Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp405351imu;
        Wed, 21 Nov 2018 22:40:21 -0800 (PST)
X-Google-Smtp-Source: AFSGD/XWEZ1uyYd0LxJvDMCPIplGnbXi2xnjrkwnAHS25N2RqkW3cFler8TPaChiO21C9PM9Takr
X-Received: by 2002:a63:5a08:: with SMTP id o8mr8876707pgb.185.1542868821825;
        Wed, 21 Nov 2018 22:40:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1542868821; cv=none;
        d=google.com; s=arc-20160816;
        b=pWqUNeT+ZkJQioybEST2VRmKWdn5PZQ2iEMUnebgFI4R27U7swN12Zq0SSBnBTLuzB
         wnqUUGmA5c4WNM7exrKAv0KST8QMGCRxCmZtTcizvkgM0o8TOj/lYlgAxmdl/rBxKrxS
         8zrnvKRFUqR/ENeURv+nBVrSYwci0GwEv49y4QV5jyJO1Dw0qcoyoASv/k6HbydRR555
         t4kdTGK3TaxwBwKbbckoC433fLjMhjmvqrNrg+syDo3miv82P/tuNw7HayG+3t00R5gf
         tAxoSdHzAfRLejDRceCEiFRFKmvap30ojcyXSZ8JIxGJ1XpJ50KbOtQ96ESevCOJUMIS
         qC+Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=PSWyxBOlwKkcl1ioDrFGqpS2m3Dvm6IkOsIEY++i27Q=;
        b=p0UbhtfL8QgWn/D63zd5O/EFlDZWTmvkjB6o4+cktkJqEttuODjzgdDzp6EHOzgpoB
         +P6ad8k8YuW010ayHn60TREHKBVzy5det0UJmXRZxlbec80bWLvnIKgKeU2VqEg4Pxlh
         c1JkRlqhcBDbx4nXJvD4+nZFCRsF5Vup/PeFCcJUH24AlMag8/68zeTM6MxhcgNzi2DU
         44BhQcscNmmvbVfnUfPFOWfc4AjtvCjORU0RhBDvIyHJs/SrXiWtCTpyCrYgPpZiiI8e
         Gx/axg7FZgIzvpe85Otw0yXvA3wYLDmjcSFOOUmFvbErz8yGHHziLSazYQ/NkS3T//uQ
         9cKQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linaro.org header.s=google header.b=I4QN5yp0;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id s11si48728937pgi.324.2018.11.21.22.40.07;
        Wed, 21 Nov 2018 22:40:21 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linaro.org header.s=google header.b=I4QN5yp0;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731476AbeKVHM2 (ORCPT <rfc822;kkoh.linux@gmail.com>
        + 99 others); Thu, 22 Nov 2018 02:12:28 -0500
Received: from mail-it1-f194.google.com ([209.85.166.194]:37066 "EHLO
        mail-it1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1730044AbeKVHM0 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 22 Nov 2018 02:12:26 -0500
Received: by mail-it1-f194.google.com with SMTP id b5so10853749iti.2
        for <linux-kernel@vger.kernel.org>; Wed, 21 Nov 2018 12:36:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=PSWyxBOlwKkcl1ioDrFGqpS2m3Dvm6IkOsIEY++i27Q=;
        b=I4QN5yp0wqD6Q6V6wb4E+S+8SwBtTdRh7R1m2DLbih1+A0DJs1TlJZ3K3B33njdkij
         Y3To/sFL+9ZmLxLYDyvQ0pqlhOMKOPd+DNc/CFEEAS/lAH6+JzBY1Exwb/n1tq7fRWj7
         ABjQpDsxeu1ZCFqO1bUDY9jp2OKgsZQDYDF8o=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=PSWyxBOlwKkcl1ioDrFGqpS2m3Dvm6IkOsIEY++i27Q=;
        b=fXUQRR+2Og63yT9xSmUu0H8n12AsJSp9HcgXzB8YH+THHXB8Y4HDnvh3zbSa+HQE3m
         Pb5nLB2Xmw+pvuxviKx6EI7dOcSP7Yt4ZWv8fG1yWaS3cCVoGPOC7OeW5Ui5nX18GPtQ
         jG0noHK9OFen+phcIL4wN7XUhDri0Hiubml48DgNZqjWrJ2epntHEnq0t6iMO7j/Qzk7
         IRBoguTd/D+y6VF65lPqo7fKFET9CwPk0Zv9MNg4oG5ztcQrFgoV2ZbR0wdH+OLdKC3G
         zkifqhqF89JHphoE6tQBJdd9CFP+PkCLmljMyP698juNflpUTH/MnV2xn6DQNw0IAQoE
         1mQg==
X-Gm-Message-State: AGRZ1gIylfi6Imc7lcaF1AKwMryUYTqhLkIgAU95K/mzx2TqugHRK+r6
        LtnqPVrDRySXy5f2b2XBNC0/KO7Jh61guZLCNYGh0w==
X-Received: by 2002:a02:8449:: with SMTP id l9-v6mr7111833jah.130.1542832592857;
 Wed, 21 Nov 2018 12:36:32 -0800 (PST)
MIME-Version: 1.0
References: <20181121131733.14910-1-ard.biesheuvel@linaro.org> <9d7f77959e1be0a9a3ff511a8fc45518068c85a6.camel@intel.com>
In-Reply-To: <9d7f77959e1be0a9a3ff511a8fc45518068c85a6.camel@intel.com>
From:   Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date:   Wed, 21 Nov 2018 21:36:22 +0100
Message-ID: <CAKv+Gu9jrYH_79b11nZgb5NOJrZrRNEz7Sy3OrgVHE+rRsYigg@mail.gmail.com>
Subject: Re: [PATCH v2 0/2] bpf: permit JIT allocations to be served outside
 the module region
To:     Rick Edgecombe <rick.p.edgecombe@intel.com>
Cc:     linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Kees Cook <keescook@chromium.org>,
        Jessica Yu <jeyu@kernel.org>, Jann Horn <jannh@google.com>,
        Alexei Starovoitov <ast@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Will Deacon <will.deacon@arm.com>,
        "<netdev@vger.kernel.org>" <netdev@vger.kernel.org>,
        Eric Dumazet <eric.dumazet@gmail.com>,
        "David S. Miller" <davem@davemloft.net>,
        Arnd Bergmann <arnd@arndb.de>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, 21 Nov 2018 at 20:48, Edgecombe, Rick P
<rick.p.edgecombe@intel.com> wrote:
>
> On Wed, 2018-11-21 at 14:17 +0100, Ard Biesheuvel wrote:
> > On arm64, modules are allocated from a 128 MB window which is close to
> > the core kernel, so that relative direct branches are guaranteed to be
> > in range (except in some KASLR configurations). Also, module_alloc()
> > is in charge of allocating KASAN shadow memory when running with KASAN
> > enabled.
> >
> > This means that the way BPF reuses module_alloc()/module_memfree() is
> > undesirable on arm64 (and potentially other architectures as well),
> > and so this series refactors BPF's use of those functions to permit
> > architectures to change this behavior.
> >
> Hi Ard,
>
> I am looking at adding optional BPF JIT in vmalloc functionality for x86 that
> would use this refactor. In fact I have done the same thing with just different
> names.
>
> My implementation intends to use the module space until a usage limit is reached
> and then overflow into vmalloc, so it would be an additional knob like
> "bpf_jit_limit". Wondering if that should be a cross-arch concept that connects
> to this. Does it fit in with what you are trying to do for arm64 here?
>

Hi Rick,

As I understand it, x86 requires the BPF allocations to be located
within 2 GB of the core kernel, so that RIP-relative 32-bit jumps are
in range (I read that in a comment somewhere, or a git commit log
perhaps)

That requirement does not exist on arm64: ordinary function calls and
tail calls emitted by the BPF JIT code have unlimited range, and so
there is simply no reason to prefer the module region for these
allocations. I guess we could achieve the same when reusing your
approach by setting the threshold to zero.