From: Khalid Aziz <khalid.aziz@oracle.com>
To: Jerome Marchand <jmarchan@redhat.com>,
davem@davemloft.net, corbet@lwn.net, arnd@arndb.de,
akpm@linux-foundation.org
Cc: hpa@zytor.com, viro@zeniv.linux.org.uk, nitin.m.gupta@oracle.com,
chris.hyser@oracle.com, tushar.n.dave@oracle.com,
sowmini.varadhan@oracle.com, mike.kravetz@oracle.com,
adam.buchbinder@gmail.com, minchan@kernel.org, hughd@google.com,
kirill.shutemov@linux.intel.com, keescook@chromium.org,
allen.pais@oracle.com, aryabinin@virtuozzo.com,
atish.patra@oracle.com, joe@perches.com, pmladek@suse.com,
jslaby@suse.cz, cmetcalf@mellanox.com,
paul.gortmaker@windriver.com, mhocko@suse.com,
dave.hansen@linux.intel.com, lstoakes@gmail.com,
0x7f454c46@gmail.com, vbabka@suse.cz, tglx@linutronix.de,
mingo@redhat.com, dan.j.williams@intel.com,
iamjoonsoo.kim@lge.com, mgorman@techsingularity.net,
vdavydov.dev@gmail.com, hannes@cmpxchg.org, namit@vmware.com,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
sparclinux@vger.kernel.org, linux-arch@vger.kernel.org,
x86@kernel.org, linux-mm@kvack.org,
Khalid Aziz <khalid@gonehiking.org>
Subject: Re: [RFC PATCH v3] sparc64: Add support for Application Data Integrity (ADI)
Date: Thu, 5 Jan 2017 08:13:31 -0700 [thread overview]
Message-ID: <e808bcce-3357-9df9-2032-442d6b59798a@oracle.com> (raw)
In-Reply-To: <fc6696de-34d7-e4ce-2b39-f788ba22843e@redhat.com>
On 01/05/2017 02:37 AM, Jerome Marchand wrote:
> On 01/04/2017 11:46 PM, Khalid Aziz wrote:
>> ADI is a new feature supported on sparc M7 and newer processors to allow
>> hardware to catch rogue accesses to memory. ADI is supported for data
>> fetches only and not instruction fetches. An app can enable ADI on its
>> data pages, set version tags on them and use versioned addresses to
>> access the data pages. Upper bits of the address contain the version
>> tag. On M7 processors, upper four bits (bits 63-60) contain the version
>> tag. If a rogue app attempts to access ADI enabled data pages, its
>> access is blocked and processor generates an exception.
>>
>> This patch extends mprotect to enable ADI (TSTATE.mcde), enable/disable
>> MCD (Memory Corruption Detection) on selected memory ranges, enable
>> TTE.mcd in PTEs, return ADI parameters to userspace and save/restore ADI
>> version tags on page swap out/in. It also adds handlers for all traps
>> related to MCD. ADI is not enabled by default for any task. A task must
>> explicitly enable ADI on a memory range and set version tag for ADI to
>> be effective for the task.
>>
>> Signed-off-by: Khalid Aziz <khalid.aziz@oracle.com>
>> Cc: Khalid Aziz <khalid@gonehiking.org>
>> ---
>> v2:
>> - Fixed a build error
>>
>> v3:
>> - Removed CONFIG_SPARC_ADI
>> - Replaced prctl commands with mprotect
>> - Added auxiliary vectors for ADI parameters
>> - Enabled ADI for swappable pages
>>
>> Documentation/sparc/adi.txt | 239 ++++++++++++++++++++++++++++++++
>> arch/sparc/include/asm/adi.h | 6 +
>> arch/sparc/include/asm/adi_64.h | 46 ++++++
>> arch/sparc/include/asm/elf_64.h | 8 ++
>> arch/sparc/include/asm/hugetlb.h | 13 ++
>> arch/sparc/include/asm/hypervisor.h | 2 +
>> arch/sparc/include/asm/mman.h | 40 +++++-
>> arch/sparc/include/asm/mmu_64.h | 2 +
>> arch/sparc/include/asm/mmu_context_64.h | 32 +++++
>> arch/sparc/include/asm/pgtable_64.h | 97 ++++++++++++-
>> arch/sparc/include/asm/ttable.h | 10 ++
>> arch/sparc/include/asm/uaccess_64.h | 120 +++++++++++++++-
>> arch/sparc/include/uapi/asm/asi.h | 5 +
>> arch/sparc/include/uapi/asm/auxvec.h | 8 ++
>> arch/sparc/include/uapi/asm/mman.h | 2 +
>> arch/sparc/include/uapi/asm/pstate.h | 10 ++
>> arch/sparc/kernel/Makefile | 1 +
>> arch/sparc/kernel/adi_64.c | 93 +++++++++++++
>> arch/sparc/kernel/entry.h | 3 +
>> arch/sparc/kernel/head_64.S | 1 +
>> arch/sparc/kernel/mdesc.c | 4 +
>> arch/sparc/kernel/process_64.c | 21 +++
>> arch/sparc/kernel/sun4v_mcd.S | 16 +++
>> arch/sparc/kernel/traps_64.c | 142 ++++++++++++++++++-
>> arch/sparc/kernel/ttable_64.S | 6 +-
>> arch/sparc/mm/gup.c | 37 +++++
>> arch/sparc/mm/tlb.c | 28 ++++
>> arch/x86/kernel/signal_compat.c | 2 +-
>> include/asm-generic/pgtable.h | 5 +
>> include/linux/mm.h | 2 +
>> include/uapi/asm-generic/siginfo.h | 5 +-
>> mm/memory.c | 2 +-
>> mm/rmap.c | 4 +-
>
> I haven't actually reviewed the code and looked at why you need
> set_swp_pte_at() function, but the code that add the generic version of
> this function need to be separated from the rest of the patch. Also,
> given the size of this patch, I suspect the rest also need to be broken
> into more patches.
>
> Jerome
>
Sure, I can do that. Code to add new signal codes can be one patch,
generic changes to swap infrastructure can be another and I can look for
logical breaks for the rest of the sparc specific code.
--
Khalid
prev parent reply other threads:[~2017-01-05 15:14 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-04 22:46 [RFC PATCH v3] sparc64: Add support for Application Data Integrity (ADI) Khalid Aziz
2017-01-04 23:27 ` Dave Hansen
2017-01-04 23:35 ` Rob Gardner
2017-01-04 23:40 ` Dave Hansen
2017-01-04 23:44 ` Rob Gardner
2017-01-04 23:49 ` Dave Hansen
2017-01-04 23:56 ` Rob Gardner
2017-01-04 23:58 ` Khalid Aziz
2017-01-05 0:01 ` Dave Hansen
2017-01-05 0:05 ` Rob Gardner
2017-01-05 0:14 ` Dave Hansen
2017-01-05 0:26 ` Khalid Aziz
2017-01-05 19:22 ` Dave Hansen
2017-01-05 20:30 ` Khalid Aziz
2017-01-06 9:19 ` Michal Hocko
2017-01-06 15:32 ` Khalid Aziz
2017-01-06 15:36 ` Dave Hansen
2017-01-06 16:22 ` Khalid Aziz
2017-01-06 16:25 ` David Miller
2017-01-06 16:55 ` Dave Hansen
2017-01-06 17:02 ` David Miller
2017-01-06 17:10 ` Khalid Aziz
2017-01-06 17:54 ` Rob Gardner
2017-01-06 18:18 ` Khalid Aziz
2017-01-06 18:28 ` Rob Gardner
2017-01-06 17:08 ` Khalid Aziz
2017-01-04 23:43 ` Khalid Aziz
2017-01-04 23:31 ` Dave Hansen
2017-01-04 23:46 ` Khalid Aziz
2017-01-04 23:50 ` Dave Hansen
2017-01-05 9:37 ` Jerome Marchand
2017-01-05 15:13 ` Khalid Aziz [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e808bcce-3357-9df9-2032-442d6b59798a@oracle.com \
--to=khalid.aziz@oracle.com \
--cc=0x7f454c46@gmail.com \
--cc=adam.buchbinder@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=allen.pais@oracle.com \
--cc=arnd@arndb.de \
--cc=aryabinin@virtuozzo.com \
--cc=atish.patra@oracle.com \
--cc=chris.hyser@oracle.com \
--cc=cmetcalf@mellanox.com \
--cc=corbet@lwn.net \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=hannes@cmpxchg.org \
--cc=hpa@zytor.com \
--cc=hughd@google.com \
--cc=iamjoonsoo.kim@lge.com \
--cc=jmarchan@redhat.com \
--cc=joe@perches.com \
--cc=jslaby@suse.cz \
--cc=keescook@chromium.org \
--cc=khalid@gonehiking.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lstoakes@gmail.com \
--cc=mgorman@techsingularity.net \
--cc=mhocko@suse.com \
--cc=mike.kravetz@oracle.com \
--cc=minchan@kernel.org \
--cc=mingo@redhat.com \
--cc=namit@vmware.com \
--cc=nitin.m.gupta@oracle.com \
--cc=paul.gortmaker@windriver.com \
--cc=pmladek@suse.com \
--cc=sowmini.varadhan@oracle.com \
--cc=sparclinux@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=tushar.n.dave@oracle.com \
--cc=vbabka@suse.cz \
--cc=vdavydov.dev@gmail.com \
--cc=viro@zeniv.linux.org.uk \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).