Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp1021208ybl; Fri, 10 Jan 2020 10:38:24 -0800 (PST) X-Google-Smtp-Source: APXvYqyD8qY3kpotUqJTMZ82BUMWF6Ih3pL0KA+J1Fwixj7nmX14hIJxYBE+ErLvmXpdpBKXU8Nt X-Received: by 2002:aca:4309:: with SMTP id q9mr3351288oia.158.1578681504151; Fri, 10 Jan 2020 10:38:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1578681504; cv=none; d=google.com; s=arc-20160816; b=Iu0ZWeTulnbDODKmckWnj3/h3Cl/BOW85TZrwvXWEnHRgxVO5vn6BiP1D979N3At/1 GiYjo7vWEjq9IkEplPTPgJgPfo38Q747vRPmLW8Q+7rHmPkZLG/Tl9EOURkd2ltT/NqQ vVZs5BwtwUR1lM8DYIVsFxOR4gi6QjBfehmPi9LmlrOAoJUpc0jTORvTDklXguc0CqAJ 4IuZpB5om4RhHYG29ff7Oh/LkamH6+TEUolZipI2OW4/VmCnJ9h8h1WGvo3+9s8Lik2L e+E2Vkv+gimo1yjjTQuR/vnZG6ZQuYcJrNzpDpb5670AijqFy5FRKs58WMHqQERoYKUW HZaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=fmcf23Sue46zW9KyJcymQ0L3bIFW8gH24DbyWFdyn8c=; b=t+Q1604qZc81IvAy63rW3Zy+CDUQYORw6aQJhZ4FGBV8yhF9Xj/xlZPq3FC+qEd0I/ 6NV8USOpzWerO+D00c4EYkDvonGdbCx4lJd7zxAyFafkWlyikkWdNCOGOgL2SacEATAy weuefbAb0cfbmOJWmW7Uc3WWpkWAgrGmThAxkUPiLBOI6TX8SKws10bVXhFVVAp/pPZz fyCCBF68dMadH06VS8VjvVQSG+qxy7qVMNsXdO4nu4Tn/rcyUSCFglwBn2MkU7yqBkIy /wGx21emc9lRsUqQkuSaaYt76TlbUQqTq8uhpGeJ2rIgxjsz0AH4Uj2GXM+yMgBpUvxd pXcQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=h+t8K1Vg; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v18si1792733otn.202.2020.01.10.10.38.12; Fri, 10 Jan 2020 10:38:24 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=h+t8K1Vg; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728467AbgAJSgO (ORCPT + 99 others); Fri, 10 Jan 2020 13:36:14 -0500 Received: from mail.kernel.org ([198.145.29.99]:43942 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728023AbgAJSgO (ORCPT ); Fri, 10 Jan 2020 13:36:14 -0500 Received: from mail-wr1-f44.google.com (mail-wr1-f44.google.com [209.85.221.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 1AAD621744 for ; Fri, 10 Jan 2020 18:36:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578681373; bh=ZUQib7bnoTZU/304mmRL5Mwvrc5MIbAoLniN4Uk/qYw=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=h+t8K1VgQO2sqGDI7eQ7fhLz4uqrI7kcD8o9E7GRSvSk41bGfpwcP9glUFoAvpEDO vKIazUnxJip7Y+EjMYX0HhhIVOP6z+pIhksR/gsQBuQuSZmDtqtPngJW4t/hkoWZMQ 2xFlT4rI9w8G0PDoS9dgMdPkyWxgZOQAOXfipC44= Received: by mail-wr1-f44.google.com with SMTP id b6so2779398wrq.0 for ; Fri, 10 Jan 2020 10:36:13 -0800 (PST) X-Gm-Message-State: APjAAAXK1Afu5/HZ8cjYRXQKGsHF3bXVBRyBiDxPqDTW6q24VZ/SAP+s nWD2omaxUh6lm1T+j8UMK+L+mFl2CVwXQDmVhKQFjA== X-Received: by 2002:adf:f20b:: with SMTP id p11mr4718822wro.195.1578681371413; Fri, 10 Jan 2020 10:36:11 -0800 (PST) MIME-Version: 1.0 References: <21bf6bb46544eab79e792980f82520f8fbdae9b5.camel@intel.com> <400be86aab208d0e50a237cdbd3195763396e3ed.camel@intel.com> <96dd98b3c4f73b205b6e669ca87fa64901c117d6.camel@intel.com> In-Reply-To: <96dd98b3c4f73b205b6e669ca87fa64901c117d6.camel@intel.com> From: Andy Lutomirski Date: Fri, 10 Jan 2020 10:35:59 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH bpf-next] bpf: Make trampolines W^X To: "Edgecombe, Rick P" Cc: "luto@kernel.org" , "songliubraving@fb.com" , "linux-kernel@vger.kernel.org" , "daniel@iogearbox.net" , "peterz@infradead.org" , "keescook@chromium.org" , "bpf@vger.kernel.org" , "jeyu@kernel.org" , "kuznet@ms2.inr.ac.ru" , "mjg59@google.com" , "nadav.amit@gmail.com" , "ast@kernel.org" , "thgarnie@chromium.org" , "kpsingh@chromium.org" , "linux-security-module@vger.kernel.org" , "x86@kernel.org" , "revest@chromium.org" , "jannh@google.com" , "namit@vmware.com" , "jackmanb@chromium.org" , "Hansen, Dave" , "kafai@fb.com" , "yhs@fb.com" , "davem@davemloft.net" , "yoshfuji@linux-ipv6.org" , "mhalcrow@google.com" , "andriin@fb.com" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Jan 9, 2020, at 3:01 PM, Edgecombe, Rick P wrote: >> The vmap code immediately removes PTEs when unmaps occur (which it may >> very well do right now -- I haven't checked) but also tracks the >> kernel_tlb_gen associated with each record of an >> unmapped-but-not-zapped area. Then we split vm_unmap_aliases() into a >> variant that unmaps all aliases and a variant that merely promises to >> unmap at least one alias. The former does what the current code does >> except that it skips the IPI if all areas in question have tlb_gen < >> flushed_kernel_tlb_gen. The latter clears all areas with tlb_gen < >> flushed_kernel_tlb_gen and, if there weren't any, does >> flush_tlb_kernel_range() and flushes everything. >> >> (Major caveat: this is wrong for the case where >> flush_tlb_kernel_range() only flushes some but not all of the kernel. >> So this needs considerable work if it's actually going to me useful. >> The plain old "take locks and clean up" approach might be a better >> bet.) >> > > Hmm. In normal usage (!DEBUG_PAGE_ALLOC), are kernel range tlb shootdowns= common > outside of module space users and lazy vmap stuff? A tlb_gen solution mig= ht only > be worth it in cases where something other than vm_unmap_aliases() and he= lpers > was doing this frequently. I suspect that the two bug users aside from vunmap() will be eBPF and, eventually, XPFO / =E2=80=9Cexclusive pages=E2=80=9D / less crappy SEV-like implementations / actual high quality MKTME stuff / KVM side-channel-proof memory. The latter doesn=E2=80=99t actually exist yet (= the SEV implementation sidesteps this with a horrible hack involving incoherent mappings that are left active with fingers crossed), but it really seems like it=E2=80=99s coming. In general, if we=E2=80=99re going to have a pool of non-RW-direct-mapped pages, we also want some moderately efficient way to produce such pages. Right now, creating and freeing eBPF programs in a loop is probably a performance disaster on large systems.