From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50021C433F5 for ; Sat, 25 Sep 2021 03:10:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1FC2461100 for ; Sat, 25 Sep 2021 03:10:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347763AbhIYDME (ORCPT ); Fri, 24 Sep 2021 23:12:04 -0400 Received: from szxga03-in.huawei.com ([45.249.212.189]:18257 "EHLO szxga03-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347739AbhIYDMD (ORCPT ); Fri, 24 Sep 2021 23:12:03 -0400 Received: from dggemv711-chm.china.huawei.com (unknown [172.30.72.57]) by szxga03-in.huawei.com (SkyGuard) with ESMTP id 4HGYm33mYDz8tFD; Sat, 25 Sep 2021 11:09:39 +0800 (CST) Received: from dggpemm500009.china.huawei.com (7.185.36.225) by dggemv711-chm.china.huawei.com (10.1.198.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Sat, 25 Sep 2021 11:10:26 +0800 Received: from [10.174.179.24] (10.174.179.24) by dggpemm500009.china.huawei.com (7.185.36.225) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Sat, 25 Sep 2021 11:10:26 +0800 Subject: Re: [PATCH] powerpc: don't select KFENCE on platform PPC_FSL_BOOK3E To: Christophe Leroy , Marco Elver , Michael Ellerman , "Benjamin Herrenschmidt" , Paul Mackerras References: <20210924063927.1341241-1-liushixin2@huawei.com> CC: , From: Liu Shixin Message-ID: <63e78249-8878-cbe3-0a22-a094ef53164a@huawei.com> Date: Sat, 25 Sep 2021 11:10:25 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-Originating-IP: [10.174.179.24] X-ClientProxiedBy: dggems703-chm.china.huawei.com (10.3.19.180) To dggpemm500009.china.huawei.com (7.185.36.225) X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2021/9/24 14:41, Christophe Leroy wrote: > > > Le 24/09/2021 à 08:39, Liu Shixin a écrit : >> On platform PPC_FSL_BOOK3E, all lowmem is managed by tlbcam. That means >> we didn't really map the kfence pool with page granularity. Therefore, >> if KFENCE is enabled, the system will hit the following panic: > > Could you please explain a bit more what the problem is ? > > KFENCE has been implemented with the same logic as DEBUG_PAGEALLOC. > > DEBUG_PAGEALLOC is enabled on FSL_BOOK3E. > > In MMU_setup(), __map_without_ltlbs is set to 1 when KFENCE is enabled. > > __map_without_ltlbs should disable the use of tlbcam. > > > So what's wrong really ? > > Does DEBUG_PAGEALLOC work on FSL_BOOK3E ? > > Thanks > Christophe > hi Christophe, The phenomenon is that kernel panic in the kfence_protect_page function because __kfence_pool is not mapped with page granularity. The problem is that in the mapin_ram function, the return value(i.e base) of mmu_mapin_ram is equal to top. As a result, no level-2 page table is created for [base, top]. It seems that __map_without_ltlbs didn't diable the use of tlbcam. I have tried to force page table for all lowmem, then this problem will go away but the kfence_test failed, which could be explained by the fact that tlbcam is still used. By the way, DEBUG_PAGEALLOC works well on FSL_BOOK3E without level-2 page table. Thanks, >> >> BUG: Kernel NULL pointer dereference on read at 0x00000000 >> Faulting instruction address: 0xc01de598 >> Oops: Kernel access of bad area, sig: 11 [#1] >> BE PAGE_SIZE=4K SMP NR_CPUS=4 MPC8544 DS >> Dumping ftrace buffer: >> (ftrace buffer empty) >> Modules linked in: >> CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.12.0-rc3+ #298 >> NIP: c01de598 LR: c08ae9c4 CTR: 00000000 >> REGS: c0b4bea0 TRAP: 0300 Not tainted (5.12.0-rc3+) >> MSR: 00021000 CR: 24000228 XER: 20000000 >> DEAR: 00000000 ESR: 00000000 >> GPR00: c08ae9c4 c0b4bf60 c0ad64e0 ef720000 00021000 00000000 00000000 00000200 >> GPR08: c0ad5000 00000000 00000000 00000004 00000000 008fbb30 00000000 00000000 >> GPR16: 00000000 00000000 00000000 00000000 c0000000 00000000 00000000 00000000 >> GPR24: c08ca004 c08ca004 c0b6a0e0 c0b60000 c0b58f00 c0850000 c08ca000 ef720000 >> NIP [c01de598] kfence_protect+0x44/0x6c >> LR [c08ae9c4] kfence_init+0xfc/0x2a4 >> Call Trace: >> [c0b4bf60] [efffe160] 0xefffe160 (unreliable) >> [c0b4bf70] [c08ae9c4] kfence_init+0xfc/0x2a4 >> [c0b4bfb0] [c0894d3c] start_kernel+0x3bc/0x574 >> [c0b4bff0] [c0000470] set_ivor+0x14c/0x188 >> Instruction dump: >> 7c0802a6 8109d594 546a653a 90010014 54630026 39200000 7d48502e 2c0a0000 >> 41820010 554a0026 5469b53a 7d295214 <81490000> 38831000 554a003c 91490000 >> random: get_random_bytes called from print_oops_end_marker+0x40/0x78 with crng_init=0 >> ---[ end trace 0000000000000000 ]--- >> >> Signed-off-by: Liu Shixin >> --- >> arch/powerpc/Kconfig | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig >> index d46db0bfb998..cffd57bcb5e4 100644 >> --- a/arch/powerpc/Kconfig >> +++ b/arch/powerpc/Kconfig >> @@ -185,7 +185,7 @@ config PPC >> select HAVE_ARCH_KASAN if PPC32 && PPC_PAGE_SHIFT <= 14 >> select HAVE_ARCH_KASAN_VMALLOC if PPC32 && PPC_PAGE_SHIFT <= 14 >> select HAVE_ARCH_KGDB >> - select HAVE_ARCH_KFENCE if PPC32 >> + select HAVE_ARCH_KFENCE if PPC32 && !PPC_FSL_BOOK3E >> select HAVE_ARCH_MMAP_RND_BITS >> select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT >> select HAVE_ARCH_NVRAM_OPS >> > . > From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D76BCC433EF for ; Sat, 25 Sep 2021 03:11:04 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 17F6A610F7 for ; Sat, 25 Sep 2021 03:11:03 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 17F6A610F7 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=huawei.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.ozlabs.org Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4HGYnd5zKpz3bbx for ; Sat, 25 Sep 2021 13:11:01 +1000 (AEST) Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=huawei.com (client-ip=45.249.212.189; helo=szxga03-in.huawei.com; envelope-from=liushixin2@huawei.com; receiver=) Received: from szxga03-in.huawei.com (szxga03-in.huawei.com [45.249.212.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4HGYn90YCkz2yP0 for ; Sat, 25 Sep 2021 13:10:32 +1000 (AEST) Received: from dggemv711-chm.china.huawei.com (unknown [172.30.72.57]) by szxga03-in.huawei.com (SkyGuard) with ESMTP id 4HGYm33mYDz8tFD; Sat, 25 Sep 2021 11:09:39 +0800 (CST) Received: from dggpemm500009.china.huawei.com (7.185.36.225) by dggemv711-chm.china.huawei.com (10.1.198.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Sat, 25 Sep 2021 11:10:26 +0800 Received: from [10.174.179.24] (10.174.179.24) by dggpemm500009.china.huawei.com (7.185.36.225) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Sat, 25 Sep 2021 11:10:26 +0800 Subject: Re: [PATCH] powerpc: don't select KFENCE on platform PPC_FSL_BOOK3E To: Christophe Leroy , Marco Elver , Michael Ellerman , "Benjamin Herrenschmidt" , Paul Mackerras References: <20210924063927.1341241-1-liushixin2@huawei.com> From: Liu Shixin Message-ID: <63e78249-8878-cbe3-0a22-a094ef53164a@huawei.com> Date: Sat, 25 Sep 2021 11:10:25 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-Originating-IP: [10.174.179.24] X-ClientProxiedBy: dggems703-chm.china.huawei.com (10.3.19.180) To dggpemm500009.china.huawei.com (7.185.36.225) X-CFilter-Loop: Reflected X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" On 2021/9/24 14:41, Christophe Leroy wrote: > > > Le 24/09/2021 à 08:39, Liu Shixin a écrit : >> On platform PPC_FSL_BOOK3E, all lowmem is managed by tlbcam. That means >> we didn't really map the kfence pool with page granularity. Therefore, >> if KFENCE is enabled, the system will hit the following panic: > > Could you please explain a bit more what the problem is ? > > KFENCE has been implemented with the same logic as DEBUG_PAGEALLOC. > > DEBUG_PAGEALLOC is enabled on FSL_BOOK3E. > > In MMU_setup(), __map_without_ltlbs is set to 1 when KFENCE is enabled. > > __map_without_ltlbs should disable the use of tlbcam. > > > So what's wrong really ? > > Does DEBUG_PAGEALLOC work on FSL_BOOK3E ? > > Thanks > Christophe > hi Christophe, The phenomenon is that kernel panic in the kfence_protect_page function because __kfence_pool is not mapped with page granularity. The problem is that in the mapin_ram function, the return value(i.e base) of mmu_mapin_ram is equal to top. As a result, no level-2 page table is created for [base, top]. It seems that __map_without_ltlbs didn't diable the use of tlbcam. I have tried to force page table for all lowmem, then this problem will go away but the kfence_test failed, which could be explained by the fact that tlbcam is still used. By the way, DEBUG_PAGEALLOC works well on FSL_BOOK3E without level-2 page table. Thanks, >> >> BUG: Kernel NULL pointer dereference on read at 0x00000000 >> Faulting instruction address: 0xc01de598 >> Oops: Kernel access of bad area, sig: 11 [#1] >> BE PAGE_SIZE=4K SMP NR_CPUS=4 MPC8544 DS >> Dumping ftrace buffer: >> (ftrace buffer empty) >> Modules linked in: >> CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.12.0-rc3+ #298 >> NIP: c01de598 LR: c08ae9c4 CTR: 00000000 >> REGS: c0b4bea0 TRAP: 0300 Not tainted (5.12.0-rc3+) >> MSR: 00021000 CR: 24000228 XER: 20000000 >> DEAR: 00000000 ESR: 00000000 >> GPR00: c08ae9c4 c0b4bf60 c0ad64e0 ef720000 00021000 00000000 00000000 00000200 >> GPR08: c0ad5000 00000000 00000000 00000004 00000000 008fbb30 00000000 00000000 >> GPR16: 00000000 00000000 00000000 00000000 c0000000 00000000 00000000 00000000 >> GPR24: c08ca004 c08ca004 c0b6a0e0 c0b60000 c0b58f00 c0850000 c08ca000 ef720000 >> NIP [c01de598] kfence_protect+0x44/0x6c >> LR [c08ae9c4] kfence_init+0xfc/0x2a4 >> Call Trace: >> [c0b4bf60] [efffe160] 0xefffe160 (unreliable) >> [c0b4bf70] [c08ae9c4] kfence_init+0xfc/0x2a4 >> [c0b4bfb0] [c0894d3c] start_kernel+0x3bc/0x574 >> [c0b4bff0] [c0000470] set_ivor+0x14c/0x188 >> Instruction dump: >> 7c0802a6 8109d594 546a653a 90010014 54630026 39200000 7d48502e 2c0a0000 >> 41820010 554a0026 5469b53a 7d295214 <81490000> 38831000 554a003c 91490000 >> random: get_random_bytes called from print_oops_end_marker+0x40/0x78 with crng_init=0 >> ---[ end trace 0000000000000000 ]--- >> >> Signed-off-by: Liu Shixin >> --- >> arch/powerpc/Kconfig | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig >> index d46db0bfb998..cffd57bcb5e4 100644 >> --- a/arch/powerpc/Kconfig >> +++ b/arch/powerpc/Kconfig >> @@ -185,7 +185,7 @@ config PPC >> select HAVE_ARCH_KASAN if PPC32 && PPC_PAGE_SHIFT <= 14 >> select HAVE_ARCH_KASAN_VMALLOC if PPC32 && PPC_PAGE_SHIFT <= 14 >> select HAVE_ARCH_KGDB >> - select HAVE_ARCH_KFENCE if PPC32 >> + select HAVE_ARCH_KFENCE if PPC32 && !PPC_FSL_BOOK3E >> select HAVE_ARCH_MMAP_RND_BITS >> select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT >> select HAVE_ARCH_NVRAM_OPS >> > . >