Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751549AbdLNART (ORCPT ); Wed, 13 Dec 2017 19:17:19 -0500 Received: from mail.kernel.org ([198.145.29.99]:55594 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751035AbdLNARR (ORCPT ); Wed, 13 Dec 2017 19:17:17 -0500 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5E9E7218BC Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=luto@kernel.org X-Google-Smtp-Source: ACJfBosADiKGkrVxPm+odkymcB6zBxGV4MhAy+iL5dAa8euF625wr6LV+0PNbrh24QU7PfrztHZ4cfkhC+IE1gWPr9Y= MIME-Version: 1.0 In-Reply-To: <20171214001012.GA22639@bombadil.infradead.org> References: <20171212173221.496222173@linutronix.de> <20171212173333.669577588@linutronix.de> <20171213215022.GA27778@bombadil.infradead.org> <20171213221233.GC3326@worktop> <20171214001012.GA22639@bombadil.infradead.org> From: Andy Lutomirski Date: Wed, 13 Dec 2017 16:16:56 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [patch 05/16] mm: Allow special mappings with user access cleared To: Matthew Wilcox Cc: Peter Zijlstra , Thomas Gleixner , LKML , X86 ML , Linus Torvalds , Andy Lutomirsky , Dave Hansen , Borislav Petkov , Greg KH , Kees Cook , Hugh Dickins , Brian Gerst , Josh Poimboeuf , Denys Vlasenko , Boris Ostrovsky , Juergen Gross , David Laight , Eduardo Valentin , "Liguori, Anthony" , Will Deacon , "linux-mm@kvack.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1852 Lines: 33 On Wed, Dec 13, 2017 at 4:10 PM, Matthew Wilcox wrote: > On Wed, Dec 13, 2017 at 11:12:33PM +0100, Peter Zijlstra wrote: >> On Wed, Dec 13, 2017 at 01:50:22PM -0800, Matthew Wilcox wrote: >> > On Tue, Dec 12, 2017 at 06:32:26PM +0100, Thomas Gleixner wrote: >> > > From: Peter Zijstra >> > > In order to create VMAs that are not accessible to userspace create a new >> > > VM_NOUSER flag. This can be used in conjunction with >> > > install_special_mapping() to inject 'kernel' data into the userspace map. >> > >> > Maybe I misunderstand the intent behind this, but I was recently looking >> > at something kind of similar. I was calling it VM_NOTLB and it wouldn't >> > put TLB entries into the userspace map at all. The idea was to be able >> > to use the user address purely as a handle for specific kernel pages, >> > which were guaranteed to never be mapped into userspace, so we didn't >> > need to send TLB invalidations when we took those pages away from the user >> > process again. But we'd be able to pass the address to read() or write(). >> >> Since the LDT is strictly per process, the idea was to actually inject >> it into the userspace map. Except of course, userspace must not actually >> be able to access it. So by mapping it !_PAGE_USER its 'invisible'. >> >> But the CPU very much needs the mapping, it will load the LDT entries >> through them. > > So can I use your VM_NOUSER VMAs for my purpose? That is, can I change > the page table without flushing the TLB? The only access to these PTEs > will be through the kernel mapping, so I don't see why I'd need to. I doubt it, since if it's in the kernel pagetables at all, then the mapping can be cached for kernel purposes. But I still think this discussion is off in the weeds. x86 does not actually need any of this stuff.