Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp4731100ybi; Tue, 28 May 2019 01:25:58 -0700 (PDT) X-Google-Smtp-Source: APXvYqw2q3bugIMtJaW9RpQaHPIfG+4UieRddX5thEunFf7IC77FH7xLDnRmSNbPK0kuw7ZGfigu X-Received: by 2002:a62:1d48:: with SMTP id d69mr37853080pfd.200.1559031958770; Tue, 28 May 2019 01:25:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559031958; cv=none; d=google.com; s=arc-20160816; b=D2/Hywlj3kXwOhGe1sEIuSmi9YaPhMeTvcJZKl4d5EG5wvC77nb4lM+Y6Je74vz82g ku0RaRShGndi/JjMkKtmVq9+Qf623ZER26D3vKlnMJEbd99fACPxEYqCenk6lYf/T6ik wEzB+2fO+zBSlvJMfUeoQ0gA69/olwiS7IxQRcfK/lfTTku/aMBrbkJw5dwkOs1YBaHM oi8YzuWEubUY+Pr65dgpXqsU2BgNl9Ei3tcHGqFL6s0WFSFhCEQve+0EmuQ3BbWwGxLr 3lzDTqU39Cr0RV/lMDh5mBF0gxunN0yJN5jYOadVeTE0ADSDmRccT2xHP6VwhOzW3XcU XHlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=AK1fjT9uWxiWeaOUyyBfRTA2Ql/ET3jj/AzUwDdnAMo=; b=Fn0D3SpxriDbU/YuGQUiWsnyUpOoFQ3hdCQqViX7qH3Qlw8MNTXyhHWmff3jaiEx+f Nu91KcME0hmqDt5LV8MxsKs9kIJoT/vhRIF8/TrBnB5OPJOEqvQ9+XajwRjchGaeHKVE pylcW8MyqQcHljxSVFYWBNuikPsFSpCP6F71/yh+hh7fC3OWqT3MvISyE8LRwRKi4NCj c7+mfFhbeiBtIs/2FtHoVUO9/rSvWaahYrdoIF4MwRBwX7+evwWRrJmSyESG3nhN3Ru2 O+EGUuPuF2IzAnYldYfwIQooQfk+aET936gmZ23xLBAaATInpG5LGpEtVwiy55G9v9gi Dr6w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id bx7si2150457pjb.93.2019.05.28.01.25.42; Tue, 28 May 2019 01:25:58 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726654AbfE1IXU (ORCPT + 99 others); Tue, 28 May 2019 04:23:20 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:51850 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725943AbfE1IXT (ORCPT ); Tue, 28 May 2019 04:23:19 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E9959341; Tue, 28 May 2019 01:23:18 -0700 (PDT) Received: from [192.168.1.27] (usa-sjc-mx-foss1.foss.arm.com [217.140.101.70]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 7F7303F59C; Tue, 28 May 2019 01:23:16 -0700 (PDT) Subject: Re: [PATCH 3/4] arm64/kprobes: set VM_FLUSH_RESET_PERMS on kprobe instruction pages To: Anshuman Khandual , linux-arm-kernel@lists.infradead.org Cc: mark.rutland@arm.com, marc.zyngier@arm.com, Will Deacon , linux-kernel@vger.kernel.org, Peter Zijlstra , Nadav Amit , Masami Hiramatsu , James Morse , Andrew Morton , Rick Edgecombe References: <20190523102256.29168-1-ard.biesheuvel@arm.com> <20190523102256.29168-4-ard.biesheuvel@arm.com> From: Ard Biesheuvel Message-ID: <7c5e1fea-c93e-fc5b-8c77-c9bd9ec41fb3@arm.com> Date: Tue, 28 May 2019 10:23:14 +0200 User-Agent: Mozilla/5.0 (X11; Linux aarch64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/28/19 10:20 AM, Anshuman Khandual wrote: > > > On 05/23/2019 03:52 PM, Ard Biesheuvel wrote: >> In order to avoid transient inconsistencies where freed code pages >> are remapped writable while stale TLB entries still exist on other >> cores, mark the kprobes text pages with the VM_FLUSH_RESET_PERMS >> attribute. This instructs the core vmalloc code not to defer the >> TLB flush when this region is unmapped and returned to the page >> allocator. > > Makes sense. > >> >> Signed-off-by: Ard Biesheuvel >> --- >> arch/arm64/kernel/probes/kprobes.c | 4 +++- >> 1 file changed, 3 insertions(+), 1 deletion(-) >> >> diff --git a/arch/arm64/kernel/probes/kprobes.c b/arch/arm64/kernel/probes/kprobes.c >> index 2509fcb6d404..036cfbf9682a 100644 >> --- a/arch/arm64/kernel/probes/kprobes.c >> +++ b/arch/arm64/kernel/probes/kprobes.c >> @@ -131,8 +131,10 @@ void *alloc_insn_page(void) >> void *page; >> >> page = vmalloc_exec(PAGE_SIZE); >> - if (page) >> + if (page) { >> set_memory_ro((unsigned long)page, 1); >> + set_vm_flush_reset_perms(page); >> + } > > Looks good. It seems there might be more users who would like to set > VM_FLUSH_RESET_PERMS right after their allocation for the same reason. > Hence would not it help to have a variant like vmalloc_exec_reset() or > such which will tag vm_struct->flags with VM_FLUSH_RESET_PERMS right > after it's allocation without requiring the caller to do the same. > If there is a sufficient number of similar users, then of course, it makes sense to factor this out. However, the kprobes code is slightly unusual in the sense that it allocates memory and immediately remaps it read-only, and relies on code patching to populate this allocation. I am not expecting to see this pattern in other places.