From: Alexandre Ghiti <alex@ghiti.fr>
To: Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>, Zong Li <zong.li@sifive.com>,
Anup Patel <anup@brainfault.org>, Christoph Hellwig <hch@lst.de>,
Ard Biesheuvel <ardb@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
linux-efi@vger.kernel.org, linux-arch@vger.kernel.org,
linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org
Cc: Alexandre Ghiti <alex@ghiti.fr>
Subject: [RFC PATCH 02/12] riscv: Protect the kernel linear mapping
Date: Mon, 4 Jan 2021 14:58:30 -0500 [thread overview]
Message-ID: <20210104195840.1593-3-alex@ghiti.fr> (raw)
In-Reply-To: <20210104195840.1593-1-alex@ghiti.fr>
The kernel is now mapped at the end of the address space and it should
be accessed through this mapping only: so map the whole kernel in the
linear mapping as read only.
Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
---
arch/riscv/include/asm/page.h | 9 ++++++++-
arch/riscv/mm/init.c | 29 +++++++++++++++++++++--------
2 files changed, 29 insertions(+), 9 deletions(-)
diff --git a/arch/riscv/include/asm/page.h b/arch/riscv/include/asm/page.h
index 98188e315e8d..a93e35aaa717 100644
--- a/arch/riscv/include/asm/page.h
+++ b/arch/riscv/include/asm/page.h
@@ -102,8 +102,15 @@ extern unsigned long pfn_base;
extern unsigned long max_low_pfn;
extern unsigned long min_low_pfn;
extern unsigned long kernel_virt_addr;
+extern uintptr_t load_pa, load_sz;
+
+#define linear_mapping_pa_to_va(x) ((void *)((unsigned long)(x) + va_pa_offset))
+#define kernel_mapping_pa_to_va(x) \
+ ((void *)((unsigned long) (x) + va_kernel_pa_offset))
+#define __pa_to_va_nodebug(x) \
+ ((x >= load_pa && x < load_pa + load_sz) ? \
+ kernel_mapping_pa_to_va(x): linear_mapping_pa_to_va(x))
-#define __pa_to_va_nodebug(x) ((void *)((unsigned long) (x) + va_pa_offset))
#define linear_mapping_va_to_pa(x) ((unsigned long)(x) - va_pa_offset)
#define kernel_mapping_va_to_pa(x) \
((unsigned long)(x) - va_kernel_pa_offset)
diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c
index 9d06ff0e015a..7b87c14f1d24 100644
--- a/arch/riscv/mm/init.c
+++ b/arch/riscv/mm/init.c
@@ -159,8 +159,6 @@ void __init setup_bootmem(void)
{
phys_addr_t mem_start = 0;
phys_addr_t start, end = 0;
- phys_addr_t vmlinux_end = __pa_symbol(&_end);
- phys_addr_t vmlinux_start = __pa_symbol(&_start);
u64 i;
/* Find the memory region containing the kernel */
@@ -168,7 +166,7 @@ void __init setup_bootmem(void)
phys_addr_t size = end - start;
if (!mem_start)
mem_start = start;
- if (start <= vmlinux_start && vmlinux_end <= end)
+ if (start <= load_pa && (load_pa + load_sz) <= end)
BUG_ON(size == 0);
}
@@ -179,8 +177,13 @@ void __init setup_bootmem(void)
*/
memblock_enforce_memory_limit(mem_start - PAGE_OFFSET);
- /* Reserve from the start of the kernel to the end of the kernel */
- memblock_reserve(vmlinux_start, vmlinux_end - vmlinux_start);
+ /*
+ * Reserve from the start of the kernel to the end of the kernel
+ * and make sure we align the reservation on PMD_SIZE since we will
+ * map the kernel in the linear mapping as read-only: we do not want
+ * any allocation to happen between _end and the next pmd aligned page.
+ */
+ memblock_reserve(load_pa, (load_sz + PMD_SIZE - 1) & ~(PMD_SIZE - 1));
max_pfn = PFN_DOWN(memblock_end_of_DRAM());
max_low_pfn = max_pfn;
@@ -438,7 +441,9 @@ static uintptr_t __init best_map_size(phys_addr_t base, phys_addr_t size)
#error "setup_vm() is called from head.S before relocate so it should not use absolute addressing."
#endif
-static uintptr_t load_pa, load_sz;
+uintptr_t load_pa, load_sz;
+EXPORT_SYMBOL(load_pa);
+EXPORT_SYMBOL(load_sz);
static void __init create_kernel_page_table(pgd_t *pgdir, uintptr_t map_size)
{
@@ -596,9 +601,17 @@ static void __init setup_vm_final(void)
map_size = best_map_size(start, end - start);
for (pa = start; pa < end; pa += map_size) {
- va = (uintptr_t)__va(pa);
+ pgprot_t prot = PAGE_KERNEL;
+
+ /* Protect the kernel mapping that lies in the linear mapping */
+ if (pa >= __pa(_start) && pa < __pa(_end))
+ prot = PAGE_KERNEL_READ;
+
+ /* Make sure we get virtual addresses in the linear mapping */
+ va = (uintptr_t)linear_mapping_pa_to_va(pa);
+
create_pgd_mapping(swapper_pg_dir, va, pa,
- map_size, PAGE_KERNEL);
+ map_size, prot);
}
}
--
2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Alexandre Ghiti <alex@ghiti.fr>
To: Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>, Zong Li <zong.li@sifive.com>,
Anup Patel <anup@brainfault.org>, Christoph Hellwig <hch@lst.de>,
Ard Biesheuvel <ardb@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
linux-efi@vger.kernel.org, linux-arch@vger.kernel.org,
linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org
Cc: Alexandre Ghiti <alex@ghiti.fr>
Subject: [RFC PATCH 02/12] riscv: Protect the kernel linear mapping
Date: Mon, 4 Jan 2021 14:58:30 -0500 [thread overview]
Message-ID: <20210104195840.1593-3-alex@ghiti.fr> (raw)
In-Reply-To: <20210104195840.1593-1-alex@ghiti.fr>
The kernel is now mapped at the end of the address space and it should
be accessed through this mapping only: so map the whole kernel in the
linear mapping as read only.
Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
---
arch/riscv/include/asm/page.h | 9 ++++++++-
arch/riscv/mm/init.c | 29 +++++++++++++++++++++--------
2 files changed, 29 insertions(+), 9 deletions(-)
diff --git a/arch/riscv/include/asm/page.h b/arch/riscv/include/asm/page.h
index 98188e315e8d..a93e35aaa717 100644
--- a/arch/riscv/include/asm/page.h
+++ b/arch/riscv/include/asm/page.h
@@ -102,8 +102,15 @@ extern unsigned long pfn_base;
extern unsigned long max_low_pfn;
extern unsigned long min_low_pfn;
extern unsigned long kernel_virt_addr;
+extern uintptr_t load_pa, load_sz;
+
+#define linear_mapping_pa_to_va(x) ((void *)((unsigned long)(x) + va_pa_offset))
+#define kernel_mapping_pa_to_va(x) \
+ ((void *)((unsigned long) (x) + va_kernel_pa_offset))
+#define __pa_to_va_nodebug(x) \
+ ((x >= load_pa && x < load_pa + load_sz) ? \
+ kernel_mapping_pa_to_va(x): linear_mapping_pa_to_va(x))
-#define __pa_to_va_nodebug(x) ((void *)((unsigned long) (x) + va_pa_offset))
#define linear_mapping_va_to_pa(x) ((unsigned long)(x) - va_pa_offset)
#define kernel_mapping_va_to_pa(x) \
((unsigned long)(x) - va_kernel_pa_offset)
diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c
index 9d06ff0e015a..7b87c14f1d24 100644
--- a/arch/riscv/mm/init.c
+++ b/arch/riscv/mm/init.c
@@ -159,8 +159,6 @@ void __init setup_bootmem(void)
{
phys_addr_t mem_start = 0;
phys_addr_t start, end = 0;
- phys_addr_t vmlinux_end = __pa_symbol(&_end);
- phys_addr_t vmlinux_start = __pa_symbol(&_start);
u64 i;
/* Find the memory region containing the kernel */
@@ -168,7 +166,7 @@ void __init setup_bootmem(void)
phys_addr_t size = end - start;
if (!mem_start)
mem_start = start;
- if (start <= vmlinux_start && vmlinux_end <= end)
+ if (start <= load_pa && (load_pa + load_sz) <= end)
BUG_ON(size == 0);
}
@@ -179,8 +177,13 @@ void __init setup_bootmem(void)
*/
memblock_enforce_memory_limit(mem_start - PAGE_OFFSET);
- /* Reserve from the start of the kernel to the end of the kernel */
- memblock_reserve(vmlinux_start, vmlinux_end - vmlinux_start);
+ /*
+ * Reserve from the start of the kernel to the end of the kernel
+ * and make sure we align the reservation on PMD_SIZE since we will
+ * map the kernel in the linear mapping as read-only: we do not want
+ * any allocation to happen between _end and the next pmd aligned page.
+ */
+ memblock_reserve(load_pa, (load_sz + PMD_SIZE - 1) & ~(PMD_SIZE - 1));
max_pfn = PFN_DOWN(memblock_end_of_DRAM());
max_low_pfn = max_pfn;
@@ -438,7 +441,9 @@ static uintptr_t __init best_map_size(phys_addr_t base, phys_addr_t size)
#error "setup_vm() is called from head.S before relocate so it should not use absolute addressing."
#endif
-static uintptr_t load_pa, load_sz;
+uintptr_t load_pa, load_sz;
+EXPORT_SYMBOL(load_pa);
+EXPORT_SYMBOL(load_sz);
static void __init create_kernel_page_table(pgd_t *pgdir, uintptr_t map_size)
{
@@ -596,9 +601,17 @@ static void __init setup_vm_final(void)
map_size = best_map_size(start, end - start);
for (pa = start; pa < end; pa += map_size) {
- va = (uintptr_t)__va(pa);
+ pgprot_t prot = PAGE_KERNEL;
+
+ /* Protect the kernel mapping that lies in the linear mapping */
+ if (pa >= __pa(_start) && pa < __pa(_end))
+ prot = PAGE_KERNEL_READ;
+
+ /* Make sure we get virtual addresses in the linear mapping */
+ va = (uintptr_t)linear_mapping_pa_to_va(pa);
+
create_pgd_mapping(swapper_pg_dir, va, pa,
- map_size, PAGE_KERNEL);
+ map_size, prot);
}
}
--
2.20.1
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2021-01-04 20:14 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-04 19:58 [RFC PATCH 00/12] Introduce sv48 support without relocable kernel Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-04 19:58 ` [RFC PATCH 01/12] riscv: Move kernel mapping outside of linear mapping Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-05 11:40 ` Anup Patel
2021-01-05 11:40 ` Anup Patel
2021-01-06 6:36 ` Alex Ghiti
2021-01-06 6:36 ` Alex Ghiti
2021-01-06 6:44 ` Anup Patel
2021-01-06 6:44 ` Anup Patel
2021-01-06 8:16 ` Alex Ghiti
2021-01-06 8:16 ` Alex Ghiti
2021-01-04 19:58 ` Alexandre Ghiti [this message]
2021-01-04 19:58 ` [RFC PATCH 02/12] riscv: Protect the kernel " Alexandre Ghiti
2021-01-05 11:50 ` Anup Patel
2021-01-05 11:50 ` Anup Patel
2021-01-04 19:58 ` [RFC PATCH 03/12] riscv: Get rid of compile time logic with MAX_EARLY_MAPPING_SIZE Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-04 19:58 ` [RFC PATCH 04/12] riscv: Allow to dynamically define VA_BITS Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-05 12:06 ` Anup Patel
2021-01-05 12:06 ` Anup Patel
2021-01-06 6:38 ` Alex Ghiti
2021-01-06 6:38 ` Alex Ghiti
2021-01-04 19:58 ` [RFC PATCH 05/12] riscv: Simplify MAXPHYSMEM config Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-04 19:58 ` [RFC PATCH 06/12] riscv: Prepare ptdump for vm layout dynamic addresses Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-04 19:58 ` [RFC PATCH 07/12] asm-generic: Prepare for riscv use of pud_alloc_one and pud_free Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-04 19:58 ` [RFC PATCH 08/12] riscv: Implement sv48 support Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-05 5:28 ` kernel test robot
2021-01-04 19:58 ` [RFC PATCH 09/12] riscv: Allow user to downgrade to sv39 when hw supports sv48 Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-04 19:58 ` [RFC PATCH 10/12] riscv: Use pgtable_l4_enabled to output mmu type in cpuinfo Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-04 19:58 ` [RFC PATCH 11/12] riscv: Explicit comment about user virtual address space size Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-04 19:58 ` [RFC PATCH 12/12] riscv: Improve virtual kernel memory layout dump Alexandre Ghiti
2021-01-04 19:58 ` Alexandre Ghiti
2021-01-05 0:33 ` kernel test robot
2021-01-05 2:44 ` kernel test robot
2021-01-05 5:30 ` kernel test robot
2021-01-30 9:33 ` [RFC PATCH 00/12] Introduce sv48 support without relocable kernel Alex Ghiti
2021-01-30 9:33 ` Alex Ghiti
2021-02-03 3:04 ` Palmer Dabbelt
2021-02-03 3:04 ` Palmer Dabbelt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210104195840.1593-3-alex@ghiti.fr \
--to=alex@ghiti.fr \
--cc=anup@brainfault.org \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=hch@lst.de \
--cc=linux-arch@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
--cc=zong.li@sifive.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.