Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751375AbdIKKez (ORCPT ); Mon, 11 Sep 2017 06:34:55 -0400 Received: from szxga04-in.huawei.com ([45.249.212.190]:6006 "EHLO szxga04-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750965AbdIKKey (ORCPT ); Mon, 11 Sep 2017 06:34:54 -0400 Subject: Re: [PATCH v6 00/11] Add support for eXclusive Page Frame Ownership To: Tycho Andersen , References: <20170907173609.22696-1-tycho@docker.com> CC: , , Marco Benatto , Juerg Haefliger From: Yisheng Xie Message-ID: <23e5bac9-329a-3a32-049e-7e7c9751abd0@huawei.com> Date: Mon, 11 Sep 2017 18:34:45 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.1.0 MIME-Version: 1.0 In-Reply-To: <20170907173609.22696-1-tycho@docker.com> Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: 7bit X-Originating-IP: [10.177.29.40] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.59B666CC.00D3,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0, ip=0.0.0.0, so=2014-11-16 11:51:01, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 1ef831da39dc09ce5127906bb65ca948 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3711 Lines: 82 Hi Tycho , On 2017/9/8 1:35, Tycho Andersen wrote: > Hi all, > > Here is v6 of the XPFO set; see v5 discussion here: > https://lkml.org/lkml/2017/8/9/803 > > Changelogs are in the individual patch notes, but the highlights are: > * add primitives for ensuring memory areas are mapped (although these are quite > ugly, using stack allocation; I'm open to better suggestions) > * instead of not flushing caches, re-map pages using the above > * TLB flushing is much more correct (i.e. we're always flushing everything > everywhere). I suspect we may be able to back this off in some cases, but I'm > still trying to collect performance numbers to prove this is worth doing. > > I have no TODOs left for this set myself, other than fixing whatever review > feedback people have. Thoughts and testing welcome! According to the paper of Vasileios P. Kemerlis et al, the mainline kernel will not set the Pro. of physmap(direct map area) to RW(X), so do we really need XPFO to protect from ret2dir attack? Thanks Yisheng xie > > Cheers, > > Tycho > > Juerg Haefliger (6): > mm, x86: Add support for eXclusive Page Frame Ownership (XPFO) > swiotlb: Map the buffer if it was unmapped by XPFO > arm64/mm: Add support for XPFO > arm64/mm, xpfo: temporarily map dcache regions > arm64/mm: Add support for XPFO to swiotlb > lkdtm: Add test for XPFO > > Tycho Andersen (5): > mm: add MAP_HUGETLB support to vm_mmap > x86: always set IF before oopsing from page fault > xpfo: add primitives for mapping underlying memory > arm64/mm: disable section/contiguous mappings if XPFO is enabled > mm: add a user_virt_to_phys symbol > > Documentation/admin-guide/kernel-parameters.txt | 2 + > arch/arm64/Kconfig | 1 + > arch/arm64/include/asm/cacheflush.h | 11 + > arch/arm64/mm/Makefile | 2 + > arch/arm64/mm/dma-mapping.c | 32 +-- > arch/arm64/mm/flush.c | 7 + > arch/arm64/mm/mmu.c | 2 +- > arch/arm64/mm/xpfo.c | 127 +++++++++++ > arch/x86/Kconfig | 1 + > arch/x86/include/asm/pgtable.h | 25 +++ > arch/x86/mm/Makefile | 1 + > arch/x86/mm/fault.c | 6 + > arch/x86/mm/pageattr.c | 22 +- > arch/x86/mm/xpfo.c | 171 +++++++++++++++ > drivers/misc/Makefile | 1 + > drivers/misc/lkdtm.h | 5 + > drivers/misc/lkdtm_core.c | 3 + > drivers/misc/lkdtm_xpfo.c | 194 +++++++++++++++++ > include/linux/highmem.h | 15 +- > include/linux/mm.h | 2 + > include/linux/xpfo.h | 79 +++++++ > lib/swiotlb.c | 3 +- > mm/Makefile | 1 + > mm/mmap.c | 19 +- > mm/page_alloc.c | 2 + > mm/page_ext.c | 4 + > mm/util.c | 32 +++ > mm/xpfo.c | 273 ++++++++++++++++++++++++ > security/Kconfig | 19 ++ > 29 files changed, 1005 insertions(+), 57 deletions(-) > create mode 100644 arch/arm64/mm/xpfo.c > create mode 100644 arch/x86/mm/xpfo.c > create mode 100644 drivers/misc/lkdtm_xpfo.c > create mode 100644 include/linux/xpfo.h > create mode 100644 mm/xpfo.c >