From patchwork Mon Feb 27 22:29:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Edgecombe, Rick P" X-Patchwork-Id: 13154243 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 673BDC64ED8 for ; Mon, 27 Feb 2023 22:31:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7E6636B0087; Mon, 27 Feb 2023 17:31:40 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 786F16B008A; Mon, 27 Feb 2023 17:31:40 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 50F696B0087; Mon, 27 Feb 2023 17:31:40 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 391C36B0085 for ; Mon, 27 Feb 2023 17:31:40 -0500 (EST) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 1C4581A07C0 for ; Mon, 27 Feb 2023 22:31:40 +0000 (UTC) X-FDA: 80514519960.25.59338A0 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by imf28.hostedemail.com (Postfix) with ESMTP id 17C97C000E for ; Mon, 27 Feb 2023 22:31:37 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=Nqhmx5ZK; spf=pass (imf28.hostedemail.com: domain of rick.p.edgecombe@intel.com designates 192.55.52.136 as permitted sender) smtp.mailfrom=rick.p.edgecombe@intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1677537098; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=TG4W8GNWHkgVckZvhzg7bpbibSBgnztcU0bXpGrX6WY=; b=g0dLpxl6b/yWp5TY/S6trqUmgrZAgTnNAjZncJNVQsIENvuVyVExiK77EtK/kyx/mRXUi7 3aKdmKLgbdnwwvd/LZIeV6SLWMheGxqf+GgM4Amzbvw8dk55Uy9R3uKIZk180yACvYeOCw GWixTTYi+THJOz9/XwkhUnyJWXCb+pE= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=Nqhmx5ZK; spf=pass (imf28.hostedemail.com: domain of rick.p.edgecombe@intel.com designates 192.55.52.136 as permitted sender) smtp.mailfrom=rick.p.edgecombe@intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1677537098; a=rsa-sha256; cv=none; b=RFepmKNfMh7abmL9xOz6+149y1v+a019eJE+zebrLEvxdRKoqoZRk1h0afYAPNzSSMS3fV 4vwHnOvJCU6kL+MeGUfHxRVswrPxvFrmj9EA5+v2+w7qHNiv+KcceIdiXvAJt4y3TzK/U2 SLvwxHPOQxwrj+k43gDXMm/90zvHUy0= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1677537098; x=1709073098; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ErfroshrbQualKPLAsK/DpeAwNdzrJEBOvME1abf8WI=; b=Nqhmx5ZKzHljEeH00gT5i44iLXYa7NpAkPb8hFL7qXz4pEgX7LagsqpX d0c8XY5RBp1JnzzBtX0U5bKEKyjhyhs90zFrYUSMFLWqENL3FelydyXg4 I20zi2Fl8EXTussAjQaGcguC6aMhSSSIP/vonsYP8Sj4sk/cbWQwiTPty qNreCsEY8626jLsQeU1rE9vzzVeBrW5Hzm4hNdpsIIM6jE4e5njrQIToP UjohPNSwnnWHk+nfJzNuAkYgx9JOUd352WkHjzS8vmXwZkZSJRQ6lfGPu zvX4e79/1fIguxJBGbbVhCV05FR9aZMhXvWjUX7APRNNKMv3KgvZ5pZMT w==; X-IronPort-AV: E=McAfee;i="6500,9779,10634"; a="313657286" X-IronPort-AV: E=Sophos;i="5.98,220,1673942400"; d="scan'208";a="313657286" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Feb 2023 14:31:16 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10634"; a="848024471" X-IronPort-AV: E=Sophos;i="5.98,220,1673942400"; d="scan'208";a="848024471" Received: from leonqu-mobl1.amr.corp.intel.com (HELO rpedgeco-desk.amr.corp.intel.com) ([10.209.72.19]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Feb 2023 14:31:15 -0800 From: Rick Edgecombe To: x86@kernel.org, "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H . J . Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , Weijiang Yang , "Kirill A . Shutemov" , John Allen , kcc@google.com, eranian@google.com, rppt@kernel.org, jamorris@linux.microsoft.com, dethoma@microsoft.com, akpm@linux-foundation.org, Andrew.Cooper3@citrix.com, christina.schimpe@intel.com, david@redhat.com, debug@rivosinc.com Cc: rick.p.edgecombe@intel.com, linux-s390@vger.kernel.org Subject: [PATCH v7 12/41] s390/mm: Introduce pmd_mkwrite_kernel() Date: Mon, 27 Feb 2023 14:29:28 -0800 Message-Id: <20230227222957.24501-13-rick.p.edgecombe@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230227222957.24501-1-rick.p.edgecombe@intel.com> References: <20230227222957.24501-1-rick.p.edgecombe@intel.com> MIME-Version: 1.0 X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 17C97C000E X-Stat-Signature: g8u46pmn7hyeqfbny83n58wtjeyde5tn X-Rspam-User: X-HE-Tag: 1677537097-83426 X-HE-Meta: U2FsdGVkX1+RuZA7+Yq6IijgWoL1z+Dk7tNavQQOJkYb9/dhxuZonphelRFIQ99z0LhU8UhOI2kNUF6O+GK3nCLERYCZW/GkJFyBDXd9M/dV43z2vvjYuoQSAWetkxUOAZTPxlzLav4RKi9EPRn6JrmhuEB8rQPuIWtHbO79Gk4ABQtcCSK7W9OsB6J+NKGKKYet+NOUL+Ve5fWgRsdUZVB1mUPCrd3wmR7OznLGkOBy0TGf1QpAWtffZbco8PtNYXnoCzr6zJ1c5HXJabK2Qs+00bN9hbeor9Nkux8+Nr07KWEb0LYz3nDoY2d/67JZHQohSoADZEFw6qDJCH90quL686u9so+IPoSVAEa7V1aIlp4l7wIpCXA76ovq2JMLHdpHkBrZKZkvAFFTWoGoxHIuLQlY2qbmoi7IcURlqSbXW/x4OkQslNfoGA2W7vmGuw6zt5SQKMcnsnvFD+RufORd97pH7YrKBjIf311Qs/HbIqVOB1QkdWOXERuowC86vLMsN4ItP8j/fBBJkQS7mCbHhhS12hhgExnAkzBaEFesmiy3DoerCHgQCAX24jvZZsWLyfHSkaPN0wbtEV4XKhBwh3ysfhnjZYav7HP0+TWLYFX3DpY2I2AZOgZJRl85VjpEBLi1+3O9y2CEkzR2Hr5hQ9nJfLQei9jKRdmLteYXzbEIMJyOh3ZigXtjNwJSe7yq/pIkNtjPAEtS0/tpja4rMRTy/WeKJFtIKP0qD+zmK86l+qd+r+2AHrilUTvw/Up2mA5dkav9qXywc4btQhHZ2thJ2EGwTiezYp1PtWUHgh2Qmyeq1BTS7BS+xLCHnh5krUzneo3n/ArNf5NaJhyLabAKzqs+AydZEq2vVDiExnAG0NPWWWvkRQrs/uKV+KuMCWOwOshEj5812tu1XB03auxGr+ELEEZI+uYLSdTrhytRlMw4DHeFxwjfnKwWTKYVQZpFQ3PS7TPG0ij ru2kt9Tr SBe8yLhnyt54QG/cqEMEgDfuuoNTt5GHQegkytSndoEs5Cdi60rT1U/zVa3M4aJxfWa9t67QWLXxReYUFIers2itI+iuKXlGN9kIJqo5iRbXTbtT2LUyvrinZ3crh+HEpbUYJ2PqFCYCU2Ne8YICteub/I4D49YCwvEzWCuy4NUe4cE7mWtwiumSUk+i+5OR8sntq/lTLdUidQg9zjiuFzWPcwUWQhwfKV+B65Cx1ODpr9FPReyCGi9GWWfyoF2myDFfxLCwD2OmE0f9ofyu054xIxB8t5bEeT+ZrpUcsWzER8zmWT2+dZXJ1TYfjTRHm3cJzDC2n0MyVqbefnAwwbHQaVlLX3Z13b3FQVikNnyWgWAChkCIp7BI2tTWLAKGVGO7uw6/Wk78SKK5m4JBHC7U/4FXVni5FcoPbFj29WfF2wuD6btZ/GDP+gTG07oDlzvQ1QdJCc2WpAyHlO5PBWwFKxAe99b0/UG92dznEorYSSmTjXfj45G3VeKusf+nARh3vD3fCm29G93S/khWmo7ZG0tUx3nA1O+7rZeqbEQeg+ME= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The x86 Control-flow Enforcement Technology (CET) feature includes a new type of memory called shadow stack. This shadow stack memory has some unusual properties, which requires some core mm changes to function properly. One of these changes is to allow for pmd_mkwrite() to create different types of writable memory (the existing conventionally writable type and also the new shadow stack type). Future patches will convert pmd_mkwrite() to take a VMA in order to facilitate this, however there are places in the kernel where pmd_mkwrite() is called outside of the context of a VMA. These are for kernel memory. So create a new variant called pmd_mkwrite_kernel() and switch the kernel users over to it. Have pmd_mkwrite() and pmd_mkwrite_kernel() be the same for now. Future patches will introduce changes to make pmd_mkwrite() take a VMA. Only do this for architectures that need it because they call pmd_mkwrite() in arch code without an associated VMA. Since it will only currently be used in arch code, so do not include it in arch_pgtable_helpers.rst. Cc: linux-kernel@vger.kernel.org Cc: linux-s390@vger.kernel.org Cc: linux-arch@vger.kernel.org Cc: linux-mm@kvack.org Tested-by: Pengfei Xu Tested-by: John Allen Tested-by: Kees Cook Acked-by: Mike Rapoport (IBM) Acked-by: Heiko Carstens Acked-by: David Hildenbrand Reviewed-by: Kees Cook Suggested-by: David Hildenbrand Signed-off-by: Rick Edgecombe --- Hi Non-x86 Arch’s, x86 has a feature that allows for the creation of a special type of writable memory (shadow stack) that is only writable in limited specific ways. Previously, changes were proposed to core MM code to teach it to decide when to create normally writable memory or the special shadow stack writable memory, but David Hildenbrand suggested[0] to change pXX_mkwrite() to take a VMA, so awareness of shadow stack memory can be moved into x86 code. Since pXX_mkwrite() is defined in every arch, it requires some tree-wide changes. So that is why you are seeing some patches out of a big x86 series pop up in your arch mailing list. There is no functional change. After this refactor, the shadow stack series goes on to use the arch helpers to push shadow stack memory details inside arch/x86. Testing was just 0-day build testing. Hopefully that is enough context. Thanks! [0] https://lore.kernel.org/lkml/0e29a2d0-08d8-bcd6-ff26-4bea0e4037b0@redhat.com/#t v6: - New patch --- arch/s390/include/asm/pgtable.h | 7 ++++++- arch/s390/mm/pageattr.c | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h index d4943f2d3f00..deeb918cae1d 100644 --- a/arch/s390/include/asm/pgtable.h +++ b/arch/s390/include/asm/pgtable.h @@ -1491,7 +1491,7 @@ static inline pmd_t pmd_wrprotect(pmd_t pmd) return set_pmd_bit(pmd, __pgprot(_SEGMENT_ENTRY_PROTECT)); } -static inline pmd_t pmd_mkwrite(pmd_t pmd) +static inline pmd_t pmd_mkwrite_kernel(pmd_t pmd) { pmd = set_pmd_bit(pmd, __pgprot(_SEGMENT_ENTRY_WRITE)); if (pmd_val(pmd) & _SEGMENT_ENTRY_DIRTY) @@ -1499,6 +1499,11 @@ static inline pmd_t pmd_mkwrite(pmd_t pmd) return pmd; } +static inline pmd_t pmd_mkwrite(pmd_t pmd) +{ + return pmd_mkwrite_kernel(pmd); +} + static inline pmd_t pmd_mkclean(pmd_t pmd) { pmd = clear_pmd_bit(pmd, __pgprot(_SEGMENT_ENTRY_DIRTY)); diff --git a/arch/s390/mm/pageattr.c b/arch/s390/mm/pageattr.c index 4ee5fe5caa23..7b6967dfacd0 100644 --- a/arch/s390/mm/pageattr.c +++ b/arch/s390/mm/pageattr.c @@ -146,7 +146,7 @@ static void modify_pmd_page(pmd_t *pmdp, unsigned long addr, if (flags & SET_MEMORY_RO) new = pmd_wrprotect(new); else if (flags & SET_MEMORY_RW) - new = pmd_mkwrite(pmd_mkdirty(new)); + new = pmd_mkwrite_kernel(pmd_mkdirty(new)); if (flags & SET_MEMORY_NX) new = set_pmd_bit(new, __pgprot(_SEGMENT_ENTRY_NOEXEC)); else if (flags & SET_MEMORY_X)