linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: nadav.amit@gmail.com
To: Peter Zijlstra <peterz@infradead.org>,
	Borislav Petkov <bp@alien8.de>, Andy Lutomirski <luto@kernel.org>,
	Ingo Molnar <mingo@redhat.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org, hpa@zytor.com,
	Thomas Gleixner <tglx@linutronix.de>,
	Nadav Amit <nadav.amit@gmail.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	linux_dti@icloud.com, linux-integrity@vger.kernel.org,
	linux-security-module@vger.kernel.org, akpm@linux-foundation.org,
	kernel-hardening@lists.openwall.com, linux-mm@kvack.org,
	will.deacon@arm.com, ard.biesheuvel@linaro.org,
	kristen@linux.intel.com, deneen.t.dock@intel.com,
	Rick Edgecombe <rick.p.edgecombe@intel.com>
Subject: [PATCH v6 15/24] x86/mm/cpa: Add set_direct_map_ functions
Date: Fri, 26 Apr 2019 16:22:54 -0700	[thread overview]
Message-ID: <20190426232303.28381-16-nadav.amit@gmail.com> (raw)
In-Reply-To: <20190426232303.28381-1-nadav.amit@gmail.com>

From: Rick Edgecombe <rick.p.edgecombe@intel.com>

Add two new functions set_direct_map_default_noflush() and
set_direct_map_invalid_noflush() for setting the direct map alias for the
page to its default valid permissions and to an invalid state that cannot
be cached in a TLB, respectively. These functions do not flush the TLB.

Note, __kernel_map_pages() does something similar but flushes the TLB and
doesn't reset the permission bits to default on all architectures.

Also add an ARCH config ARCH_HAS_SET_DIRECT_MAP for specifying whether
these have an actual implementation or a default empty one.

Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
---
 arch/Kconfig                      |  4 ++++
 arch/x86/Kconfig                  |  1 +
 arch/x86/include/asm/set_memory.h |  3 +++
 arch/x86/mm/pageattr.c            | 14 +++++++++++---
 include/linux/set_memory.h        | 11 +++++++++++
 5 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/arch/Kconfig b/arch/Kconfig
index 3ab446bd12ef..5e43fcbad4ca 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -249,6 +249,10 @@ config ARCH_HAS_FORTIFY_SOURCE
 config ARCH_HAS_SET_MEMORY
 	bool
 
+# Select if arch has all set_direct_map_invalid/default() functions
+config ARCH_HAS_SET_DIRECT_MAP
+	bool
+
 # Select if arch init_task must go in the __init_task_data section
 config ARCH_TASK_STRUCT_ON_STACK
        bool
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 2ec5e850b807..45d788354376 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -66,6 +66,7 @@ config X86
 	select ARCH_HAS_UACCESS_FLUSHCACHE	if X86_64
 	select ARCH_HAS_UACCESS_MCSAFE		if X86_64 && X86_MCE
 	select ARCH_HAS_SET_MEMORY
+	select ARCH_HAS_SET_DIRECT_MAP
 	select ARCH_HAS_STRICT_KERNEL_RWX
 	select ARCH_HAS_STRICT_MODULE_RWX
 	select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE
diff --git a/arch/x86/include/asm/set_memory.h b/arch/x86/include/asm/set_memory.h
index 07a25753e85c..ae7b909dc242 100644
--- a/arch/x86/include/asm/set_memory.h
+++ b/arch/x86/include/asm/set_memory.h
@@ -85,6 +85,9 @@ int set_pages_nx(struct page *page, int numpages);
 int set_pages_ro(struct page *page, int numpages);
 int set_pages_rw(struct page *page, int numpages);
 
+int set_direct_map_invalid_noflush(struct page *page);
+int set_direct_map_default_noflush(struct page *page);
+
 extern int kernel_set_to_readonly;
 void set_kernel_text_rw(void);
 void set_kernel_text_ro(void);
diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
index 4c570612e24e..3574550192c6 100644
--- a/arch/x86/mm/pageattr.c
+++ b/arch/x86/mm/pageattr.c
@@ -2209,8 +2209,6 @@ int set_pages_rw(struct page *page, int numpages)
 	return set_memory_rw(addr, numpages);
 }
 
-#ifdef CONFIG_DEBUG_PAGEALLOC
-
 static int __set_pages_p(struct page *page, int numpages)
 {
 	unsigned long tempaddr = (unsigned long) page_address(page);
@@ -2249,6 +2247,17 @@ static int __set_pages_np(struct page *page, int numpages)
 	return __change_page_attr_set_clr(&cpa, 0);
 }
 
+int set_direct_map_invalid_noflush(struct page *page)
+{
+	return __set_pages_np(page, 1);
+}
+
+int set_direct_map_default_noflush(struct page *page)
+{
+	return __set_pages_p(page, 1);
+}
+
+#ifdef CONFIG_DEBUG_PAGEALLOC
 void __kernel_map_pages(struct page *page, int numpages, int enable)
 {
 	if (PageHighMem(page))
@@ -2282,7 +2291,6 @@ void __kernel_map_pages(struct page *page, int numpages, int enable)
 }
 
 #ifdef CONFIG_HIBERNATION
-
 bool kernel_page_present(struct page *page)
 {
 	unsigned int level;
diff --git a/include/linux/set_memory.h b/include/linux/set_memory.h
index 2a986d282a97..b5071497b8cb 100644
--- a/include/linux/set_memory.h
+++ b/include/linux/set_memory.h
@@ -17,6 +17,17 @@ static inline int set_memory_x(unsigned long addr,  int numpages) { return 0; }
 static inline int set_memory_nx(unsigned long addr, int numpages) { return 0; }
 #endif
 
+#ifndef CONFIG_ARCH_HAS_SET_DIRECT_MAP
+static inline int set_direct_map_invalid_noflush(struct page *page)
+{
+	return 0;
+}
+static inline int set_direct_map_default_noflush(struct page *page)
+{
+	return 0;
+}
+#endif
+
 #ifndef set_mce_nospec
 static inline int set_mce_nospec(unsigned long pfn)
 {
-- 
2.17.1

next prev parent reply	other threads:[~2019-04-27  6:43 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-04-26 23:22 [PATCH v6 00/24] x86: text_poke() fixes and executable lockdowns nadav.amit
2019-04-26 23:22 ` [PATCH v6 01/24] Fix "x86/alternatives: Lockdep-enforce text_mutex in text_poke*()" nadav.amit
2019-04-26 23:22 ` [PATCH v6 02/24] x86/jump_label: Use text_poke_early() during early init nadav.amit
2019-04-26 23:22 ` [PATCH v6 03/24] x86/mm: Introduce temporary mm structs nadav.amit
2019-04-26 23:22 ` [PATCH v6 04/24] x86/mm: Save debug registers when loading a temporary mm nadav.amit
2019-04-26 23:22 ` [PATCH v6 05/24] uprobes: Initialize uprobes earlier nadav.amit
2019-04-30 11:17   ` [tip:x86/mm] " tip-bot for Nadav Amit
2019-04-26 23:22 ` [PATCH v6 06/24] fork: Provide a function for copying init_mm nadav.amit
2019-04-26 23:22 ` [PATCH v6 07/24] x86/alternative: Initialize temporary mm for patching nadav.amit
2019-04-30 11:19   ` [tip:x86/mm] x86/alternatives: " tip-bot for Nadav Amit
2019-04-26 23:22 ` [PATCH v6 08/24] x86/alternative: Use temporary mm for text poking nadav.amit
2019-04-26 23:22 ` [PATCH v6 09/24] x86/kgdb: Avoid redundant comparison of patched code nadav.amit
2019-04-26 23:22 ` [PATCH v6 10/24] x86/ftrace: Set trampoline pages as executable nadav.amit
2019-04-26 23:22 ` [PATCH v6 11/24] x86/kprobes: Set instruction page " nadav.amit
2019-04-26 23:22 ` [PATCH v6 12/24] x86/module: Avoid breaking W^X while loading modules nadav.amit
2019-04-26 23:22 ` [PATCH v6 13/24] x86/jump-label: Remove support for custom poker nadav.amit
2019-04-26 23:22 ` [PATCH v6 14/24] x86/alternative: Remove the return value of text_poke_*() nadav.amit
2019-04-26 23:22 ` nadav.amit [this message]
2019-04-26 23:22 ` [PATCH v6 16/24] mm: Make hibernate handle unmapped pages nadav.amit
2019-04-26 23:22 ` [PATCH v6 17/24] vmalloc: Add flag for free of special permsissions nadav.amit
2019-04-26 23:22 ` [PATCH v6 18/24] modules: Use vmalloc special flag nadav.amit
2019-04-26 23:22 ` [PATCH v6 19/24] bpf: " nadav.amit
2019-04-26 23:22 ` [PATCH v6 20/24] x86/ftrace: " nadav.amit
2019-04-26 23:23 ` [PATCH v6 21/24] x86/kprobes: " nadav.amit
2019-04-26 23:23 ` [PATCH v6 22/24] x86/alternative: Comment about module removal races nadav.amit
2019-04-26 23:23 ` [PATCH v6 23/24] mm/tlb: Provide default nmi_uaccess_okay() nadav.amit
2019-04-26 23:23 ` [PATCH v6 24/24] bpf: Fail bpf_probe_write_user() while mm is switched nadav.amit
2019-04-27 10:22 ` [PATCH v6 00/24] x86: text_poke() fixes and executable lockdowns Ingo Molnar
2019-04-27 10:32 ` Peter Zijlstra

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:3ab446bd12e dfblob:2ec5e850b80 dfblob:07a25753e85
dfblob:4c570612e24 dfblob:2a986d282a9 dfblob:5e43fcbad4c
dfblob:45d78835437 dfblob:ae7b909dc24 dfblob:3574550192c
dfblob:b5071497b8c
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190426232303.28381-16-nadav.amit@gmail.com \
    --to=nadav.amit@gmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=ard.biesheuvel@linaro.org \
    --cc=bp@alien8.de \
    --cc=dave.hansen@linux.intel.com \
    --cc=deneen.t.dock@intel.com \
    --cc=hpa@zytor.com \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=kristen@linux.intel.com \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=linux_dti@icloud.com \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=peterz@infradead.org \
    --cc=rick.p.edgecombe@intel.com \
    --cc=tglx@linutronix.de \
    --cc=will.deacon@arm.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).