Received: by 10.223.185.116 with SMTP id b49csp2374343wrg; Thu, 22 Feb 2018 12:41:16 -0800 (PST) X-Google-Smtp-Source: AH8x224uUFuQ/AxNWmw+3ib7tHDNxnEyNOQg4BzA421iDwTNZMxIdohwB4mXExuvAIdSd2KtU0/R X-Received: by 10.101.100.9 with SMTP id a9mr6630761pgv.102.1519332076540; Thu, 22 Feb 2018 12:41:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519332076; cv=none; d=google.com; s=arc-20160816; b=qvthcPsqYEBl0ocEj8FnMW2a72WRGJtFwhRJY2Or6e830plovxf/S9NqWN1RacDJ9C 2dJOxIE1S0sDncwAj9wZcw9cvZGcmkKl52b1kzen1SYo9tMajVCCj8Xo4vgOpGErvdEY 3xRZJwIQqR7jbNykAEsSYAwpHfgyap6i/ziZwMlYbWu5K5F/LWAaGoxV8dRwC4fajsy0 jX6Q5SHWNogEJvSvNt5QD29K4PiQlgFhevwK4joCwYUG3HWp7WZBgTi5RpMz81p9rFRJ GRYm7Dx2wtYErHp9mpiwXNYQGQkcVioSnJ40qfw5fZOW1kJ/648aFGLDHsuEu7YTpKDI 4nwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:in-reply-to:references:date :from:cc:to:subject:arc-authentication-results; bh=eY2VoW+unkCdu+Rj4Wz9qlW9Tpee0+ed8TXmM2do7QI=; b=tlChmk6LAFo6h6TpPTtiFYlN5ZMKpcWf7u+oj7u6kgsHh1MLyHe+7PF9bRw0NUeDjP PzeihTKgm7lQxsZzbQhKVZSJ8n5m73YuCbfoZcPaIYs3qEgi8rvPBWXz5bV6fchHPtnl vsNHDOr26RVVboazHrW1dzJ+znpZ+hdDaL9KD/2MfMFqdCwxGGFsUNfQ6raxoqarp4hL V0CapTTxc6qHsk6FEsOcSNa6gyy5q4aCSz19E2MS7QPvQoZcl1y/3Fu8toLZy6z2dyqd NN011l+So2dmTdyxPnAii1VVeZYETUDHL+wjdEYD2ucCq0ZShrUk23/Gd1qgbVl0t9Aq Ex5A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x6si483905pgp.10.2018.02.22.12.41.00; Thu, 22 Feb 2018 12:41:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751405AbeBVUhE (ORCPT + 99 others); Thu, 22 Feb 2018 15:37:04 -0500 Received: from mga14.intel.com ([192.55.52.115]:34135 "EHLO mga14.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750826AbeBVUhB (ORCPT ); Thu, 22 Feb 2018 15:37:01 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Feb 2018 12:37:01 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.47,378,1515484800"; d="scan'208";a="32074451" Received: from viggo.jf.intel.com (HELO localhost.localdomain) ([10.54.39.119]) by fmsmga004.fm.intel.com with ESMTP; 22 Feb 2018 12:37:01 -0800 Subject: [RFC][PATCH 01/10] x86/mm: factor out pageattr _PAGE_GLOBAL setting To: linux-kernel@vger.kernel.org Cc: Dave Hansen , aarcange@redhat.com, luto@kernel.org, torvalds@linux-foundation.org, keescook@google.com, hughd@google.com, jgross@suse.com, x86@kernel.org, namit@vmware.com From: Dave Hansen Date: Thu, 22 Feb 2018 12:36:53 -0800 References: <20180222203651.B776810C@viggo.jf.intel.com> In-Reply-To: <20180222203651.B776810C@viggo.jf.intel.com> Message-Id: <20180222203653.4F2F9816@viggo.jf.intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Dave Hansen The pageattr code has a pattern repeated where it sets _PAGE_GLOBAL for present PTEs but clears it for non-present PTEs. The intention is to keep _PAGE_GLOBAL from getting confused with _PAGE_PROTNONE since _PAGE_GLOBAL is for present PTEs and _PAGE_PROTNONE is for non-present But, this pattern makes no sense. Effectively, it says, if you use the pageattr code, always set _PAGE_GLOBAL when _PAGE_PRESENT. canon_pgprot() will clear it if unsupported, but we *always* set it. This gets confusing when we have PTI and non-PTI and we want some areas to have _PAGE_GLOBAL and some not. This updated version of the code says: 1. Clear _PAGE_GLOBAL when !_PAGE_PRESENT 2. Never set _PAGE_GLOBAL implicitly 3. Allow _PAGE_GLOBAL to be in cpa.set_mask 4. Allow _PAGE_GLOBAL to be inherited from previous PTE Aside: _PAGE_GLOBAL is ignored when CR4.PGE=1, so why do we even go to the trouble of filtering it anywhere? Signed-off-by: Dave Hansen Cc: Andrea Arcangeli Cc: Andy Lutomirski Cc: Linus Torvalds Cc: Kees Cook Cc: Hugh Dickins Cc: Juergen Gross Cc: x86@kernel.org Cc: Nadav Amit --- b/arch/x86/mm/pageattr.c | 68 ++++++++++++++++------------------------------- 1 file changed, 24 insertions(+), 44 deletions(-) diff -puN arch/x86/mm/pageattr.c~kpti-centralize-global-setting arch/x86/mm/pageattr.c --- a/arch/x86/mm/pageattr.c~kpti-centralize-global-setting 2018-02-22 12:36:17.531036556 -0800 +++ b/arch/x86/mm/pageattr.c 2018-02-22 12:36:17.535036556 -0800 @@ -512,6 +512,23 @@ static void __set_pmd_pte(pte_t *kpte, u #endif } +static pgprot_t pgprot_clear_protnone_bits(pgprot_t prot) +{ + /* + * _PAGE_GLOBAL means "global page" for present PTEs. + * But, it is also used to indicate _PAGE_PROTNONE + * for non-present PTEs. + * + * This ensures that a _PAGE_GLOBAL PTE going from + * present to non-present is not confused as + * _PAGE_PROTNONE. + */ + if (!(pgprot_val(prot) & _PAGE_PRESENT)) + pgprot_val(prot) &= ~_PAGE_GLOBAL; + + return prot; +} + static int try_preserve_large_page(pte_t *kpte, unsigned long address, struct cpa_data *cpa) @@ -577,18 +594,11 @@ try_preserve_large_page(pte_t *kpte, uns * different bit positions in the two formats. */ req_prot = pgprot_4k_2_large(req_prot); - - /* - * Set the PSE and GLOBAL flags only if the PRESENT flag is - * set otherwise pmd_present/pmd_huge will return true even on - * a non present pmd. The canon_pgprot will clear _PAGE_GLOBAL - * for the ancient hardware that doesn't support it. - */ - if (pgprot_val(req_prot) & _PAGE_PRESENT) - pgprot_val(req_prot) |= _PAGE_PSE | _PAGE_GLOBAL; + req_prot = pgprot_clear_protnone_bits(req_prot); + if (pgprot_val(req_prot) & _PAGE_PRESENT) + pgprot_val(req_prot) |= _PAGE_PSE; else - pgprot_val(req_prot) &= ~(_PAGE_PSE | _PAGE_GLOBAL); - + pgprot_val(req_prot) &= ~_PAGE_PSE; req_prot = canon_pgprot(req_prot); /* @@ -698,16 +708,7 @@ __split_large_page(struct cpa_data *cpa, return 1; } - /* - * Set the GLOBAL flags only if the PRESENT flag is set - * otherwise pmd/pte_present will return true even on a non - * present pmd/pte. The canon_pgprot will clear _PAGE_GLOBAL - * for the ancient hardware that doesn't support it. - */ - if (pgprot_val(ref_prot) & _PAGE_PRESENT) - pgprot_val(ref_prot) |= _PAGE_GLOBAL; - else - pgprot_val(ref_prot) &= ~_PAGE_GLOBAL; + ref_prot = pgprot_clear_protnone_bits(ref_prot); /* * Get the target pfn from the original entry: @@ -930,18 +931,7 @@ static void populate_pte(struct cpa_data pte = pte_offset_kernel(pmd, start); - /* - * Set the GLOBAL flags only if the PRESENT flag is - * set otherwise pte_present will return true even on - * a non present pte. The canon_pgprot will clear - * _PAGE_GLOBAL for the ancient hardware that doesn't - * support it. - */ - if (pgprot_val(pgprot) & _PAGE_PRESENT) - pgprot_val(pgprot) |= _PAGE_GLOBAL; - else - pgprot_val(pgprot) &= ~_PAGE_GLOBAL; - + pgprot = pgprot_clear_protnone_bits(pgprot); pgprot = canon_pgprot(pgprot); while (num_pages-- && start < end) { @@ -1234,17 +1224,7 @@ repeat: new_prot = static_protections(new_prot, address, pfn); - /* - * Set the GLOBAL flags only if the PRESENT flag is - * set otherwise pte_present will return true even on - * a non present pte. The canon_pgprot will clear - * _PAGE_GLOBAL for the ancient hardware that doesn't - * support it. - */ - if (pgprot_val(new_prot) & _PAGE_PRESENT) - pgprot_val(new_prot) |= _PAGE_GLOBAL; - else - pgprot_val(new_prot) &= ~_PAGE_GLOBAL; + new_prot = pgprot_clear_protnone_bits(new_prot); /* * We need to keep the pfn from the existing PTE, _