From: Khalid Aziz <khalid.aziz@oracle.com> To: juergh@gmail.com, tycho@tycho.ws, jsteckli@amazon.de, ak@linux.intel.com, liran.alon@oracle.com, keescook@google.com, konrad.wilk@oracle.com Cc: Juerg Haefliger <juerg.haefliger@canonical.com>, deepa.srinivasan@oracle.com, chris.hyser@oracle.com, tyhicks@canonical.com, dwmw@amazon.co.uk, andrew.cooper3@citrix.com, jcm@redhat.com, boris.ostrovsky@oracle.com, kanth.ghatraju@oracle.com, joao.m.martins@oracle.com, jmattson@google.com, pradeep.vincent@oracle.com, john.haxby@oracle.com, tglx@linutronix.de, kirill.shutemov@linux.intel.com, hch@lst.de, steven.sistare@oracle.com, labbott@redhat.com, luto@kernel.org, dave.hansen@intel.com, peterz@infradead.org, aaron.lu@intel.com, akpm@linux-foundation.org, alexander.h.duyck@linux.intel.com, amir73il@gmail.com, andreyknvl@google.com, aneesh.kumar@linux.ibm.com, anthony.yznaga@oracle.com, ard.biesheuvel@linaro.org, arnd@arndb.de, arunks@codeaurora.org, ben@decadent.org.uk, bigeasy@linutronix.de, bp@alien8.de, brgl@bgdev.pl, catalin.marinas@arm.com, corbet@lwn.net, cpandya@codeaurora.org, daniel.vetter@ffwll.ch, dan.j.williams@intel.com, gregkh@linuxfoundation.org, guro@fb.com, hannes@cmpxchg.org, hpa@zytor.com, iamjoonsoo.kim@lge.com, james.morse@arm.com, jannh@google.com, jgross@suse.com, jkosina@suse.cz, jmorris@namei.org, joe@perches.com, jrdr.linux@gmail.com, jroedel@suse.de, keith.busch@intel.com, khalid.aziz@oracle.com, khlebnikov@yandex-team.ru, logang@deltatee.com, marco.antonio.780@gmail.com, mark.rutland@arm.com, mgorman@techsingularity.net, mhocko@suse.com, mhocko@suse.cz, mike.kravetz@oracle.com, mingo@redhat.com, mst@redhat.com, m.szyprowski@samsung.com, npiggin@gmail.com, osalvador@suse.de, paulmck@linux.vnet.ibm.com, pavel.tatashin@microsoft.com, rdunlap@infradead.org, richard.weiyang@gmail.com, riel@surriel.com, rientjes@google.com, robin.murphy@arm.com, rostedt@goodmis.org, rppt@linux.vnet.ibm.com, sai.praneeth.prakhya@intel.com, serge@hallyn.com, steve.capper@arm.com, thymovanbeers@gmail.com, vbabka@suse.cz, will.deacon@arm.com, willy@infradead.org, yang.shi@linux.alibaba.com, yaojun8558363@gmail.com, ying.huang@intel.com, zhangshaokun@hisilicon.com, iommu@lists.linux-foundation.org, x86@kernel.org, linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-security-module@vger.kernel.org, Khalid Aziz <khalid@gonehiking.org> Subject: [RFC PATCH v9 06/13] lkdtm: Add test for XPFO Date: Wed, 3 Apr 2019 11:34:07 -0600 [thread overview] Message-ID: <f2ebf3d199aec62815242ac45ef2fd9300c1a9d5.1554248002.git.khalid.aziz@oracle.com> (raw) In-Reply-To: <cover.1554248001.git.khalid.aziz@oracle.com> In-Reply-To: <cover.1554248001.git.khalid.aziz@oracle.com> From: Juerg Haefliger <juerg.haefliger@canonical.com> This test simply reads from userspace memory via the kernel's linear map. v6: * drop an #ifdef, just let the test fail if XPFO is not supported * add XPFO_SMP test to try and test the case when one CPU does an xpfo unmap of an address, that it can't be used accidentally by other CPUs. Signed-off-by: Juerg Haefliger <juerg.haefliger@canonical.com> Signed-off-by: Tycho Andersen <tycho@tycho.ws> Tested-by: Marco Benatto <marco.antonio.780@gmail.com> [jsteckli@amazon.de: rebased from v4.13 to v4.19] Signed-off-by: Julian Stecklina <jsteckli@amazon.de> Tested-by: Khalid Aziz <khalid.aziz@oracle.com> Cc: Khalid Aziz <khalid@gonehiking.org> --- drivers/misc/lkdtm/Makefile | 1 + drivers/misc/lkdtm/core.c | 3 + drivers/misc/lkdtm/lkdtm.h | 5 + drivers/misc/lkdtm/xpfo.c | 196 ++++++++++++++++++++++++++++++++++++ 4 files changed, 205 insertions(+) create mode 100644 drivers/misc/lkdtm/xpfo.c diff --git a/drivers/misc/lkdtm/Makefile b/drivers/misc/lkdtm/Makefile index 951c984de61a..97c6b7818cce 100644 --- a/drivers/misc/lkdtm/Makefile +++ b/drivers/misc/lkdtm/Makefile @@ -9,6 +9,7 @@ lkdtm-$(CONFIG_LKDTM) += refcount.o lkdtm-$(CONFIG_LKDTM) += rodata_objcopy.o lkdtm-$(CONFIG_LKDTM) += usercopy.o lkdtm-$(CONFIG_LKDTM) += stackleak.o +lkdtm-$(CONFIG_LKDTM) += xpfo.o KASAN_SANITIZE_stackleak.o := n KCOV_INSTRUMENT_rodata.o := n diff --git a/drivers/misc/lkdtm/core.c b/drivers/misc/lkdtm/core.c index 2837dc77478e..25f4ab4ebf50 100644 --- a/drivers/misc/lkdtm/core.c +++ b/drivers/misc/lkdtm/core.c @@ -185,6 +185,9 @@ static const struct crashtype crashtypes[] = { CRASHTYPE(USERCOPY_KERNEL), CRASHTYPE(USERCOPY_KERNEL_DS), CRASHTYPE(STACKLEAK_ERASING), + CRASHTYPE(XPFO_READ_USER), + CRASHTYPE(XPFO_READ_USER_HUGE), + CRASHTYPE(XPFO_SMP), }; diff --git a/drivers/misc/lkdtm/lkdtm.h b/drivers/misc/lkdtm/lkdtm.h index 3c6fd327e166..6b31ff0c7f8f 100644 --- a/drivers/misc/lkdtm/lkdtm.h +++ b/drivers/misc/lkdtm/lkdtm.h @@ -87,4 +87,9 @@ void lkdtm_USERCOPY_KERNEL_DS(void); /* lkdtm_stackleak.c */ void lkdtm_STACKLEAK_ERASING(void); +/* lkdtm_xpfo.c */ +void lkdtm_XPFO_READ_USER(void); +void lkdtm_XPFO_READ_USER_HUGE(void); +void lkdtm_XPFO_SMP(void); + #endif diff --git a/drivers/misc/lkdtm/xpfo.c b/drivers/misc/lkdtm/xpfo.c new file mode 100644 index 000000000000..8876128f0144 --- /dev/null +++ b/drivers/misc/lkdtm/xpfo.c @@ -0,0 +1,196 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * This is for all the tests related to XPFO (eXclusive Page Frame Ownership). + */ + +#include "lkdtm.h" + +#include <linux/cpumask.h> +#include <linux/mman.h> +#include <linux/uaccess.h> +#include <linux/xpfo.h> +#include <linux/kthread.h> + +#include <linux/delay.h> +#include <linux/sched/task.h> + +#define XPFO_DATA 0xdeadbeef + +static unsigned long do_map(unsigned long flags) +{ + unsigned long user_addr, user_data = XPFO_DATA; + + user_addr = vm_mmap(NULL, 0, PAGE_SIZE, + PROT_READ | PROT_WRITE | PROT_EXEC, + flags, 0); + if (user_addr >= TASK_SIZE) { + pr_warn("Failed to allocate user memory\n"); + return 0; + } + + if (copy_to_user((void __user *)user_addr, &user_data, + sizeof(user_data))) { + pr_warn("copy_to_user failed\n"); + goto free_user; + } + + return user_addr; + +free_user: + vm_munmap(user_addr, PAGE_SIZE); + return 0; +} + +static unsigned long *user_to_kernel(unsigned long user_addr) +{ + phys_addr_t phys_addr; + void *virt_addr; + + phys_addr = user_virt_to_phys(user_addr); + if (!phys_addr) { + pr_warn("Failed to get physical address of user memory\n"); + return NULL; + } + + virt_addr = phys_to_virt(phys_addr); + if (phys_addr != virt_to_phys(virt_addr)) { + pr_warn("Physical address of user memory seems incorrect\n"); + return NULL; + } + + return virt_addr; +} + +static void read_map(unsigned long *virt_addr) +{ + pr_info("Attempting bad read from kernel address %p\n", virt_addr); + if (*(unsigned long *)virt_addr == XPFO_DATA) + pr_err("FAIL: Bad read succeeded?!\n"); + else + pr_err("FAIL: Bad read didn't fail but data is incorrect?!\n"); +} + +static void read_user_with_flags(unsigned long flags) +{ + unsigned long user_addr, *kernel; + + user_addr = do_map(flags); + if (!user_addr) { + pr_err("FAIL: map failed\n"); + return; + } + + kernel = user_to_kernel(user_addr); + if (!kernel) { + pr_err("FAIL: user to kernel conversion failed\n"); + goto free_user; + } + + read_map(kernel); + +free_user: + vm_munmap(user_addr, PAGE_SIZE); +} + +/* Read from userspace via the kernel's linear map. */ +void lkdtm_XPFO_READ_USER(void) +{ + read_user_with_flags(MAP_PRIVATE | MAP_ANONYMOUS); +} + +void lkdtm_XPFO_READ_USER_HUGE(void) +{ + read_user_with_flags(MAP_PRIVATE | MAP_ANONYMOUS | MAP_HUGETLB); +} + +struct smp_arg { + unsigned long *virt_addr; + unsigned int cpu; +}; + +static int smp_reader(void *parg) +{ + struct smp_arg *arg = parg; + unsigned long *virt_addr; + + if (arg->cpu != smp_processor_id()) { + pr_err("FAIL: scheduled on wrong CPU?\n"); + return 0; + } + + virt_addr = smp_cond_load_acquire(&arg->virt_addr, VAL != NULL); + read_map(virt_addr); + + return 0; +} + +#ifdef CONFIG_X86 +#define XPFO_SMP_KILLED SIGKILL +#elif CONFIG_ARM64 +#define XPFO_SMP_KILLED SIGSEGV +#else +#error unsupported arch +#endif + +/* The idea here is to read from the kernel's map on a different thread than + * did the mapping (and thus the TLB flushing), to make sure that the page + * faults on other cores too. + */ +void lkdtm_XPFO_SMP(void) +{ + unsigned long user_addr, *virt_addr; + struct task_struct *thread; + int ret; + struct smp_arg arg; + + if (num_online_cpus() < 2) { + pr_err("not enough to do a multi cpu test\n"); + return; + } + + arg.virt_addr = NULL; + arg.cpu = (smp_processor_id() + 1) % num_online_cpus(); + thread = kthread_create(smp_reader, &arg, "lkdtm_xpfo_test"); + if (IS_ERR(thread)) { + pr_err("couldn't create kthread? %ld\n", PTR_ERR(thread)); + return; + } + + kthread_bind(thread, arg.cpu); + get_task_struct(thread); + wake_up_process(thread); + + user_addr = do_map(MAP_PRIVATE | MAP_ANONYMOUS); + if (!user_addr) + goto kill_thread; + + virt_addr = user_to_kernel(user_addr); + if (!virt_addr) { + /* + * let's store something that will fail, so we can unblock the + * thread + */ + smp_store_release(&arg.virt_addr, &arg); + goto free_user; + } + + /* Store to test address to unblock the thread */ + smp_store_release(&arg.virt_addr, virt_addr); + + /* there must be a better way to do this. */ + while (1) { + if (thread->exit_state) + break; + msleep_interruptible(100); + } + +free_user: + if (user_addr) + vm_munmap(user_addr, PAGE_SIZE); + +kill_thread: + ret = kthread_stop(thread); + if (ret != XPFO_SMP_KILLED) + pr_err("FAIL: thread wasn't killed: %d\n", ret); + put_task_struct(thread); +} -- 2.17.1
WARNING: multiple messages have this Message-ID (diff)
From: Khalid Aziz <khalid.aziz-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org> To: juergh-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org, tycho-E0fblnxP3wo@public.gmane.org, jsteckli-ebkRAfMGSJGzQB+pC5nmwQ@public.gmane.org, ak-VuQAYsv1563Yd54FQh9/CA@public.gmane.org, liran.alon-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org, keescook-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org, konrad.wilk-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org Cc: catalin.marinas-5wv7dgnIgG8@public.gmane.org, will.deacon-5wv7dgnIgG8@public.gmane.org, khalid.aziz-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org, steven.sistare-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org, hch-jcswGhMUV9g@public.gmane.org, aneesh.kumar-tEXmvtCZX7AybS5Ee8rs3A@public.gmane.org, jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org, rientjes-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org, anthony.yznaga-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org, riel-ebMLmSuQjDVBDgjK7y7TUQ@public.gmane.org, npiggin-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org, rppt-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org, luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org, jkosina-AlSwsSmVLrQ@public.gmane.org, rdunlap-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, jrdr.linux-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org, gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org, joe-6d6DIl74uiNBDgjK7y7TUQ@public.gmane.org, arunks-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org, akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org, dwmw-vV1OtcyAfmbQXOPxS62xeg@public.gmane.org, mark.rutland-5wv7dgnIgG8@public.gmane.org, linux-doc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, keith.busch-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org, joao.m.martins-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org, hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org, brgl-ARrdPY/1zhM@public.gmane.org, jroedel-l3A5Bk7waGM@public.gmane.org, zhangshaokun-C8/M+/jPZTeaMJb+Lgu22Q@public.gmane.org, boris.ostrovsky-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org, chris.hyser-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org, linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org, Khalid Aziz <khalid-21RPF02GE+GXwddmVfQv5g@public.gmane.org>, aaron.lu-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org, steve.capper-5wv7dgnIgG8@public.gmane.org, james.morse-5wv7dgnIgG8@public.gmane.org, iamjoo Subject: [RFC PATCH v9 06/13] lkdtm: Add test for XPFO Date: Wed, 3 Apr 2019 11:34:07 -0600 [thread overview] Message-ID: <f2ebf3d199aec62815242ac45ef2fd9300c1a9d5.1554248002.git.khalid.aziz@oracle.com> (raw) In-Reply-To: <cover.1554248001.git.khalid.aziz-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org> In-Reply-To: <cover.1554248001.git.khalid.aziz-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org> From: Juerg Haefliger <juerg.haefliger-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org> This test simply reads from userspace memory via the kernel's linear map. v6: * drop an #ifdef, just let the test fail if XPFO is not supported * add XPFO_SMP test to try and test the case when one CPU does an xpfo unmap of an address, that it can't be used accidentally by other CPUs. Signed-off-by: Juerg Haefliger <juerg.haefliger-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org> Signed-off-by: Tycho Andersen <tycho-E0fblnxP3wo@public.gmane.org> Tested-by: Marco Benatto <marco.antonio.780-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> [jsteckli-ebkRAfMGSJGzQB+pC5nmwQ@public.gmane.org: rebased from v4.13 to v4.19] Signed-off-by: Julian Stecklina <jsteckli-ebkRAfMGSJGzQB+pC5nmwQ@public.gmane.org> Tested-by: Khalid Aziz <khalid.aziz-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org> Cc: Khalid Aziz <khalid-21RPF02GE+GXwddmVfQv5g@public.gmane.org> --- drivers/misc/lkdtm/Makefile | 1 + drivers/misc/lkdtm/core.c | 3 + drivers/misc/lkdtm/lkdtm.h | 5 + drivers/misc/lkdtm/xpfo.c | 196 ++++++++++++++++++++++++++++++++++++ 4 files changed, 205 insertions(+) create mode 100644 drivers/misc/lkdtm/xpfo.c diff --git a/drivers/misc/lkdtm/Makefile b/drivers/misc/lkdtm/Makefile index 951c984de61a..97c6b7818cce 100644 --- a/drivers/misc/lkdtm/Makefile +++ b/drivers/misc/lkdtm/Makefile @@ -9,6 +9,7 @@ lkdtm-$(CONFIG_LKDTM) += refcount.o lkdtm-$(CONFIG_LKDTM) += rodata_objcopy.o lkdtm-$(CONFIG_LKDTM) += usercopy.o lkdtm-$(CONFIG_LKDTM) += stackleak.o +lkdtm-$(CONFIG_LKDTM) += xpfo.o KASAN_SANITIZE_stackleak.o := n KCOV_INSTRUMENT_rodata.o := n diff --git a/drivers/misc/lkdtm/core.c b/drivers/misc/lkdtm/core.c index 2837dc77478e..25f4ab4ebf50 100644 --- a/drivers/misc/lkdtm/core.c +++ b/drivers/misc/lkdtm/core.c @@ -185,6 +185,9 @@ static const struct crashtype crashtypes[] = { CRASHTYPE(USERCOPY_KERNEL), CRASHTYPE(USERCOPY_KERNEL_DS), CRASHTYPE(STACKLEAK_ERASING), + CRASHTYPE(XPFO_READ_USER), + CRASHTYPE(XPFO_READ_USER_HUGE), + CRASHTYPE(XPFO_SMP), }; diff --git a/drivers/misc/lkdtm/lkdtm.h b/drivers/misc/lkdtm/lkdtm.h index 3c6fd327e166..6b31ff0c7f8f 100644 --- a/drivers/misc/lkdtm/lkdtm.h +++ b/drivers/misc/lkdtm/lkdtm.h @@ -87,4 +87,9 @@ void lkdtm_USERCOPY_KERNEL_DS(void); /* lkdtm_stackleak.c */ void lkdtm_STACKLEAK_ERASING(void); +/* lkdtm_xpfo.c */ +void lkdtm_XPFO_READ_USER(void); +void lkdtm_XPFO_READ_USER_HUGE(void); +void lkdtm_XPFO_SMP(void); + #endif diff --git a/drivers/misc/lkdtm/xpfo.c b/drivers/misc/lkdtm/xpfo.c new file mode 100644 index 000000000000..8876128f0144 --- /dev/null +++ b/drivers/misc/lkdtm/xpfo.c @@ -0,0 +1,196 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * This is for all the tests related to XPFO (eXclusive Page Frame Ownership). + */ + +#include "lkdtm.h" + +#include <linux/cpumask.h> +#include <linux/mman.h> +#include <linux/uaccess.h> +#include <linux/xpfo.h> +#include <linux/kthread.h> + +#include <linux/delay.h> +#include <linux/sched/task.h> + +#define XPFO_DATA 0xdeadbeef + +static unsigned long do_map(unsigned long flags) +{ + unsigned long user_addr, user_data = XPFO_DATA; + + user_addr = vm_mmap(NULL, 0, PAGE_SIZE, + PROT_READ | PROT_WRITE | PROT_EXEC, + flags, 0); + if (user_addr >= TASK_SIZE) { + pr_warn("Failed to allocate user memory\n"); + return 0; + } + + if (copy_to_user((void __user *)user_addr, &user_data, + sizeof(user_data))) { + pr_warn("copy_to_user failed\n"); + goto free_user; + } + + return user_addr; + +free_user: + vm_munmap(user_addr, PAGE_SIZE); + return 0; +} + +static unsigned long *user_to_kernel(unsigned long user_addr) +{ + phys_addr_t phys_addr; + void *virt_addr; + + phys_addr = user_virt_to_phys(user_addr); + if (!phys_addr) { + pr_warn("Failed to get physical address of user memory\n"); + return NULL; + } + + virt_addr = phys_to_virt(phys_addr); + if (phys_addr != virt_to_phys(virt_addr)) { + pr_warn("Physical address of user memory seems incorrect\n"); + return NULL; + } + + return virt_addr; +} + +static void read_map(unsigned long *virt_addr) +{ + pr_info("Attempting bad read from kernel address %p\n", virt_addr); + if (*(unsigned long *)virt_addr == XPFO_DATA) + pr_err("FAIL: Bad read succeeded?!\n"); + else + pr_err("FAIL: Bad read didn't fail but data is incorrect?!\n"); +} + +static void read_user_with_flags(unsigned long flags) +{ + unsigned long user_addr, *kernel; + + user_addr = do_map(flags); + if (!user_addr) { + pr_err("FAIL: map failed\n"); + return; + } + + kernel = user_to_kernel(user_addr); + if (!kernel) { + pr_err("FAIL: user to kernel conversion failed\n"); + goto free_user; + } + + read_map(kernel); + +free_user: + vm_munmap(user_addr, PAGE_SIZE); +} + +/* Read from userspace via the kernel's linear map. */ +void lkdtm_XPFO_READ_USER(void) +{ + read_user_with_flags(MAP_PRIVATE | MAP_ANONYMOUS); +} + +void lkdtm_XPFO_READ_USER_HUGE(void) +{ + read_user_with_flags(MAP_PRIVATE | MAP_ANONYMOUS | MAP_HUGETLB); +} + +struct smp_arg { + unsigned long *virt_addr; + unsigned int cpu; +}; + +static int smp_reader(void *parg) +{ + struct smp_arg *arg = parg; + unsigned long *virt_addr; + + if (arg->cpu != smp_processor_id()) { + pr_err("FAIL: scheduled on wrong CPU?\n"); + return 0; + } + + virt_addr = smp_cond_load_acquire(&arg->virt_addr, VAL != NULL); + read_map(virt_addr); + + return 0; +} + +#ifdef CONFIG_X86 +#define XPFO_SMP_KILLED SIGKILL +#elif CONFIG_ARM64 +#define XPFO_SMP_KILLED SIGSEGV +#else +#error unsupported arch +#endif + +/* The idea here is to read from the kernel's map on a different thread than + * did the mapping (and thus the TLB flushing), to make sure that the page + * faults on other cores too. + */ +void lkdtm_XPFO_SMP(void) +{ + unsigned long user_addr, *virt_addr; + struct task_struct *thread; + int ret; + struct smp_arg arg; + + if (num_online_cpus() < 2) { + pr_err("not enough to do a multi cpu test\n"); + return; + } + + arg.virt_addr = NULL; + arg.cpu = (smp_processor_id() + 1) % num_online_cpus(); + thread = kthread_create(smp_reader, &arg, "lkdtm_xpfo_test"); + if (IS_ERR(thread)) { + pr_err("couldn't create kthread? %ld\n", PTR_ERR(thread)); + return; + } + + kthread_bind(thread, arg.cpu); + get_task_struct(thread); + wake_up_process(thread); + + user_addr = do_map(MAP_PRIVATE | MAP_ANONYMOUS); + if (!user_addr) + goto kill_thread; + + virt_addr = user_to_kernel(user_addr); + if (!virt_addr) { + /* + * let's store something that will fail, so we can unblock the + * thread + */ + smp_store_release(&arg.virt_addr, &arg); + goto free_user; + } + + /* Store to test address to unblock the thread */ + smp_store_release(&arg.virt_addr, virt_addr); + + /* there must be a better way to do this. */ + while (1) { + if (thread->exit_state) + break; + msleep_interruptible(100); + } + +free_user: + if (user_addr) + vm_munmap(user_addr, PAGE_SIZE); + +kill_thread: + ret = kthread_stop(thread); + if (ret != XPFO_SMP_KILLED) + pr_err("FAIL: thread wasn't killed: %d\n", ret); + put_task_struct(thread); +} -- 2.17.1
next prev parent reply other threads:[~2019-04-03 17:37 UTC|newest] Thread overview: 202+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-04-03 17:34 [RFC PATCH v9 00/13] Add support for eXclusive Page Frame Ownership Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 01/13] mm: add MAP_HUGETLB support to vm_mmap Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 02/13] x86: always set IF before oopsing from page fault Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-04 0:12 ` Andy Lutomirski 2019-04-04 0:12 ` Andy Lutomirski 2019-04-04 1:42 ` Tycho Andersen 2019-04-04 1:42 ` Tycho Andersen 2019-04-04 4:12 ` Andy Lutomirski 2019-04-04 4:12 ` Andy Lutomirski 2019-04-04 15:47 ` Tycho Andersen 2019-04-04 15:47 ` Tycho Andersen 2019-04-04 16:23 ` Sebastian Andrzej Siewior 2019-04-04 16:28 ` Thomas Gleixner 2019-04-04 16:28 ` Thomas Gleixner 2019-04-04 17:11 ` Andy Lutomirski 2019-04-04 17:11 ` Andy Lutomirski 2019-04-03 17:34 ` [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO) Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-04 7:21 ` Peter Zijlstra 2019-04-04 7:21 ` Peter Zijlstra 2019-04-04 9:25 ` Peter Zijlstra 2019-04-04 9:25 ` Peter Zijlstra 2019-04-04 14:48 ` Tycho Andersen 2019-04-04 14:48 ` Tycho Andersen 2019-04-04 7:43 ` Peter Zijlstra 2019-04-04 7:43 ` Peter Zijlstra 2019-04-04 15:15 ` Khalid Aziz 2019-04-04 15:15 ` Khalid Aziz 2019-04-04 17:01 ` Peter Zijlstra 2019-04-04 17:01 ` Peter Zijlstra 2019-04-17 16:15 ` Ingo Molnar 2019-04-17 16:15 ` Ingo Molnar 2019-04-17 16:15 ` Ingo Molnar 2019-04-17 16:15 ` Ingo Molnar 2019-04-17 16:49 ` Khalid Aziz 2019-04-17 16:49 ` Khalid Aziz 2019-04-17 16:49 ` Khalid Aziz 2019-04-17 16:49 ` Khalid Aziz 2019-04-17 17:09 ` Ingo Molnar 2019-04-17 17:09 ` Ingo Molnar 2019-04-17 17:09 ` Ingo Molnar 2019-04-17 17:09 ` Ingo Molnar 2019-04-17 17:19 ` Nadav Amit 2019-04-17 17:19 ` Nadav Amit 2019-04-17 17:19 ` Nadav Amit 2019-04-17 17:19 ` Nadav Amit 2019-04-17 17:26 ` Ingo Molnar 2019-04-17 17:26 ` Ingo Molnar 2019-04-17 17:26 ` Ingo Molnar 2019-04-17 17:26 ` Ingo Molnar 2019-04-17 17:44 ` Nadav Amit 2019-04-17 17:44 ` Nadav Amit 2019-04-17 17:44 ` Nadav Amit 2019-04-17 17:44 ` Nadav Amit 2019-04-17 21:19 ` Thomas Gleixner 2019-04-17 21:19 ` Thomas Gleixner 2019-04-17 21:19 ` Thomas Gleixner 2019-04-17 21:19 ` Thomas Gleixner 2019-04-17 21:19 ` Thomas Gleixner 2019-04-17 23:18 ` Linus Torvalds 2019-04-17 23:18 ` Linus Torvalds 2019-04-17 23:18 ` Linus Torvalds 2019-04-17 23:42 ` Thomas Gleixner 2019-04-17 23:42 ` Thomas Gleixner 2019-04-17 23:42 ` Thomas Gleixner 2019-04-17 23:42 ` Thomas Gleixner 2019-04-17 23:42 ` Thomas Gleixner 2019-04-17 23:52 ` Linus Torvalds 2019-04-17 23:52 ` Linus Torvalds 2019-04-17 23:52 ` Linus Torvalds 2019-04-17 23:52 ` Linus Torvalds 2019-04-17 23:52 ` Linus Torvalds 2019-04-18 4:41 ` Andy Lutomirski 2019-04-18 4:41 ` Andy Lutomirski 2019-04-18 4:41 ` Andy Lutomirski 2019-04-18 4:41 ` Andy Lutomirski 2019-04-18 4:41 ` Andy Lutomirski 2019-04-18 5:41 ` Kees Cook 2019-04-18 5:41 ` Kees Cook 2019-04-18 5:41 ` Kees Cook via iommu 2019-04-18 5:41 ` Kees Cook 2019-04-18 5:41 ` Kees Cook 2019-04-18 14:34 ` Khalid Aziz 2019-04-18 14:34 ` Khalid Aziz 2019-04-18 14:34 ` Khalid Aziz 2019-04-18 14:34 ` Khalid Aziz 2019-04-22 19:30 ` Khalid Aziz 2019-04-22 19:30 ` Khalid Aziz 2019-04-22 19:30 ` Khalid Aziz 2019-04-22 19:30 ` Khalid Aziz 2019-04-22 22:23 ` Kees Cook 2019-04-22 22:23 ` Kees Cook 2019-04-22 22:23 ` Kees Cook via iommu 2019-04-22 22:23 ` Kees Cook via iommu 2019-04-22 22:23 ` Kees Cook 2019-04-18 6:14 ` Thomas Gleixner 2019-04-18 6:14 ` Thomas Gleixner 2019-04-18 6:14 ` Thomas Gleixner 2019-04-18 6:14 ` Thomas Gleixner 2019-04-18 6:14 ` Thomas Gleixner 2019-04-17 17:33 ` Khalid Aziz 2019-04-17 17:33 ` Khalid Aziz 2019-04-17 17:33 ` Khalid Aziz 2019-04-17 17:33 ` Khalid Aziz 2019-04-17 19:49 ` Andy Lutomirski 2019-04-17 19:49 ` Andy Lutomirski 2019-04-17 19:49 ` Andy Lutomirski 2019-04-17 19:49 ` Andy Lutomirski 2019-04-17 19:49 ` Andy Lutomirski 2019-04-17 19:52 ` Tycho Andersen 2019-04-17 19:52 ` Tycho Andersen 2019-04-17 19:52 ` Tycho Andersen 2019-04-17 19:52 ` Tycho Andersen 2019-04-17 20:12 ` Khalid Aziz 2019-04-17 20:12 ` Khalid Aziz 2019-04-17 20:12 ` Khalid Aziz 2019-04-17 20:12 ` Khalid Aziz 2019-05-01 14:49 ` Waiman Long 2019-05-01 14:49 ` Waiman Long 2019-05-01 14:49 ` Waiman Long 2019-05-01 14:49 ` Waiman Long 2019-05-01 15:18 ` Khalid Aziz 2019-05-01 15:18 ` Khalid Aziz 2019-05-01 15:18 ` Khalid Aziz 2019-05-01 15:18 ` Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 04/13] xpfo, x86: Add support for XPFO for x86-64 Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-04 7:52 ` Peter Zijlstra 2019-04-04 7:52 ` Peter Zijlstra 2019-04-04 15:40 ` Khalid Aziz 2019-04-04 15:40 ` Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 05/13] mm: add a user_virt_to_phys symbol Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz [this message] 2019-04-03 17:34 ` [RFC PATCH v9 06/13] lkdtm: Add test for XPFO Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 07/13] arm64/mm: Add support " Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 08/13] swiotlb: Map the buffer if it was unmapped by XPFO Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 09/13] xpfo: add primitives for mapping underlying memory Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 10/13] arm64/mm, xpfo: temporarily map dcache regions Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 11/13] xpfo, mm: optimize spinlock usage in xpfo_kunmap Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-04 7:56 ` Peter Zijlstra 2019-04-04 7:56 ` Peter Zijlstra 2019-04-04 16:06 ` Khalid Aziz 2019-04-04 16:06 ` Khalid Aziz 2019-04-03 17:34 ` [RFC PATCH v9 12/13] xpfo, mm: Defer TLB flushes for non-current CPUs (x86 only) Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-04 4:10 ` Andy Lutomirski 2019-04-04 4:10 ` Andy Lutomirski [not found] ` <CALCETrXMXxnWqN94d83UvGWhkD1BNWiwvH2vsUth1w0T3=0ywQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2019-04-04 22:55 ` Khalid Aziz 2019-04-05 7:17 ` Thomas Gleixner 2019-04-05 7:17 ` Thomas Gleixner 2019-04-05 14:44 ` Dave Hansen 2019-04-05 14:44 ` Dave Hansen 2019-04-05 15:24 ` Andy Lutomirski 2019-04-05 15:24 ` Andy Lutomirski 2019-04-05 15:24 ` Andy Lutomirski 2019-04-05 15:56 ` Tycho Andersen 2019-04-05 15:56 ` Tycho Andersen 2019-04-05 15:56 ` Tycho Andersen 2019-04-05 16:32 ` Andy Lutomirski 2019-04-05 16:32 ` Andy Lutomirski 2019-04-05 16:32 ` Andy Lutomirski 2019-04-05 15:56 ` Khalid Aziz 2019-04-05 15:56 ` Khalid Aziz 2019-04-05 15:56 ` Khalid Aziz 2019-04-05 16:01 ` Dave Hansen 2019-04-05 16:01 ` Dave Hansen 2019-04-05 16:01 ` Dave Hansen 2019-04-05 16:27 ` Andy Lutomirski 2019-04-05 16:27 ` Andy Lutomirski 2019-04-05 16:27 ` Andy Lutomirski 2019-04-05 16:41 ` Peter Zijlstra 2019-04-05 16:41 ` Peter Zijlstra 2019-04-05 16:41 ` Peter Zijlstra 2019-04-05 17:35 ` Khalid Aziz 2019-04-05 17:35 ` Khalid Aziz 2019-04-05 17:35 ` Khalid Aziz 2019-04-05 15:44 ` Khalid Aziz 2019-04-05 15:44 ` Khalid Aziz 2019-04-05 15:44 ` Khalid Aziz 2019-04-05 15:24 ` Andy Lutomirski 2019-04-05 15:24 ` Andy Lutomirski 2019-04-05 15:24 ` Andy Lutomirski 2019-04-04 8:18 ` Peter Zijlstra 2019-04-04 8:18 ` Peter Zijlstra 2019-04-03 17:34 ` [RFC PATCH v9 13/13] xpfo, mm: Optimize XPFO TLB flushes by batching them together Khalid Aziz 2019-04-03 17:34 ` Khalid Aziz 2019-04-04 16:44 ` [RFC PATCH v9 00/13] Add support for eXclusive Page Frame Ownership Nadav Amit 2019-04-04 16:44 ` Nadav Amit 2019-04-04 17:18 ` Khalid Aziz 2019-04-04 17:18 ` Khalid Aziz 2019-04-06 6:40 ` Jon Masters 2019-04-06 6:40 ` Jon Masters 2019-04-06 6:40 ` Jon Masters
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=f2ebf3d199aec62815242ac45ef2fd9300c1a9d5.1554248002.git.khalid.aziz@oracle.com \ --to=khalid.aziz@oracle.com \ --cc=aaron.lu@intel.com \ --cc=ak@linux.intel.com \ --cc=akpm@linux-foundation.org \ --cc=alexander.h.duyck@linux.intel.com \ --cc=amir73il@gmail.com \ --cc=andrew.cooper3@citrix.com \ --cc=andreyknvl@google.com \ --cc=aneesh.kumar@linux.ibm.com \ --cc=anthony.yznaga@oracle.com \ --cc=ard.biesheuvel@linaro.org \ --cc=arnd@arndb.de \ --cc=arunks@codeaurora.org \ --cc=ben@decadent.org.uk \ --cc=bigeasy@linutronix.de \ --cc=boris.ostrovsky@oracle.com \ --cc=bp@alien8.de \ --cc=brgl@bgdev.pl \ --cc=catalin.marinas@arm.com \ --cc=chris.hyser@oracle.com \ --cc=corbet@lwn.net \ --cc=cpandya@codeaurora.org \ --cc=dan.j.williams@intel.com \ --cc=daniel.vetter@ffwll.ch \ --cc=dave.hansen@intel.com \ --cc=deepa.srinivasan@oracle.com \ --cc=dwmw@amazon.co.uk \ --cc=gregkh@linuxfoundation.org \ --cc=guro@fb.com \ --cc=hannes@cmpxchg.org \ --cc=hch@lst.de \ --cc=hpa@zytor.com \ --cc=iamjoonsoo.kim@lge.com \ --cc=iommu@lists.linux-foundation.org \ --cc=james.morse@arm.com \ --cc=jannh@google.com \ --cc=jcm@redhat.com \ --cc=jgross@suse.com \ --cc=jkosina@suse.cz \ --cc=jmattson@google.com \ --cc=jmorris@namei.org \ --cc=joao.m.martins@oracle.com \ --cc=joe@perches.com \ --cc=john.haxby@oracle.com \ --cc=jrdr.linux@gmail.com \ --cc=jroedel@suse.de \ --cc=jsteckli@amazon.de \ --cc=juerg.haefliger@canonical.com \ --cc=juergh@gmail.com \ --cc=kanth.ghatraju@oracle.com \ --cc=keescook@google.com \ --cc=keith.busch@intel.com \ --cc=khalid@gonehiking.org \ --cc=khlebnikov@yandex-team.ru \ --cc=kirill.shutemov@linux.intel.com \ --cc=konrad.wilk@oracle.com \ --cc=labbott@redhat.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-doc@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=linux-security-module@vger.kernel.org \ --cc=liran.alon@oracle.com \ --cc=logang@deltatee.com \ --cc=luto@kernel.org \ --cc=m.szyprowski@samsung.com \ --cc=marco.antonio.780@gmail.com \ --cc=mark.rutland@arm.com \ --cc=mgorman@techsingularity.net \ --cc=mhocko@suse.com \ --cc=mhocko@suse.cz \ --cc=mike.kravetz@oracle.com \ --cc=mingo@redhat.com \ --cc=mst@redhat.com \ --cc=npiggin@gmail.com \ --cc=osalvador@suse.de \ --cc=paulmck@linux.vnet.ibm.com \ --cc=pavel.tatashin@microsoft.com \ --cc=peterz@infradead.org \ --cc=pradeep.vincent@oracle.com \ --cc=rdunlap@infradead.org \ --cc=richard.weiyang@gmail.com \ --cc=riel@surriel.com \ --cc=rientjes@google.com \ --cc=robin.murphy@arm.com \ --cc=rostedt@goodmis.org \ --cc=rppt@linux.vnet.ibm.com \ --cc=sai.praneeth.prakhya@intel.com \ --cc=serge@hallyn.com \ --cc=steve.capper@arm.com \ --cc=steven.sistare@oracle.com \ --cc=tglx@linutronix.de \ --cc=thymovanbeers@gmail.com \ --cc=tycho@tycho.ws \ --cc=tyhicks@canonical.com \ --cc=vbabka@suse.cz \ --cc=will.deacon@arm.com \ --cc=willy@infradead.org \ --cc=x86@kernel.org \ --cc=yang.shi@linux.alibaba.com \ --cc=yaojun8558363@gmail.com \ --cc=ying.huang@intel.com \ --cc=zhangshaokun@hisilicon.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.