From: nadav.amit@gmail.com
To: Peter Zijlstra <peterz@infradead.org>,
Borislav Petkov <bp@alien8.de>, Andy Lutomirski <luto@kernel.org>,
Ingo Molnar <mingo@redhat.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org, hpa@zytor.com,
Thomas Gleixner <tglx@linutronix.de>,
Nadav Amit <nadav.amit@gmail.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
linux_dti@icloud.com, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org, akpm@linux-foundation.org,
kernel-hardening@lists.openwall.com, linux-mm@kvack.org,
will.deacon@arm.com, ard.biesheuvel@linaro.org,
kristen@linux.intel.com, deneen.t.dock@intel.com,
Rick Edgecombe <rick.p.edgecombe@intel.com>
Subject: [PATCH v6 15/24] x86/mm/cpa: Add set_direct_map_ functions
Date: Fri, 26 Apr 2019 16:22:54 -0700 [thread overview]
Message-ID: <20190426232303.28381-16-nadav.amit@gmail.com> (raw)
In-Reply-To: <20190426232303.28381-1-nadav.amit@gmail.com>
From: Rick Edgecombe <rick.p.edgecombe@intel.com>
Add two new functions set_direct_map_default_noflush() and
set_direct_map_invalid_noflush() for setting the direct map alias for the
page to its default valid permissions and to an invalid state that cannot
be cached in a TLB, respectively. These functions do not flush the TLB.
Note, __kernel_map_pages() does something similar but flushes the TLB and
doesn't reset the permission bits to default on all architectures.
Also add an ARCH config ARCH_HAS_SET_DIRECT_MAP for specifying whether
these have an actual implementation or a default empty one.
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
---
arch/Kconfig | 4 ++++
arch/x86/Kconfig | 1 +
arch/x86/include/asm/set_memory.h | 3 +++
arch/x86/mm/pageattr.c | 14 +++++++++++---
include/linux/set_memory.h | 11 +++++++++++
5 files changed, 30 insertions(+), 3 deletions(-)
diff --git a/arch/Kconfig b/arch/Kconfig
index 3ab446bd12ef..5e43fcbad4ca 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -249,6 +249,10 @@ config ARCH_HAS_FORTIFY_SOURCE
config ARCH_HAS_SET_MEMORY
bool
+# Select if arch has all set_direct_map_invalid/default() functions
+config ARCH_HAS_SET_DIRECT_MAP
+ bool
+
# Select if arch init_task must go in the __init_task_data section
config ARCH_TASK_STRUCT_ON_STACK
bool
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 2ec5e850b807..45d788354376 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -66,6 +66,7 @@ config X86
select ARCH_HAS_UACCESS_FLUSHCACHE if X86_64
select ARCH_HAS_UACCESS_MCSAFE if X86_64 && X86_MCE
select ARCH_HAS_SET_MEMORY
+ select ARCH_HAS_SET_DIRECT_MAP
select ARCH_HAS_STRICT_KERNEL_RWX
select ARCH_HAS_STRICT_MODULE_RWX
select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE
diff --git a/arch/x86/include/asm/set_memory.h b/arch/x86/include/asm/set_memory.h
index 07a25753e85c..ae7b909dc242 100644
--- a/arch/x86/include/asm/set_memory.h
+++ b/arch/x86/include/asm/set_memory.h
@@ -85,6 +85,9 @@ int set_pages_nx(struct page *page, int numpages);
int set_pages_ro(struct page *page, int numpages);
int set_pages_rw(struct page *page, int numpages);
+int set_direct_map_invalid_noflush(struct page *page);
+int set_direct_map_default_noflush(struct page *page);
+
extern int kernel_set_to_readonly;
void set_kernel_text_rw(void);
void set_kernel_text_ro(void);
diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
index 4c570612e24e..3574550192c6 100644
--- a/arch/x86/mm/pageattr.c
+++ b/arch/x86/mm/pageattr.c
@@ -2209,8 +2209,6 @@ int set_pages_rw(struct page *page, int numpages)
return set_memory_rw(addr, numpages);
}
-#ifdef CONFIG_DEBUG_PAGEALLOC
-
static int __set_pages_p(struct page *page, int numpages)
{
unsigned long tempaddr = (unsigned long) page_address(page);
@@ -2249,6 +2247,17 @@ static int __set_pages_np(struct page *page, int numpages)
return __change_page_attr_set_clr(&cpa, 0);
}
+int set_direct_map_invalid_noflush(struct page *page)
+{
+ return __set_pages_np(page, 1);
+}
+
+int set_direct_map_default_noflush(struct page *page)
+{
+ return __set_pages_p(page, 1);
+}
+
+#ifdef CONFIG_DEBUG_PAGEALLOC
void __kernel_map_pages(struct page *page, int numpages, int enable)
{
if (PageHighMem(page))
@@ -2282,7 +2291,6 @@ void __kernel_map_pages(struct page *page, int numpages, int enable)
}
#ifdef CONFIG_HIBERNATION
-
bool kernel_page_present(struct page *page)
{
unsigned int level;
diff --git a/include/linux/set_memory.h b/include/linux/set_memory.h
index 2a986d282a97..b5071497b8cb 100644
--- a/include/linux/set_memory.h
+++ b/include/linux/set_memory.h
@@ -17,6 +17,17 @@ static inline int set_memory_x(unsigned long addr, int numpages) { return 0; }
static inline int set_memory_nx(unsigned long addr, int numpages) { return 0; }
#endif
+#ifndef CONFIG_ARCH_HAS_SET_DIRECT_MAP
+static inline int set_direct_map_invalid_noflush(struct page *page)
+{
+ return 0;
+}
+static inline int set_direct_map_default_noflush(struct page *page)
+{
+ return 0;
+}
+#endif
+
#ifndef set_mce_nospec
static inline int set_mce_nospec(unsigned long pfn)
{
--
2.17.1
next prev parent reply other threads:[~2019-04-27 6:43 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-26 23:22 [PATCH v6 00/24] x86: text_poke() fixes and executable lockdowns nadav.amit
2019-04-26 23:22 ` [PATCH v6 01/24] Fix "x86/alternatives: Lockdep-enforce text_mutex in text_poke*()" nadav.amit
2019-04-26 23:22 ` [PATCH v6 02/24] x86/jump_label: Use text_poke_early() during early init nadav.amit
2019-04-26 23:22 ` [PATCH v6 03/24] x86/mm: Introduce temporary mm structs nadav.amit
2019-04-26 23:22 ` [PATCH v6 04/24] x86/mm: Save debug registers when loading a temporary mm nadav.amit
2019-04-26 23:22 ` [PATCH v6 05/24] uprobes: Initialize uprobes earlier nadav.amit
2019-04-30 11:17 ` [tip:x86/mm] " tip-bot for Nadav Amit
2019-04-26 23:22 ` [PATCH v6 06/24] fork: Provide a function for copying init_mm nadav.amit
2019-04-26 23:22 ` [PATCH v6 07/24] x86/alternative: Initialize temporary mm for patching nadav.amit
2019-04-30 11:19 ` [tip:x86/mm] x86/alternatives: " tip-bot for Nadav Amit
2019-04-26 23:22 ` [PATCH v6 08/24] x86/alternative: Use temporary mm for text poking nadav.amit
2019-04-26 23:22 ` [PATCH v6 09/24] x86/kgdb: Avoid redundant comparison of patched code nadav.amit
2019-04-26 23:22 ` [PATCH v6 10/24] x86/ftrace: Set trampoline pages as executable nadav.amit
2019-04-26 23:22 ` [PATCH v6 11/24] x86/kprobes: Set instruction page " nadav.amit
2019-04-26 23:22 ` [PATCH v6 12/24] x86/module: Avoid breaking W^X while loading modules nadav.amit
2019-04-26 23:22 ` [PATCH v6 13/24] x86/jump-label: Remove support for custom poker nadav.amit
2019-04-26 23:22 ` [PATCH v6 14/24] x86/alternative: Remove the return value of text_poke_*() nadav.amit
2019-04-26 23:22 ` nadav.amit [this message]
2019-04-26 23:22 ` [PATCH v6 16/24] mm: Make hibernate handle unmapped pages nadav.amit
2019-04-26 23:22 ` [PATCH v6 17/24] vmalloc: Add flag for free of special permsissions nadav.amit
2019-04-26 23:22 ` [PATCH v6 18/24] modules: Use vmalloc special flag nadav.amit
2019-04-26 23:22 ` [PATCH v6 19/24] bpf: " nadav.amit
2019-04-26 23:22 ` [PATCH v6 20/24] x86/ftrace: " nadav.amit
2019-04-26 23:23 ` [PATCH v6 21/24] x86/kprobes: " nadav.amit
2019-04-26 23:23 ` [PATCH v6 22/24] x86/alternative: Comment about module removal races nadav.amit
2019-04-26 23:23 ` [PATCH v6 23/24] mm/tlb: Provide default nmi_uaccess_okay() nadav.amit
2019-04-26 23:23 ` [PATCH v6 24/24] bpf: Fail bpf_probe_write_user() while mm is switched nadav.amit
2019-04-27 10:22 ` [PATCH v6 00/24] x86: text_poke() fixes and executable lockdowns Ingo Molnar
2019-04-27 10:32 ` Peter Zijlstra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190426232303.28381-16-nadav.amit@gmail.com \
--to=nadav.amit@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=deneen.t.dock@intel.com \
--cc=hpa@zytor.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=kristen@linux.intel.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux_dti@icloud.com \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).