From: Aaro Koskinen <aaro.koskinen@nokia.com>
To: Dave Hansen <dave.hansen@linux.intel.com>
Cc: <linux-kernel@vger.kernel.org>, <linux-mm@kvack.org>,
<mceier@gmail.com>, <aarcange@redhat.com>, <luto@kernel.org>,
<arjan@linux.intel.com>, <bp@alien8.de>,
<dan.j.williams@intel.com>, <dwmw2@infradead.org>,
<gregkh@linuxfoundation.org>, <hughd@google.com>,
<jpoimboe@redhat.com>, <jgross@suse.com>, <keescook@google.com>,
<torvalds@linux-foundation.org>, <namit@vmware.com>,
<peterz@infradead.org>, <tglx@linutronix.de>
Subject: Re: [PATCH 2/5] x86, pti: fix boot warning from Global-bit setting
Date: Mon, 23 Apr 2018 13:51:38 +0300 [thread overview]
Message-ID: <20180423105138.GB16237@ak-laptop.emea.nsn-net.net> (raw)
In-Reply-To: <20180420222021.1C7D2B3F@viggo.jf.intel.com>
Hi,
On Fri, Apr 20, 2018 at 03:20:21PM -0700, Dave Hansen wrote:
> The pageattr.c code attempts to process "faults" when it goes looking
> for PTEs to change and finds non-present entries. It allows these
> faults in the linear map which is "expected to have holes", but
> WARN()s about them elsewhere, like when called on the kernel image.
>
> However, we are now calling change_page_attr_clear() on the kernel
> image in the process of trying to clear the Global bit.
>
> This trips the warning in __cpa_process_fault() if a non-present PTE is
> encountered in the kernel image. The "holes" in the kernel image
> result from free_init_pages()'s use of set_memory_np(). These holes
> are totally fine, and result from normal operation, just as they would
> be in the kernel linear map.
>
> Just silence the warning when holes in the kernel image are encountered.
>
> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
> Fixes: 39114b7a7 (x86/pti: Never implicitly clear _PAGE_GLOBAL for kernel image)
> Reported-by: Mariusz Ceier <mceier@gmail.com>
> Reported-by: Aaro Koskinen <aaro.koskinen@nokia.com>
Tested-by: Aaro Koskinen <aaro.koskinen@nokia.com>
A.
> Cc: Andrea Arcangeli <aarcange@redhat.com>
> Cc: Andy Lutomirski <luto@kernel.org>
> Cc: Arjan van de Ven <arjan@linux.intel.com>
> Cc: Borislav Petkov <bp@alien8.de>
> Cc: Dan Williams <dan.j.williams@intel.com>
> Cc: David Woodhouse <dwmw2@infradead.org>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Cc: Hugh Dickins <hughd@google.com>
> Cc: Josh Poimboeuf <jpoimboe@redhat.com>
> Cc: Juergen Gross <jgross@suse.com>
> Cc: Kees Cook <keescook@google.com>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> Cc: Nadav Amit <namit@vmware.com>
> Cc: Peter Zijlstra <peterz@infradead.org>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: linux-mm@kvack.org
> ---
>
> b/arch/x86/mm/pageattr.c | 41 +++++++++++++++++++++++++++++++----------
> 1 file changed, 31 insertions(+), 10 deletions(-)
>
> diff -puN arch/x86/mm/pageattr.c~pti-glb-warning-inpageattr arch/x86/mm/pageattr.c
> --- a/arch/x86/mm/pageattr.c~pti-glb-warning-inpageattr 2018-04-20 14:10:01.619749168 -0700
> +++ b/arch/x86/mm/pageattr.c 2018-04-20 14:10:01.623749168 -0700
> @@ -93,6 +93,18 @@ void arch_report_meminfo(struct seq_file
> static inline void split_page_count(int level) { }
> #endif
>
> +static inline int
> +within(unsigned long addr, unsigned long start, unsigned long end)
> +{
> + return addr >= start && addr < end;
> +}
> +
> +static inline int
> +within_inclusive(unsigned long addr, unsigned long start, unsigned long end)
> +{
> + return addr >= start && addr <= end;
> +}
> +
> #ifdef CONFIG_X86_64
>
> static inline unsigned long highmap_start_pfn(void)
> @@ -106,20 +118,26 @@ static inline unsigned long highmap_end_
> return __pa_symbol(roundup(_brk_end, PMD_SIZE) - 1) >> PAGE_SHIFT;
> }
>
> -#endif
> -
> -static inline int
> -within(unsigned long addr, unsigned long start, unsigned long end)
> +static bool __cpa_pfn_in_highmap(unsigned long pfn)
> {
> - return addr >= start && addr < end;
> + /*
> + * Kernel text has an alias mapping at a high address, known
> + * here as "highmap".
> + */
> + return within_inclusive(pfn, highmap_start_pfn(),
> + highmap_end_pfn());
> }
>
> -static inline int
> -within_inclusive(unsigned long addr, unsigned long start, unsigned long end)
> +#else
> +
> +static bool __cpa_pfn_in_highmap(unsigned long pfn)
> {
> - return addr >= start && addr <= end;
> + /* There is no highmap on 32-bit */
> + return false;
> }
>
> +#endif
> +
> /*
> * Flushing functions
> */
> @@ -1183,6 +1201,10 @@ static int __cpa_process_fault(struct cp
> cpa->numpages = 1;
> cpa->pfn = __pa(vaddr) >> PAGE_SHIFT;
> return 0;
> +
> + } else if (__cpa_pfn_in_highmap(cpa->pfn)) {
> + /* Faults in the highmap are OK, so do not warn: */
> + return -EFAULT;
> } else {
> WARN(1, KERN_WARNING "CPA: called for zero pte. "
> "vaddr = %lx cpa->vaddr = %lx\n", vaddr,
> @@ -1335,8 +1357,7 @@ static int cpa_process_alias(struct cpa_
> * to touch the high mapped kernel as well:
> */
> if (!within(vaddr, (unsigned long)_text, _brk_end) &&
> - within_inclusive(cpa->pfn, highmap_start_pfn(),
> - highmap_end_pfn())) {
> + __cpa_pfn_in_highmap(cpa->pfn)) {
> unsigned long temp_cpa_vaddr = (cpa->pfn << PAGE_SHIFT) +
> __START_KERNEL_map - phys_base;
> alias_cpa = *cpa;
> _
WARNING: multiple messages have this Message-ID (diff)
From: Aaro Koskinen <aaro.koskinen@nokia.com>
To: Dave Hansen <dave.hansen@linux.intel.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
mceier@gmail.com, aarcange@redhat.com, luto@kernel.org,
arjan@linux.intel.com, bp@alien8.de, dan.j.williams@intel.com,
dwmw2@infradead.org, gregkh@linuxfoundation.org,
hughd@google.com, jpoimboe@redhat.com, jgross@suse.com,
keescook@google.com, torvalds@linux-foundation.org,
namit@vmware.com, peterz@infradead.org, tglx@linutronix.de
Subject: Re: [PATCH 2/5] x86, pti: fix boot warning from Global-bit setting
Date: Mon, 23 Apr 2018 13:51:38 +0300 [thread overview]
Message-ID: <20180423105138.GB16237@ak-laptop.emea.nsn-net.net> (raw)
In-Reply-To: <20180420222021.1C7D2B3F@viggo.jf.intel.com>
Hi,
On Fri, Apr 20, 2018 at 03:20:21PM -0700, Dave Hansen wrote:
> The pageattr.c code attempts to process "faults" when it goes looking
> for PTEs to change and finds non-present entries. It allows these
> faults in the linear map which is "expected to have holes", but
> WARN()s about them elsewhere, like when called on the kernel image.
>
> However, we are now calling change_page_attr_clear() on the kernel
> image in the process of trying to clear the Global bit.
>
> This trips the warning in __cpa_process_fault() if a non-present PTE is
> encountered in the kernel image. The "holes" in the kernel image
> result from free_init_pages()'s use of set_memory_np(). These holes
> are totally fine, and result from normal operation, just as they would
> be in the kernel linear map.
>
> Just silence the warning when holes in the kernel image are encountered.
>
> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
> Fixes: 39114b7a7 (x86/pti: Never implicitly clear _PAGE_GLOBAL for kernel image)
> Reported-by: Mariusz Ceier <mceier@gmail.com>
> Reported-by: Aaro Koskinen <aaro.koskinen@nokia.com>
Tested-by: Aaro Koskinen <aaro.koskinen@nokia.com>
A.
> Cc: Andrea Arcangeli <aarcange@redhat.com>
> Cc: Andy Lutomirski <luto@kernel.org>
> Cc: Arjan van de Ven <arjan@linux.intel.com>
> Cc: Borislav Petkov <bp@alien8.de>
> Cc: Dan Williams <dan.j.williams@intel.com>
> Cc: David Woodhouse <dwmw2@infradead.org>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Cc: Hugh Dickins <hughd@google.com>
> Cc: Josh Poimboeuf <jpoimboe@redhat.com>
> Cc: Juergen Gross <jgross@suse.com>
> Cc: Kees Cook <keescook@google.com>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> Cc: Nadav Amit <namit@vmware.com>
> Cc: Peter Zijlstra <peterz@infradead.org>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: linux-mm@kvack.org
> ---
>
> b/arch/x86/mm/pageattr.c | 41 +++++++++++++++++++++++++++++++----------
> 1 file changed, 31 insertions(+), 10 deletions(-)
>
> diff -puN arch/x86/mm/pageattr.c~pti-glb-warning-inpageattr arch/x86/mm/pageattr.c
> --- a/arch/x86/mm/pageattr.c~pti-glb-warning-inpageattr 2018-04-20 14:10:01.619749168 -0700
> +++ b/arch/x86/mm/pageattr.c 2018-04-20 14:10:01.623749168 -0700
> @@ -93,6 +93,18 @@ void arch_report_meminfo(struct seq_file
> static inline void split_page_count(int level) { }
> #endif
>
> +static inline int
> +within(unsigned long addr, unsigned long start, unsigned long end)
> +{
> + return addr >= start && addr < end;
> +}
> +
> +static inline int
> +within_inclusive(unsigned long addr, unsigned long start, unsigned long end)
> +{
> + return addr >= start && addr <= end;
> +}
> +
> #ifdef CONFIG_X86_64
>
> static inline unsigned long highmap_start_pfn(void)
> @@ -106,20 +118,26 @@ static inline unsigned long highmap_end_
> return __pa_symbol(roundup(_brk_end, PMD_SIZE) - 1) >> PAGE_SHIFT;
> }
>
> -#endif
> -
> -static inline int
> -within(unsigned long addr, unsigned long start, unsigned long end)
> +static bool __cpa_pfn_in_highmap(unsigned long pfn)
> {
> - return addr >= start && addr < end;
> + /*
> + * Kernel text has an alias mapping at a high address, known
> + * here as "highmap".
> + */
> + return within_inclusive(pfn, highmap_start_pfn(),
> + highmap_end_pfn());
> }
>
> -static inline int
> -within_inclusive(unsigned long addr, unsigned long start, unsigned long end)
> +#else
> +
> +static bool __cpa_pfn_in_highmap(unsigned long pfn)
> {
> - return addr >= start && addr <= end;
> + /* There is no highmap on 32-bit */
> + return false;
> }
>
> +#endif
> +
> /*
> * Flushing functions
> */
> @@ -1183,6 +1201,10 @@ static int __cpa_process_fault(struct cp
> cpa->numpages = 1;
> cpa->pfn = __pa(vaddr) >> PAGE_SHIFT;
> return 0;
> +
> + } else if (__cpa_pfn_in_highmap(cpa->pfn)) {
> + /* Faults in the highmap are OK, so do not warn: */
> + return -EFAULT;
> } else {
> WARN(1, KERN_WARNING "CPA: called for zero pte. "
> "vaddr = %lx cpa->vaddr = %lx\n", vaddr,
> @@ -1335,8 +1357,7 @@ static int cpa_process_alias(struct cpa_
> * to touch the high mapped kernel as well:
> */
> if (!within(vaddr, (unsigned long)_text, _brk_end) &&
> - within_inclusive(cpa->pfn, highmap_start_pfn(),
> - highmap_end_pfn())) {
> + __cpa_pfn_in_highmap(cpa->pfn)) {
> unsigned long temp_cpa_vaddr = (cpa->pfn << PAGE_SHIFT) +
> __START_KERNEL_map - phys_base;
> alias_cpa = *cpa;
> _
next prev parent reply other threads:[~2018-04-23 10:51 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-20 22:20 [PATCH 0/5] x86, mm: PTI Global page fixes for 4.17 Dave Hansen
2018-04-20 22:20 ` Dave Hansen
2018-04-20 22:20 ` [PATCH 1/5] x86, pti: fix boot problems from Global-bit setting Dave Hansen
2018-04-20 22:20 ` Dave Hansen
2018-04-23 10:50 ` Aaro Koskinen
2018-04-23 10:50 ` Aaro Koskinen
2018-04-24 8:06 ` [tip:x86/pti] x86/pti: Fix " tip-bot for Dave Hansen
2018-04-25 9:06 ` tip-bot for Dave Hansen
2018-04-20 22:20 ` [PATCH 2/5] x86, pti: fix boot warning " Dave Hansen
2018-04-20 22:20 ` Dave Hansen
2018-04-23 10:51 ` Aaro Koskinen [this message]
2018-04-23 10:51 ` Aaro Koskinen
2018-04-24 8:07 ` [tip:x86/pti] x86/pti: Fix " tip-bot for Dave Hansen
2018-04-25 9:07 ` tip-bot for Dave Hansen
2018-04-20 22:20 ` [PATCH 3/5] x86, pti: reduce amount of kernel text allowed to be Global Dave Hansen
2018-04-20 22:20 ` Dave Hansen
2018-04-24 8:08 ` [tip:x86/pti] x86, pti: Reduce " tip-bot for Dave Hansen
2018-04-25 9:08 ` [tip:x86/pti] x86/pti: " tip-bot for Dave Hansen
2018-04-20 22:20 ` [PATCH 4/5] x86, pti: disallow global kernel text with RANDSTRUCT Dave Hansen
2018-04-20 22:20 ` Dave Hansen
2018-04-24 8:08 ` [tip:x86/pti] x86/pti: Disallow " tip-bot for Dave Hansen
2018-04-25 9:08 ` tip-bot for Dave Hansen
2018-04-20 22:20 ` [PATCH 5/5] x86, pti: filter at vma->vm_page_prot population Dave Hansen
2018-04-20 22:20 ` Dave Hansen
2018-04-21 1:21 ` Nadav Amit
2018-04-23 11:37 ` Dave Hansen
2018-04-23 11:37 ` Dave Hansen
2018-04-24 8:09 ` [tip:x86/pti] x86, pti: Filter " tip-bot for Dave Hansen
2018-04-25 9:09 ` [tip:x86/pti] x86/pti: " tip-bot for Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180423105138.GB16237@ak-laptop.emea.nsn-net.net \
--to=aaro.koskinen@nokia.com \
--cc=aarcange@redhat.com \
--cc=arjan@linux.intel.com \
--cc=bp@alien8.de \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dwmw2@infradead.org \
--cc=gregkh@linuxfoundation.org \
--cc=hughd@google.com \
--cc=jgross@suse.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mceier@gmail.com \
--cc=namit@vmware.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.