Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp5199897imm; Sun, 26 Aug 2018 13:17:25 -0700 (PDT) X-Google-Smtp-Source: ANB0VdbVK45eEVcVLm5xnax2diDxePceGQb+ymsoxbHLlhyVDcgtNoAqaw2zCYurz0GM9+ANmzJa X-Received: by 2002:a17:902:9302:: with SMTP id bc2-v6mr10490849plb.280.1535314645613; Sun, 26 Aug 2018 13:17:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535314645; cv=none; d=google.com; s=arc-20160816; b=NV2SjF2iuXzmibJuYboueg2kWgMRsfmfkWglrEh1gfA+Trv5TW5ra2MW4mcVvafadF fz8p2A9U6tduqiBNPQDTGPHjjFfxxcXN4H259h4SM8hgEcyCex6V+9K9nsh8pDbTA+8O Bs+x3B6hhTOnQDTQkDf9e+gfHmzLopIooMrvmnATC9FaXOJnMryHKXPk+HH0Bxo4DHMv 4qOb8IkLJHt5aNM3le2S3hKQXVjVGfbM4qzh/LuHRoy2wvtGskbtFKqnwTySVrx13QsC mWSvk3Pb5kLd2nsrHURyqRBKv/W5umjLdbEgfcgisI4YFV2ty2I/rcgfCKd4RThlh0ns i9zg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date :arc-authentication-results; bh=JptO38YYekzuEHq+fd+Np7TYnXrINGWlOn2ds0cEb18=; b=zIJ/vfQU2u6YY3sijcbYnRXUumitEmp0NL+MQcKOHEES/AW8bui0IiNV9qRR816ccX Emy8SdGKYoYiHBiugY0S8qmOcQHPa0UpAocD/vxz2tfkfR12e0ui1z7iH9UbLHDgReld 7B+ZAxQCQCE+/voSYT058VkslPbFtmxkS/XCI7ANUXjbrll1+yRdDI+U+axVy7zL/Hyo SknVWECluVUKzxeo94LS/L1yqXOdbkItMs6Pqk6S/SR1SiaB3yWJEw2hg8YGjOJFEr1j tFLMgXELKLfXgQbAm5kdxK0tY6Kbqo2gaQrjED7rVKeSEIwqAg9BQo4uBWnh7TsJ+7el wSBQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b128-v6si9212541pfb.352.2018.08.26.13.17.10; Sun, 26 Aug 2018 13:17:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727079AbeHZX7k (ORCPT + 99 others); Sun, 26 Aug 2018 19:59:40 -0400 Received: from Galois.linutronix.de ([146.0.238.70]:41954 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726805AbeHZX7k (ORCPT ); Sun, 26 Aug 2018 19:59:40 -0400 Received: from p4fea45ac.dip0.t-ipconnect.de ([79.234.69.172] helo=nanos.glx-home) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1fu1RX-0007hk-MU; Sun, 26 Aug 2018 22:15:27 +0200 Date: Sun, 26 Aug 2018 22:15:17 +0200 (CEST) From: Thomas Gleixner To: Andy Lutomirski cc: Kees Cook , Andy Lutomirski , Masami Hiramatsu , Nadav Amit , Linus Torvalds , Paolo Bonzini , Jiri Kosina , Peter Zijlstra , Will Deacon , Benjamin Herrenschmidt , Nick Piggin , the arch/x86 maintainers , Borislav Petkov , Rik van Riel , Jann Horn , Adin Scannell , Dave Hansen , Linux Kernel Mailing List , linux-mm , David Miller , Martin Schwidefsky , Michael Ellerman Subject: Re: TLB flushes on fixmap changes In-Reply-To: Message-ID: References: <20180822153012.173508681@infradead.org> <20180823133958.GA1496@brain-police> <20180824084717.GK24124@hirez.programming.kicks-ass.net> <20180824180438.GS24124@hirez.programming.kicks-ass.net> <56A9902F-44BE-4520-A17C-26650FCC3A11@gmail.com> <9A38D3F4-2F75-401D-8B4D-83A844C9061B@gmail.com> <8E0D8C66-6F21-4890-8984-B6B3082D4CC5@gmail.com> <20180826112341.f77a528763e297cbc36058fa@kernel.org> <952A64F0-90B3-4E2F-B410-7E20BE90D617@amacapital.net> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, 26 Aug 2018, Andy Lutomirski wrote: > > On Aug 26, 2018, at 9:47 AM, Kees Cook wrote: > >> On Sun, Aug 26, 2018 at 7:20 AM, Andy Lutomirski wrote: > >>> I tried to convince Ingo to use this method for doing "write rarely" > >>> and he soundly rejected it. :) I've always liked this because AFAICT, > >>> it's local to the CPU. I had proposed it in > >>> https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?h=kspp/write-rarely&id=9ab0cb2618ebbc51f830ceaa06b7d2182fe1a52d > >> > >> Ingo, can you clarify why you hate it? I personally would rather use CR3, but CR0 seems like a fine first step, at least for text_poke. > > > > Sorry, it looks like it was tglx, not Ingo: > > > > https://lkml.kernel.org/r/alpine.DEB.2.20.1704071048360.1716@nanos > > > > This thread is long, and one thing that I think went unanswered was > > "why do we want this to be fast?" the answer is: for doing page table > > updates. Page tables are becoming a bigger target for attacks now, and > > it's be nice if they could stay read-only unless they're getting > > updated (with something like this). > > > > > It kind of sounds like tglx would prefer the CR3 approach. And indeed my > patch has a serious problem wrt the NMI code. That's exactly the problem I have with CR0. It leaves everything and some more writeable for any code which can interrupt that section. Performance wise CR0 is not that much better than CR3 except that it has the costs nicely hidden. Thanks, tglx