Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp154659imm; Thu, 2 Aug 2018 15:59:49 -0700 (PDT) X-Google-Smtp-Source: AAOMgpdYXRhwNd8PSm9sV3nqkISk16EFPeUwPMXIsf5aDLo4eBI93wxqeAiJAeskqQ9LGINkLXTm X-Received: by 2002:a63:8b44:: with SMTP id j65-v6mr1266494pge.248.1533250789839; Thu, 02 Aug 2018 15:59:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533250789; cv=none; d=google.com; s=arc-20160816; b=R5rXm6MOh3hu5QbMW76RqD3LMSxKUX28m7JIoOmrwbrS8d5Gwpzqf/OyJlmlTqaEV5 4qeFyeoqamwDHapO/sz8YT+pW1p7GiNK5Q9eDP8MwLIFZlIpWiIne1OTLWw1sAruv5/k sKeF8RPL7Ju41CfwQ72g9KKziy4luhCQbwefdkZLyYIRYy1sqFG/JCjOCHx7cRfGD/dl TDjipP/F304wYXaiZ8W3DPcqsOxKxDO9u9nt0AiRvrXEzypilz1MJRpCOZOm4DpYTcVd TDYGXxXfOYKTPiYDxfz1xcW8yQVvshyBGAraf1zITKB6OPhNIxTKz1wM1NCHLtQl/JOY o+Zg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:in-reply-to:references:date :from:cc:to:subject:arc-authentication-results; bh=pbUZjP4lrqxC5A1dq7rUm+LRUNjIlUsMf0mYR2Bed4E=; b=XnE1qxKZdUXC25Fa4mYJ4JW3WN+hhwSwxIzdeJejuhl5OLqyWx5ZStGYBrPvwaGGc9 P7uIUPsAx7xt5khebyoiZWJBb6NDch68b8PvVcPRSwKsOl2fNY2bk02do9XjOJVNfjbg 2WGki6uJtkqYmKgp+DbfuVjVuPntbBu56jdoQoEFrQpqP2aWvoFL2baX5MPJR9usE5z6 rd54JApx2mzfiMBwy6oS/u31sra5s29AfK56PLa5rnmReiKv+UnE8TTU9LwUaRw+fpz7 iK6IMEbDEe/YecCQtpG1mW/QKrgjq0tBL1YEXUcbWBUwcsEVHw2QgJQHA3RdP79xW+1q rdKQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f3-v6si2225325plr.214.2018.08.02.15.59.35; Thu, 02 Aug 2018 15:59:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732457AbeHCAwC (ORCPT + 99 others); Thu, 2 Aug 2018 20:52:02 -0400 Received: from mga04.intel.com ([192.55.52.120]:44452 "EHLO mga04.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727002AbeHCAwB (ORCPT ); Thu, 2 Aug 2018 20:52:01 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Aug 2018 15:58:44 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,437,1526367600"; d="scan'208";a="59287685" Received: from viggo.jf.intel.com (HELO localhost.localdomain) ([10.54.77.144]) by fmsmga007.fm.intel.com with ESMTP; 02 Aug 2018 15:58:43 -0700 Subject: [PATCH 7/7] x86/mm/pageattr: Remove implicit NX behavior To: linux-kernel@vger.kernel.org Cc: Dave Hansen , keescook@google.com, tglx@linutronix.de, mingo@kernel.org, aarcange@redhat.com, jgross@suse.com, jpoimboe@redhat.com, gregkh@linuxfoundation.org, peterz@infradead.org, hughd@google.com, torvalds@linux-foundation.org, bp@alien8.de, luto@kernel.org, ak@linux.intel.com From: Dave Hansen Date: Thu, 02 Aug 2018 15:58:35 -0700 References: <20180802225823.4711C55B@viggo.jf.intel.com> In-Reply-To: <20180802225823.4711C55B@viggo.jf.intel.com> Message-Id: <20180802225835.2A460569@viggo.jf.intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Dave Hansen This is a cleanup. There should be functional changes in this patch. The pageattr code has the ability to find and change aliases mappings. It does this for requests by default unless the page protections being modified contain only the NX bit. But, this behavior is rather obscure and buried very deep within the infrastructure. Rather than doing it implicitly from NX, use the new CPA_NO_CHECK_ALIAS to do it more explicitly from the call site where NX is set. Signed-off-by: Dave Hansen Cc: Kees Cook Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Andrea Arcangeli Cc: Juergen Gross Cc: Josh Poimboeuf Cc: Greg Kroah-Hartman Cc: Peter Zijlstra Cc: Hugh Dickins Cc: Linus Torvalds Cc: Borislav Petkov Cc: Andy Lutomirski Cc: Andi Kleen --- b/arch/x86/mm/pageattr.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff -puN arch/x86/mm/pageattr.c~x86-pageattr-nx arch/x86/mm/pageattr.c --- a/arch/x86/mm/pageattr.c~x86-pageattr-nx 2018-08-02 15:04:48.032475796 -0700 +++ b/arch/x86/mm/pageattr.c 2018-08-02 15:04:48.036475796 -0700 @@ -1485,8 +1485,6 @@ static int change_page_attr_set_clr(unsi if (in_flag & (CPA_ARRAY | CPA_PAGES_ARRAY)) cpa.flags |= in_flag; - /* No alias checking for _NX bit modifications */ - checkalias = (pgprot_val(mask_set) | pgprot_val(mask_clr)) != _PAGE_NX; /* Never check aliases if the caller asks for it explicitly: */ if (checkalias && (in_flag & CPA_NO_CHECK_ALIAS)) checkalias = 0; @@ -1750,7 +1748,9 @@ int set_memory_x(unsigned long addr, int if (!(__supported_pte_mask & _PAGE_NX)) return 0; - return change_page_attr_clear(&addr, numpages, __pgprot(_PAGE_NX), 0); + /* NX is not required to be consistent across aliases. */ + return change_page_attr_clear(&addr, numpages, __pgprot(_PAGE_NX), + CPA_NO_CHECK_ALIAS); } EXPORT_SYMBOL(set_memory_x); @@ -1759,7 +1759,9 @@ int set_memory_nx(unsigned long addr, in if (!(__supported_pte_mask & _PAGE_NX)) return 0; - return change_page_attr_set(&addr, numpages, __pgprot(_PAGE_NX), 0); + /* NX is not required to be consistent across aliases. */ + return change_page_attr_set(&addr, numpages, __pgprot(_PAGE_NX), + CPA_NO_CHECK_ALIAS); } EXPORT_SYMBOL(set_memory_nx); _