Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751524AbdLNAKT (ORCPT ); Wed, 13 Dec 2017 19:10:19 -0500 Received: from bombadil.infradead.org ([65.50.211.133]:41301 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750795AbdLNAKS (ORCPT ); Wed, 13 Dec 2017 19:10:18 -0500 Date: Wed, 13 Dec 2017 16:10:12 -0800 From: Matthew Wilcox To: Peter Zijlstra Cc: Thomas Gleixner , LKML , x86@kernel.org, Linus Torvalds , Andy Lutomirsky , Dave Hansen , Borislav Petkov , Greg KH , keescook@google.com, hughd@google.com, Brian Gerst , Josh Poimboeuf , Denys Vlasenko , Boris Ostrovsky , Juergen Gross , David Laight , Eduardo Valentin , aliguori@amazon.com, Will Deacon , linux-mm@kvack.org Subject: Re: [patch 05/16] mm: Allow special mappings with user access cleared Message-ID: <20171214001012.GA22639@bombadil.infradead.org> References: <20171212173221.496222173@linutronix.de> <20171212173333.669577588@linutronix.de> <20171213215022.GA27778@bombadil.infradead.org> <20171213221233.GC3326@worktop> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20171213221233.GC3326@worktop> User-Agent: Mutt/1.9.1 (2017-09-22) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1533 Lines: 26 On Wed, Dec 13, 2017 at 11:12:33PM +0100, Peter Zijlstra wrote: > On Wed, Dec 13, 2017 at 01:50:22PM -0800, Matthew Wilcox wrote: > > On Tue, Dec 12, 2017 at 06:32:26PM +0100, Thomas Gleixner wrote: > > > From: Peter Zijstra > > > In order to create VMAs that are not accessible to userspace create a new > > > VM_NOUSER flag. This can be used in conjunction with > > > install_special_mapping() to inject 'kernel' data into the userspace map. > > > > Maybe I misunderstand the intent behind this, but I was recently looking > > at something kind of similar. I was calling it VM_NOTLB and it wouldn't > > put TLB entries into the userspace map at all. The idea was to be able > > to use the user address purely as a handle for specific kernel pages, > > which were guaranteed to never be mapped into userspace, so we didn't > > need to send TLB invalidations when we took those pages away from the user > > process again. But we'd be able to pass the address to read() or write(). > > Since the LDT is strictly per process, the idea was to actually inject > it into the userspace map. Except of course, userspace must not actually > be able to access it. So by mapping it !_PAGE_USER its 'invisible'. > > But the CPU very much needs the mapping, it will load the LDT entries > through them. So can I use your VM_NOUSER VMAs for my purpose? That is, can I change the page table without flushing the TLB? The only access to these PTEs will be through the kernel mapping, so I don't see why I'd need to.