From: Khalid Aziz <khalid.aziz@oracle.com>
To: David Miller <davem@davemloft.net>
Cc: anthony.yznaga@oracle.com, dave.hansen@linux.intel.com,
corbet@lwn.net, bob.picco@oracle.com, steven.sistare@oracle.com,
pasha.tatashin@oracle.com, mike.kravetz@oracle.com,
mingo@kernel.org, nitin.m.gupta@oracle.com,
kirill.shutemov@linux.intel.com, tom.hromatka@oracle.com,
eric.saint.etienne@oracle.com, allen.pais@oracle.com,
cmetcalf@mellanox.com, akpm@linux-foundation.org,
geert@linux-m68k.org, tklauser@distanz.ch,
atish.patra@oracle.com, vijay.ac.kumar@oracle.com,
peterz@infradead.org, mhocko@suse.com, jack@suse.cz,
lstoakes@gmail.com, hughd@google.com, thomas.tai@oracle.com,
paul.gortmaker@windriver.com, ross.zwisler@linux.intel.com,
dave.jiang@intel.com, willy@infradead.org, ying.huang@intel.com,
zhongjiang@huawei.com, minchan@kernel.org,
vegard.nossum@oracle.com, imbrenda@linux.vnet.ibm.com,
aneesh.kumar@linux.vnet.ibm.com, aarcange@redhat.com,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
sparclinux@vger.kernel.org, linux-mm@kvack.org,
khalid@gonehiking.org
Subject: Re: [PATCH v7 9/9] sparc64: Add support for ADI (Application Data Integrity)
Date: Wed, 30 Aug 2017 17:23:37 -0600 [thread overview]
Message-ID: <b5d9bbb2-a575-ee47-33aa-11994edef702@oracle.com> (raw)
In-Reply-To: <20170830.153830.2267882580011615008.davem@davemloft.net>
On 08/30/2017 04:38 PM, David Miller wrote:
> From: Khalid Aziz <khalid.aziz@oracle.com>
> Date: Wed, 30 Aug 2017 16:27:54 -0600
>
>>>> +#define arch_calc_vm_prot_bits(prot, pkey)
>>>> sparc_calc_vm_prot_bits(prot)
>>>> +static inline unsigned long sparc_calc_vm_prot_bits(unsigned long
>>>> prot)
>>>> +{
>>>> + if (prot & PROT_ADI) {
>>>> + struct pt_regs *regs;
>>>> +
>>>> + if (!current->mm->context.adi) {
>>>> + regs = task_pt_regs(current);
>>>> + regs->tstate |= TSTATE_MCDE;
>>>> + current->mm->context.adi = true;
>>> If a process is multi-threaded when it enables ADI on some memory for
>>> the first time, TSTATE_MCDE will only be set for the calling thread
>>> and it will not be possible to enable it for the other threads.
>>> One possible way to handle this is to enable TSTATE_MCDE for all user
>>> threads when they are initialized if adi_capable() returns true.
>>>
>>
>> Or set TSTATE_MCDE unconditionally here by removing "if
>> (!current->mm->context.adi)"?
>
> I think you have to make "ADI enabled" a property of the mm_struct.
>
> Then you can broadcast to mm->cpu_vm_mask a per-cpu interrupt that
> updates regs->tstate of a thread using 'mm' is currently executing.
>
> And in the context switch code you set TSTATE_MCDE if it's not set
> already.
>
> That should cover all threaded case.
That is an interesting idea. This would enable TSTATE_MCDE on all
threads of a process as soon as one thread enables it. If we consider
the case where the parent creates a shared memory area and spawns a
bunch of threads. These threads access the shared memory without ADI
enabled. Now one of the threads decides to enable ADI on the shared
memory. As soon as it does that, we enable TSTATE_MCDE across all
threads and since threads are all using the same TTE for the shared
memory, every thread becomes subject to ADI verification. If one of the
other threads was in the middle of accessing the shared memory, it will
get a sigsegv. If we did not enable TSTATE_MCDE across all threads, it
could have continued execution without fault. In other words, updating
TSTATE_MCDE across all threads will eliminate the option of running some
threads with ADI enabled and some not while accessing the same shared
memory. This could be necessary at least for short periods of time
before threads can communicate with each other and all switch to
accessing shared memory with ADI enabled using same tag. Does that sound
like a valid use case or am I off in the weeds here?
Thanks,
Khalid
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2017-08-30 23:24 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-09 21:25 [PATCH v7 0/9] Application Data Integrity feature introduced by SPARC M7 Khalid Aziz
2017-08-09 21:25 ` [PATCH v7 2/9] mm, swap: Add infrastructure for saving page metadata on swap Khalid Aziz
2017-08-16 4:53 ` David Miller
2017-08-16 14:34 ` Khalid Aziz
2017-08-09 21:26 ` [PATCH v7 7/9] mm: Add address parameter to arch_validate_prot() Khalid Aziz
2017-08-10 13:20 ` Michael Ellerman
2017-08-10 14:41 ` Khalid Aziz
2017-08-15 5:02 ` Michael Ellerman
2017-08-15 14:32 ` Khalid Aziz
2017-08-09 21:26 ` [PATCH v7 8/9] mm: Clear arch specific VM flags on protection change Khalid Aziz
2017-08-09 21:26 ` [PATCH v7 9/9] sparc64: Add support for ADI (Application Data Integrity) Khalid Aziz
2017-08-16 4:58 ` David Miller
2017-08-16 14:44 ` Khalid Aziz
2017-08-25 22:31 ` Anthony Yznaga
2017-08-30 22:27 ` Khalid Aziz
2017-08-30 22:38 ` David Miller
2017-08-30 23:23 ` Khalid Aziz [this message]
2017-08-31 0:09 ` David Miller
2017-08-31 16:38 ` Khalid Aziz
2017-09-01 5:38 ` Anthony Yznaga
2017-09-04 16:25 ` Pavel Machek
2017-09-05 21:44 ` David Miller
2017-09-06 22:32 ` Pavel Machek
2017-09-08 12:18 ` Steven Sistare
2017-09-06 14:10 ` Khalid Aziz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b5d9bbb2-a575-ee47-33aa-11994edef702@oracle.com \
--to=khalid.aziz@oracle.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=allen.pais@oracle.com \
--cc=aneesh.kumar@linux.vnet.ibm.com \
--cc=anthony.yznaga@oracle.com \
--cc=atish.patra@oracle.com \
--cc=bob.picco@oracle.com \
--cc=cmetcalf@mellanox.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=dave.jiang@intel.com \
--cc=davem@davemloft.net \
--cc=eric.saint.etienne@oracle.com \
--cc=geert@linux-m68k.org \
--cc=hughd@google.com \
--cc=imbrenda@linux.vnet.ibm.com \
--cc=jack@suse.cz \
--cc=khalid@gonehiking.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lstoakes@gmail.com \
--cc=mhocko@suse.com \
--cc=mike.kravetz@oracle.com \
--cc=minchan@kernel.org \
--cc=mingo@kernel.org \
--cc=nitin.m.gupta@oracle.com \
--cc=pasha.tatashin@oracle.com \
--cc=paul.gortmaker@windriver.com \
--cc=peterz@infradead.org \
--cc=ross.zwisler@linux.intel.com \
--cc=sparclinux@vger.kernel.org \
--cc=steven.sistare@oracle.com \
--cc=thomas.tai@oracle.com \
--cc=tklauser@distanz.ch \
--cc=tom.hromatka@oracle.com \
--cc=vegard.nossum@oracle.com \
--cc=vijay.ac.kumar@oracle.com \
--cc=willy@infradead.org \
--cc=ying.huang@intel.com \
--cc=zhongjiang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).