From patchwork Sat Feb 18 21:14:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Rick Edgecombe X-Patchwork-Id: 13145651 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6286EC6379F for ; Sat, 18 Feb 2023 21:16:24 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AC8B128000A; Sat, 18 Feb 2023 16:16:13 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 91589280004; Sat, 18 Feb 2023 16:16:13 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 768DC28000A; Sat, 18 Feb 2023 16:16:13 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 5FC37280004 for ; Sat, 18 Feb 2023 16:16:13 -0500 (EST) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 3B60AC04B6 for ; Sat, 18 Feb 2023 21:16:12 +0000 (UTC) X-FDA: 80481670584.21.5DF7597 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by imf16.hostedemail.com (Postfix) with ESMTP id 1EA04180012 for ; Sat, 18 Feb 2023 21:16:09 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=UI+eSoVW; spf=pass (imf16.hostedemail.com: domain of rick.p.edgecombe@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=rick.p.edgecombe@intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1676754970; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=4QlSWC10bkPzU1QfsUF22qHU54f9BAvAV7P+dWDdidM=; b=Uf9rqNreyxkJtmeP2NnEB0sEppptu5uM7XmltwF3W2yS8hAJXWaUYHjiKTpOgRgxa3ehrX W5hQRiOod0JCvS7qfVBpLlujldqhA0e4sZm6aw7y6h3x2IqGSbNN7dGKQ1C0U1O1fYjQFh /kRFOypcJ7RakQcMidrueZ1NuznlW94= ARC-Authentication-Results: i=1; imf16.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=UI+eSoVW; spf=pass (imf16.hostedemail.com: domain of rick.p.edgecombe@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=rick.p.edgecombe@intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1676754970; a=rsa-sha256; cv=none; b=Na0zDwdezugtt87ILXcq3LhNljRmZ8ILEMtzHqG/kpnV7kKvxM7zFKlsCdW4zzSTCHdkNV kls+UFYMfIIsv/PBc7kn+Gc9Roy59WeiHS5O9YSzL3GPNB89Q4A6+r5+8RBsP0OoS8ELMg q7tXO5AOEUUUvPiR7m+UjHUYW0nJnrc= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676754970; x=1708290970; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=qGE9eRR2bKBJP4DHmA8A12HCtfd+hwPFDkFpADpJ44g=; b=UI+eSoVWIWeuc7rKyjnoumf5ObRX1bC+xwb2AVwfWntx+cpqncQzAAjs wfx6C4gqMK2NrzWiV8ackXY2dTKeKTMkefzMT6lbxwca9+wOo1CPsS24Y ikJO2u9JW0a/LmotsR6RHegzxBmGdOVEfYJSKzM3FnVPQV0eoWmvN6jfl 2kEeFqdWlFvHqbfs70zi2S2o2PvUxgSvsZ+Dj13gls1Dr8k8cg95A4VcQ n4sWgT0MoCTTE3bgjn+qfsb3LsbMbagy48aoktnXhOVh7EhV2W0FOgczO lPHlZtEswTYTJNDEfNLuZuDNpfFQ/CFKlJbWaS7oIoga87zP16434Yhf+ g==; X-IronPort-AV: E=McAfee;i="6500,9779,10625"; a="418427345" X-IronPort-AV: E=Sophos;i="5.97,309,1669104000"; d="scan'208";a="418427345" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Feb 2023 13:16:06 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10625"; a="664241629" X-IronPort-AV: E=Sophos;i="5.97,309,1669104000"; d="scan'208";a="664241629" Received: from adityava-mobl1.amr.corp.intel.com (HELO rpedgeco-desk.amr.corp.intel.com) ([10.209.80.223]) by orsmga007-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Feb 2023 13:16:05 -0800 From: Rick Edgecombe To: x86@kernel.org, "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H . J . Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , Weijiang Yang , "Kirill A . Shutemov" , John Allen , kcc@google.com, eranian@google.com, rppt@kernel.org, jamorris@linux.microsoft.com, dethoma@microsoft.com, akpm@linux-foundation.org, Andrew.Cooper3@citrix.com, christina.schimpe@intel.com, david@redhat.com, debug@rivosinc.com Cc: rick.p.edgecombe@intel.com, linux-s390@vger.kernel.org Subject: [PATCH v6 12/41] s390/mm: Introduce pmd_mkwrite_kernel() Date: Sat, 18 Feb 2023 13:14:04 -0800 Message-Id: <20230218211433.26859-13-rick.p.edgecombe@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230218211433.26859-1-rick.p.edgecombe@intel.com> References: <20230218211433.26859-1-rick.p.edgecombe@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 1EA04180012 X-Stat-Signature: ajbbwx16sqzks1rxapkeaq5yx4ewom18 X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1676754969-134507 X-HE-Meta: U2FsdGVkX19DT1S2C1ZR1dXku2lwJLOWrIzbhEOyCHGWtj9zGnyAmWanoO+wI7AT5o22msFxQKFxbyszaH4Kkhlt3kmfPfnFmTREJgrmqPs1WNr0v3DTDg2xB5y19XP9KnckZ8S5IooZH5xvGylPLl9nAduWnldXZ71kK0M0Kfd17Mc9rvVhAQ3qpmiJ5tUtPuPimeFmaW1pPaMFSMBYnxwAkEP5s3IgxcJHBffGstJHv/U5qGxAaBi1gREyigxH5MlliIzkfu1INi2kvGn7trywePYi6ftKcpFbxdfLgcmZRf2URFAFKeBlBDvfKOf/ecd2F8OSl4/5ULaXLc/O+0MhpkLS+3Nu6aoR9dDZtRPUtXG+2+eRXQyawnh1RhhD3KYru8WZ6Dp2mOOlQNgdgZ/rvGyAjQmArIRGv+SADHgw0uxAC53sx/c7Wuh1qaTNFi1cxa93pbFwfz3F6qHfnlwTWM3WdwLuP38CGEiaoFwUEK7FiMOMXHrMjcy4IB2ecp5mKwc642LMt9elX6c1YPtA0hBzDvVGDL2D76JJ1PfVBs7bg8g547oyyo+yszp+F1upjXD35bBXyS4KIhjcZbv2JIOOl/EMjHX9C2lERO30U3PxEwutsK3qWqrSVZWNvDBlYwtCnytSmFRWJKu5IsvVT7cz84MmRYF9IaTicUF7Eum885QNHNHptx51hHkJyEBxgkg44vTnfTig1btUxbvVfqo45UM6m/pew/HsLSOm2rVZrckcfM0lfRhT5qQT6TpS1vfJMB3THop0D3fZQ+MBsRz+e3MbPdHp3vxtyHobj0TYRvTLTWmdqDAZBFV1QObgjXu/z+5TqK7nO1FYy6j1x85Wwy09wR4TGqi+dt1XKNn6Py3peI+re5hf4iDMCORf46UQBJvqOTfeC7PchtVz3EwBTWmtvFyQe0vKKf40Jm9Gg+Uc4B8iC+9GRy/XJ5m+lH1Rcmq8l8BZzPl r3bhzwlf c2Ukp2QXzSPBe/aFoHdjF2z+hi1lmxRAabokrS+WEN6GzsmDW7uk/wQW0WnWR/haYrZk/gmkaaCIe6hlCzpO3u8zVALQN71tVcjg4jRwddAnGifDfpdu+5nSqADRW0DxNlzoQeDgoJuVTnmwkWiwn/wMkIK4LBf7gtahSobLHUp31ept7M3RZvV8sglaB9qGP7y7NiyExrMDfWBsjbtvBGwlJo0XD8v0d/+PN7rtpYzyTlyNN9JHqxa2VmWGfwHjhrEhKMkplIYEcZxZQJYyqfiv409OYlZnCBdP4OE9UeZQKoBkjEOfu3/BYbaDjEIRUlV3++fLk3k6mkir6tsrtGkEyqm8GCLGUY/MWBme6chDWm4xf/Zk5fNcmTxVhePZ3A1JquDel7X7XOuDV+QvafqgX6IeQ4HrMpWNhJCxkHR4whRIXQ5jX3u1UQuRgRg5nefgU X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The x86 Control-flow Enforcement Technology (CET) feature includes a new type of memory called shadow stack. This shadow stack memory has some unusual properties, which requires some core mm changes to function properly. One of these changes is to allow for pmd_mkwrite() to create different types of writable memory (the existing conventionally writable type and also the new shadow stack type). Future patches will convert pmd_mkwrite() to take a VMA in order to facilitate this, however there are places in the kernel where pmd_mkwrite() is called outside of the context of a VMA. These are for kernel memory. So create a new variant called pmd_mkwrite_kernel() and switch the kernel users over to it. Have pmd_mkwrite() and pmd_mkwrite_kernel() be the same for now. Future patches will introduce changes to make pmd_mkwrite() take a VMA. Only do this for architectures that need it because they call pmd_mkwrite() in arch code without an associated VMA. Since it will only currently be used in arch code, so do not include it in arch_pgtable_helpers.rst. Cc: linux-kernel@vger.kernel.org Cc: linux-s390@vger.kernel.org Cc: linux-arch@vger.kernel.org Cc: linux-mm@kvack.org Tested-by: Pengfei Xu Suggested-by: David Hildenbrand Signed-off-by: Rick Edgecombe Reviewed-by: Kees Cook Acked-by: David Hildenbrand Acked-by: Heiko Carstens --- Hi Non-x86 Arch’s, x86 has a feature that allows for the creation of a special type of writable memory (shadow stack) that is only writable in limited specific ways. Previously, changes were proposed to core MM code to teach it to decide when to create normally writable memory or the special shadow stack writable memory, but David Hildenbrand suggested[0] to change pXX_mkwrite() to take a VMA, so awareness of shadow stack memory can be moved into x86 code. Since pXX_mkwrite() is defined in every arch, it requires some tree-wide changes. So that is why you are seeing some patches out of a big x86 series pop up in your arch mailing list. There is no functional change. After this refactor, the shadow stack series goes on to use the arch helpers to push shadow stack memory details inside arch/x86. Testing was just 0-day build testing. Hopefully that is enough context. Thanks! [0] https://lore.kernel.org/lkml/0e29a2d0-08d8-bcd6-ff26-4bea0e4037b0@redhat.com/#t v6: - New patch --- arch/s390/include/asm/pgtable.h | 7 ++++++- arch/s390/mm/pageattr.c | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h index 29522418b5f4..c48a447d1432 100644 --- a/arch/s390/include/asm/pgtable.h +++ b/arch/s390/include/asm/pgtable.h @@ -1425,7 +1425,7 @@ static inline pmd_t pmd_wrprotect(pmd_t pmd) return set_pmd_bit(pmd, __pgprot(_SEGMENT_ENTRY_PROTECT)); } -static inline pmd_t pmd_mkwrite(pmd_t pmd) +static inline pmd_t pmd_mkwrite_kernel(pmd_t pmd) { pmd = set_pmd_bit(pmd, __pgprot(_SEGMENT_ENTRY_WRITE)); if (pmd_val(pmd) & _SEGMENT_ENTRY_DIRTY) @@ -1433,6 +1433,11 @@ static inline pmd_t pmd_mkwrite(pmd_t pmd) return pmd; } +static inline pmd_t pmd_mkwrite(pmd_t pmd) +{ + return pmd_mkwrite_kernel(pmd); +} + static inline pmd_t pmd_mkclean(pmd_t pmd) { pmd = clear_pmd_bit(pmd, __pgprot(_SEGMENT_ENTRY_DIRTY)); diff --git a/arch/s390/mm/pageattr.c b/arch/s390/mm/pageattr.c index 4ee5fe5caa23..7b6967dfacd0 100644 --- a/arch/s390/mm/pageattr.c +++ b/arch/s390/mm/pageattr.c @@ -146,7 +146,7 @@ static void modify_pmd_page(pmd_t *pmdp, unsigned long addr, if (flags & SET_MEMORY_RO) new = pmd_wrprotect(new); else if (flags & SET_MEMORY_RW) - new = pmd_mkwrite(pmd_mkdirty(new)); + new = pmd_mkwrite_kernel(pmd_mkdirty(new)); if (flags & SET_MEMORY_NX) new = set_pmd_bit(new, __pgprot(_SEGMENT_ENTRY_NOEXEC)); else if (flags & SET_MEMORY_X)