PTI_PCID_USER_BIT on x86_32 Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 22:46 ` Andy Lutomirski
2018-01-16 22:46 ` Andy Lutomirski
2018-01-17 9:26 ` Joerg Roedel
2018-01-17 9:26 ` Joerg Roedel
2018-01-16 16:36 ` [PATCH 05/16] x86/pgtable: Move pgdp kernel/user conversion functions to pgtable.h Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 16:36 ` [PATCH 06/16] x86/mm/ldt: Reserve high address-space range for the LDT Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 16:52 ` Peter Zijlstra
2018-01-16 16:52 ` Peter Zijlstra
2018-01-16 17:13 ` Joerg Roedel
2018-01-16 17:13 ` Joerg Roedel
2018-01-16 17:31 ` Peter Zijlstra
2018-01-16 17:31 ` Peter Zijlstra
2018-01-16 17:34 ` Waiman Long
2018-01-16 17:34 ` Waiman Long
2018-01-16 22:51 ` Andy Lutomirski
2018-01-16 22:51 ` Andy Lutomirski
2018-01-17 7:59 ` Peter Zijlstra
2018-01-17 7:59 ` Peter Zijlstra
2018-01-16 16:36 ` [PATCH 07/16] x86/mm: Move two more functions from pgtable_64.h to pgtable.h Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 18:03 ` Dave Hansen
2018-01-16 18:03 ` Dave Hansen
2018-01-16 19:11 ` Joerg Roedel
2018-01-16 19:11 ` Joerg Roedel
2018-01-16 19:34 ` Thomas Gleixner
2018-01-16 19:34 ` Thomas Gleixner
2018-01-16 16:36 ` [PATCH 08/16] x86/pgtable/32: Allocate 8k page-tables when PTI is enabled Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-17 23:43 ` Andy Lutomirski
2018-01-17 23:43 ` Andy Lutomirski
2018-01-19 9:57 ` Joerg Roedel
2018-01-19 9:57 ` Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel [this message]
2018-01-16 16:36 ` [PATCH 09/16] x86/mm/pti: Clone CPU_ENTRY_AREA on PMD level on x86_32 Joerg Roedel
2018-01-16 21:03 ` Thomas Gleixner
2018-01-16 21:03 ` Thomas Gleixner
2018-01-16 16:36 ` [PATCH 10/16] x86/mm/pti: Populate valid user pud entries Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 18:06 ` Dave Hansen
2018-01-16 18:06 ` Dave Hansen
2018-01-16 19:41 ` Joerg Roedel
2018-01-16 19:41 ` Joerg Roedel
2018-01-16 21:06 ` Thomas Gleixner
2018-01-16 21:06 ` Thomas Gleixner
2018-01-16 16:36 ` [PATCH 11/16] x86/mm/pgtable: Move pti_set_user_pgd() to pgtable.h Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 16:36 ` [PATCH 12/16] x86/mm/pae: Populate the user page-table with user pgd's Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 18:11 ` Dave Hansen
2018-01-16 18:11 ` Dave Hansen
2018-01-16 19:44 ` Joerg Roedel
2018-01-16 19:44 ` Joerg Roedel
2018-01-16 21:10 ` Thomas Gleixner
2018-01-16 21:10 ` Thomas Gleixner
2018-01-16 21:15 ` Dave Hansen
2018-01-16 21:15 ` Dave Hansen
2018-01-16 16:36 ` [PATCH 13/16] x86/mm/pti: Add an overflow check to pti_clone_pmds() Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 16:36 ` [PATCH 14/16] x86/mm/legacy: Populate the user page-table with user pgd's Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-17 23:41 ` Andy Lutomirski
2018-01-17 23:41 ` Andy Lutomirski
2018-01-16 16:36 ` [PATCH 15/16] x86/entry/32: Switch between kernel and user cr3 on entry/exit Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 16:36 ` [PATCH 16/16] x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32 Joerg Roedel
2018-01-16 16:36 ` Joerg Roedel
2018-01-16 18:14 ` [RFC PATCH 00/16] PTI support for x86-32 Dave Hansen
2018-01-16 18:14 ` Dave Hansen
2018-01-16 19:46 ` Joerg Roedel
2018-01-16 19:46 ` Joerg Roedel
2018-01-16 18:59 ` Linus Torvalds
2018-01-16 18:59 ` Linus Torvalds
2018-01-16 19:02 ` Dave Hansen
2018-01-16 19:02 ` Dave Hansen
2018-01-16 19:21 ` Andrew Cooper
2018-01-16 19:21 ` Andrew Cooper
2018-01-16 19:55 ` Joerg Roedel
2018-01-16 19:55 ` Joerg Roedel
2018-01-16 21:20 ` Thomas Gleixner
2018-01-16 21:20 ` Thomas Gleixner
2018-01-17 9:55 ` Joerg Roedel
2018-01-17 9:55 ` Joerg Roedel
2018-01-16 22:26 ` Andy Lutomirski
2018-01-16 22:26 ` Andy Lutomirski
2018-01-17 9:33 ` Joerg Roedel
2018-01-17 9:33 ` Joerg Roedel
2018-01-19 10:55 ` Pavel Machek
2018-01-19 11:07 ` Joerg Roedel
2018-01-19 11:07 ` Joerg Roedel
2018-01-19 12:58 ` Pavel Machek
2018-01-21 20:13 ` Nadav Amit
2018-01-21 20:13 ` Nadav Amit
2018-01-21 20:44 ` Nadav Amit
2018-01-21 20:44 ` Nadav Amit
2018-01-21 23:46 ` Nadav Amit
2018-01-21 23:46 ` Nadav Amit
2018-01-22 2:11 ` Linus Torvalds
2018-01-22 2:11 ` Linus Torvalds
2018-01-22 2:20 ` hpa
2018-01-22 2:20 ` hpa
2018-01-22 20:14 ` Linus Torvalds
2018-01-22 20:14 ` Linus Torvalds
2018-01-22 21:10 ` H. Peter Anvin
2018-01-22 21:10 ` H. Peter Anvin
2018-01-23 14:38 ` Alan Cox
2018-01-23 14:38 ` Alan Cox
2018-01-22 2:27 ` Nadav Amit
2018-01-22 2:27 ` Nadav Amit
2018-01-22 8:56 ` Joerg Roedel
2018-01-22 8:56 ` Joerg Roedel
2018-01-23 14:57 ` Alan Cox
2018-01-23 14:57 ` Alan Cox
2018-01-25 17:09 ` Alan Cox
2018-01-25 17:09 ` Alan Cox
2018-01-26 12:36 ` Joerg Roedel
2018-01-26 12:36 ` Joerg Roedel
2018-01-22 9:55 ` David Laight
2018-01-22 10:04 ` Joerg Roedel
2018-01-22 10:04 ` Joerg Roedel
2018-01-24 18:58 ` Krzysztof Mazur
2018-01-24 18:58 ` Krzysztof Mazur
2018-01-25 22:09 ` Nadav Amit
2018-01-25 22:09 ` Nadav Amit
2018-01-26 9:28 ` Krzysztof Mazur
2018-01-26 9:28 ` Krzysztof Mazur
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1516120619-1159-10-git-send-email-joro@8bytes.org \
--to=joro@8bytes.org \
--cc=David.Laight@aculab.com \
--cc=aarcange@redhat.com \
--cc=aliguori@amazon.com \
--cc=boris.ostrovsky@oracle.com \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=daniel.gruss@iaik.tugraz.at \
--cc=dave.hansen@intel.com \
--cc=dvlasenk@redhat.com \
--cc=eduval@amazon.com \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=hughd@google.com \
--cc=jgross@suse.com \
--cc=jkosina@suse.cz \
--cc=jpoimboe@redhat.com \
--cc=jroedel@suse.de \
--cc=keescook@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=llong@redhat.com \
--cc=luto@kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.