From: Andrei Vagin <avagin@gmail.com>
To: linux-arm-kernel@lists.infradead.org,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>
Cc: linux-kernel@vger.kernel.org,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
Thomas Gleixner <tglx@linutronix.de>,
Dmitry Safonov <dima@arista.com>, Andrei Vagin <avagin@gmail.com>
Subject: [PATCH 4/6] arm64/vdso: Handle faults on timens page
Date: Tue, 2 Jun 2020 11:02:57 -0700 [thread overview]
Message-ID: <20200602180259.76361-5-avagin@gmail.com> (raw)
In-Reply-To: <20200602180259.76361-1-avagin@gmail.com>
If a task belongs to a time namespace then the VVAR page which contains
the system wide VDSO data is replaced with a namespace specific page
which has the same layout as the VVAR page.
Reviewed-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
---
arch/arm64/kernel/vdso.c | 57 +++++++++++++++++++++++++++++++++++++---
1 file changed, 53 insertions(+), 4 deletions(-)
diff --git a/arch/arm64/kernel/vdso.c b/arch/arm64/kernel/vdso.c
index 1fa6f9362e56..f3baecd8edfb 100644
--- a/arch/arm64/kernel/vdso.c
+++ b/arch/arm64/kernel/vdso.c
@@ -18,6 +18,7 @@
#include <linux/sched.h>
#include <linux/signal.h>
#include <linux/slab.h>
+#include <linux/time_namespace.h>
#include <linux/timekeeper_internal.h>
#include <linux/vmalloc.h>
#include <vdso/datapage.h>
@@ -175,15 +176,63 @@ int vdso_join_timens(struct task_struct *task, struct time_namespace *ns)
up_write(&mm->mmap_sem);
return 0;
}
+
+static struct page *find_timens_vvar_page(struct vm_area_struct *vma)
+{
+ if (likely(vma->vm_mm == current->mm))
+ return current->nsproxy->time_ns->vvar_page;
+
+ /*
+ * VM_PFNMAP | VM_IO protect .fault() handler from being called
+ * through interfaces like /proc/$pid/mem or
+ * process_vm_{readv,writev}() as long as there's no .access()
+ * in special_mapping_vmops().
+ * For more details check_vma_flags() and __access_remote_vm()
+ */
+
+ WARN(1, "vvar_page accessed remotely");
+
+ return NULL;
+}
+#else
+static inline struct page *find_timens_vvar_page(struct vm_area_struct *vma)
+{
+ return NULL;
+}
#endif
static vm_fault_t vvar_fault(const struct vm_special_mapping *sm,
struct vm_area_struct *vma, struct vm_fault *vmf)
{
- if (vmf->pgoff == 0)
- return vmf_insert_pfn(vma, vmf->address,
- sym_to_pfn(vdso_data));
- return VM_FAULT_SIGBUS;
+ struct page *timens_page = find_timens_vvar_page(vma);
+ unsigned long pfn;
+
+ switch (vmf->pgoff) {
+ case VVAR_DATA_PAGE_OFFSET:
+ if (timens_page)
+ pfn = page_to_pfn(timens_page);
+ else
+ pfn = sym_to_pfn(vdso_data);
+ break;
+#ifdef CONFIG_TIME_NS
+ case VVAR_TIMENS_PAGE_OFFSET:
+ /*
+ * If a task belongs to a time namespace then a namespace
+ * specific VVAR is mapped with the VVAR_DATA_PAGE_OFFSET and
+ * the real VVAR page is mapped with the VVAR_TIMENS_PAGE_OFFSET
+ * offset.
+ * See also the comment near timens_setup_vdso_data().
+ */
+ if (!timens_page)
+ return VM_FAULT_SIGBUS;
+ pfn = sym_to_pfn(vdso_data);
+ break;
+#endif /* CONFIG_TIME_NS */
+ default:
+ return VM_FAULT_SIGBUS;
+ }
+
+ return vmf_insert_pfn(vma, vmf->address, pfn);
}
static int __setup_additional_pages(enum arch_vdso_type arch_index,
--
2.24.1
WARNING: multiple messages have this Message-ID (diff)
From: Andrei Vagin <avagin@gmail.com>
To: linux-arm-kernel@lists.infradead.org,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>,
Dmitry Safonov <dima@arista.com>,
linux-kernel@vger.kernel.org, Andrei Vagin <avagin@gmail.com>,
Thomas Gleixner <tglx@linutronix.de>,
Vincenzo Frascino <vincenzo.frascino@arm.com>
Subject: [PATCH 4/6] arm64/vdso: Handle faults on timens page
Date: Tue, 2 Jun 2020 11:02:57 -0700 [thread overview]
Message-ID: <20200602180259.76361-5-avagin@gmail.com> (raw)
In-Reply-To: <20200602180259.76361-1-avagin@gmail.com>
If a task belongs to a time namespace then the VVAR page which contains
the system wide VDSO data is replaced with a namespace specific page
which has the same layout as the VVAR page.
Reviewed-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
---
arch/arm64/kernel/vdso.c | 57 +++++++++++++++++++++++++++++++++++++---
1 file changed, 53 insertions(+), 4 deletions(-)
diff --git a/arch/arm64/kernel/vdso.c b/arch/arm64/kernel/vdso.c
index 1fa6f9362e56..f3baecd8edfb 100644
--- a/arch/arm64/kernel/vdso.c
+++ b/arch/arm64/kernel/vdso.c
@@ -18,6 +18,7 @@
#include <linux/sched.h>
#include <linux/signal.h>
#include <linux/slab.h>
+#include <linux/time_namespace.h>
#include <linux/timekeeper_internal.h>
#include <linux/vmalloc.h>
#include <vdso/datapage.h>
@@ -175,15 +176,63 @@ int vdso_join_timens(struct task_struct *task, struct time_namespace *ns)
up_write(&mm->mmap_sem);
return 0;
}
+
+static struct page *find_timens_vvar_page(struct vm_area_struct *vma)
+{
+ if (likely(vma->vm_mm == current->mm))
+ return current->nsproxy->time_ns->vvar_page;
+
+ /*
+ * VM_PFNMAP | VM_IO protect .fault() handler from being called
+ * through interfaces like /proc/$pid/mem or
+ * process_vm_{readv,writev}() as long as there's no .access()
+ * in special_mapping_vmops().
+ * For more details check_vma_flags() and __access_remote_vm()
+ */
+
+ WARN(1, "vvar_page accessed remotely");
+
+ return NULL;
+}
+#else
+static inline struct page *find_timens_vvar_page(struct vm_area_struct *vma)
+{
+ return NULL;
+}
#endif
static vm_fault_t vvar_fault(const struct vm_special_mapping *sm,
struct vm_area_struct *vma, struct vm_fault *vmf)
{
- if (vmf->pgoff == 0)
- return vmf_insert_pfn(vma, vmf->address,
- sym_to_pfn(vdso_data));
- return VM_FAULT_SIGBUS;
+ struct page *timens_page = find_timens_vvar_page(vma);
+ unsigned long pfn;
+
+ switch (vmf->pgoff) {
+ case VVAR_DATA_PAGE_OFFSET:
+ if (timens_page)
+ pfn = page_to_pfn(timens_page);
+ else
+ pfn = sym_to_pfn(vdso_data);
+ break;
+#ifdef CONFIG_TIME_NS
+ case VVAR_TIMENS_PAGE_OFFSET:
+ /*
+ * If a task belongs to a time namespace then a namespace
+ * specific VVAR is mapped with the VVAR_DATA_PAGE_OFFSET and
+ * the real VVAR page is mapped with the VVAR_TIMENS_PAGE_OFFSET
+ * offset.
+ * See also the comment near timens_setup_vdso_data().
+ */
+ if (!timens_page)
+ return VM_FAULT_SIGBUS;
+ pfn = sym_to_pfn(vdso_data);
+ break;
+#endif /* CONFIG_TIME_NS */
+ default:
+ return VM_FAULT_SIGBUS;
+ }
+
+ return vmf_insert_pfn(vma, vmf->address, pfn);
}
static int __setup_additional_pages(enum arch_vdso_type arch_index,
--
2.24.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-06-02 18:03 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-02 18:02 [PATCH RESEND v3 0/6] arm64: add the time namespace support Andrei Vagin
2020-06-02 18:02 ` Andrei Vagin
2020-06-02 18:02 ` [PATCH 1/6] arm64/vdso: use the fault callback to map vvar pages Andrei Vagin
2020-06-02 18:02 ` Andrei Vagin
2020-06-02 18:02 ` [PATCH 2/6] arm64/vdso: Zap vvar pages when switching to a time namespace Andrei Vagin
2020-06-02 18:02 ` Andrei Vagin
2020-06-02 18:02 ` [PATCH 3/6] arm64/vdso: Add time namespace page Andrei Vagin
2020-06-02 18:02 ` Andrei Vagin
2020-06-02 19:29 ` Dmitry Safonov
2020-06-02 19:29 ` Dmitry Safonov
2020-06-02 22:04 ` kbuild test robot
2020-06-02 22:04 ` kbuild test robot
2020-06-02 22:04 ` kbuild test robot
2020-06-03 6:42 ` kbuild test robot
2020-06-03 6:42 ` kbuild test robot
2020-06-03 6:42 ` kbuild test robot
2020-06-05 7:45 ` [PATCH 3/6 v4] " Andrei Vagin
2020-06-05 7:45 ` Andrei Vagin
2020-06-02 18:02 ` Andrei Vagin [this message]
2020-06-02 18:02 ` [PATCH 4/6] arm64/vdso: Handle faults on timens page Andrei Vagin
2020-06-02 18:02 ` [PATCH 5/6] arm64/vdso: Restrict splitting VVAR VMA Andrei Vagin
2020-06-02 18:02 ` Andrei Vagin
2020-06-02 18:02 ` [PATCH 6/6] arm64: enable time namespace support Andrei Vagin
2020-06-02 18:02 ` Andrei Vagin
2020-06-02 19:31 ` [PATCH RESEND v3 0/6] arm64: add the " Dmitry Safonov
2020-06-02 19:31 ` Dmitry Safonov
2020-06-05 10:49 ` Mark Rutland
2020-06-05 10:49 ` Mark Rutland
2020-06-06 8:58 ` Andrei Vagin
2020-06-06 8:58 ` Andrei Vagin
-- strict thread matches above, loose matches on Subject: below --
2020-06-24 8:33 [PATCH v5 " Andrei Vagin
2020-06-24 8:33 ` [PATCH 4/6] arm64/vdso: Handle faults on timens page Andrei Vagin
2020-06-24 8:33 ` Andrei Vagin
2020-06-16 7:55 [PATCH v4 0/6] arm64: add the time namespace support Andrei Vagin
2020-06-16 7:55 ` [PATCH 4/6] arm64/vdso: Handle faults on timens page Andrei Vagin
2020-06-16 7:55 ` Andrei Vagin
2020-04-16 5:26 [PATCH v3 0/6] arm64: add the time namespace support Andrei Vagin
2020-04-16 5:26 ` [PATCH 4/6] arm64/vdso: Handle faults on timens page Andrei Vagin
2020-04-16 5:26 ` Andrei Vagin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200602180259.76361-5-avagin@gmail.com \
--to=avagin@gmail.com \
--cc=catalin.marinas@arm.com \
--cc=dima@arista.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=tglx@linutronix.de \
--cc=vincenzo.frascino@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.