Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752653AbdLMWNX (ORCPT <rfc822;w@1wt.eu>);
        Wed, 13 Dec 2017 17:13:23 -0500
Received: from merlin.infradead.org ([205.233.59.134]:49550 "EHLO
        merlin.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751466AbdLMWNV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 13 Dec 2017 17:13:21 -0500
Date: Wed, 13 Dec 2017 23:12:33 +0100
From: Peter Zijlstra <peterz@infradead.org>
To: Matthew Wilcox <willy@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
        LKML <linux-kernel@vger.kernel.org>, x86@kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Andy Lutomirsky <luto@kernel.org>, Dave Hansen <dave.hansen@intel.com>,
        Borislav Petkov <bpetkov@suse.de>,
        Greg KH <gregkh@linuxfoundation.org>, keescook@google.com,
        hughd@google.com, Brian Gerst <brgerst@gmail.com>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Denys Vlasenko <dvlasenk@redhat.com>,
        Boris Ostrovsky <boris.ostrovsky@oracle.com>,
        Juergen Gross <jgross@suse.com>,
        David Laight <David.Laight@aculab.com>,
        Eduardo Valentin <eduval@amazon.com>, aliguori@amazon.com,
        Will Deacon <will.deacon@arm.com>, linux-mm@kvack.org
Subject: Re: [patch 05/16] mm: Allow special mappings with user access cleared
Message-ID: <20171213221233.GC3326@worktop>
References: <20171212173221.496222173@linutronix.de>
 <20171212173333.669577588@linutronix.de>
 <20171213215022.GA27778@bombadil.infradead.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20171213215022.GA27778@bombadil.infradead.org>
User-Agent: Mutt/1.5.22.1 (2013-10-16)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1722
Lines: 32

On Wed, Dec 13, 2017 at 01:50:22PM -0800, Matthew Wilcox wrote:
> On Tue, Dec 12, 2017 at 06:32:26PM +0100, Thomas Gleixner wrote:
> > From: Peter Zijstra <peterz@infradead.org>
> > 
> > In order to create VMAs that are not accessible to userspace create a new
> > VM_NOUSER flag. This can be used in conjunction with
> > install_special_mapping() to inject 'kernel' data into the userspace map.
> 
> Maybe I misunderstand the intent behind this, but I was recently looking
> at something kind of similar.  I was calling it VM_NOTLB and it wouldn't
> put TLB entries into the userspace map at all.  The idea was to be able
> to use the user address purely as a handle for specific kernel pages,
> which were guaranteed to never be mapped into userspace, so we didn't
> need to send TLB invalidations when we took those pages away from the user
> process again.  But we'd be able to pass the address to read() or write().
> 
> So I was going to check the VMA flags in no_page_table() and return the
> struct page that was notmapped there.  I didn't get as far as constructing
> a prototype yet, and I'm not entirely sure I understand the purpose of
> this patch, so perhaps there's no synergy here at all (and perhaps my
> idea wouldn't have worked anyway).

Yeah, completely different. This here actually needs the page table
entries. Currently we keep the LDT in kernel memory, but with PTI we
loose the entire kernel map.

Since the LDT is strictly per process, the idea was to actually inject
it into the userspace map. Except of course, userspace must not actually
be able to access it. So by mapping it !_PAGE_USER its 'invisible'.

But the CPU very much needs the mapping, it will load the LDT entries
through them.