Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp4322261rwl; Mon, 3 Apr 2023 03:20:31 -0700 (PDT) X-Google-Smtp-Source: AKy350anRYvjl7EpdsoutAPylZ0QWy8c2MX7Iy0Ifx+IexPmuonETkqiiKmCZB4WmvaeDE4Amee+ X-Received: by 2002:a17:907:6e1b:b0:93f:2508:7203 with SMTP id sd27-20020a1709076e1b00b0093f25087203mr35048905ejc.43.1680517231558; Mon, 03 Apr 2023 03:20:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680517231; cv=none; d=google.com; s=arc-20160816; b=uT0i2NJQF2dhFqRIg+FVbslOpLoMsVeO9Rx3xVQAChs+0aoit+SN77oJy6uEf7CGTD l0gR2IBkVsezFX0ErrhrLqiqhPpQtLyUe591ZtXFHJQls53TpRGEJchgEImMSjY5Wsvq qUu6gbzatdT2t6quaoco1Eqv1Vi0vGHWlj49AcrO26W6PnULgUlre/SdvK6i0/6xtqZD i6piBdB8lMBMpZhD2+2a30ZQ4T/h9w4gPJCzcETia5+8APAH7Ifk1uzH9jTjg5A6+ZhG 2GitsMii90B9zPc2YeCu6Dn6mBrDJ5w3skCGR5ehfQ7l9X0gNr/sw3srlburLN+zOrVm AVfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id :dkim-signature:dkim-signature; bh=2X6kQY81kFbB9dD0hTeXUDO4hec/j/TMwLdo/emFpoY=; b=nVyzeZZpziN6x3BOhiRSeD6l0LykGsqVFHW7fbsLHYTiH4NA1rs/dhUHfqS3ziOoJo 5sep/svwi2ZP+9/ysQYvgUiffa8MqRM2BAdxC00gbum4CaNwCxNjyNFlAElqtV880D8S FVkIFOmqPP6D04ucQ+i34SrBgwaaFvcwzhCUCx5/vve0Ydu2fI8IYxULQBbzNj6BzOTd TgXP9k+de1hHUcXZNjx+tz90jFOCYJiCwC+UWa9xZudroZpYGgLydGY39lFZ7Q8xcsBD 1Sz2D6Q2WZfwnJXHWYo2GuCH2b9PPIlCoG8neCXbSj+rYltGOtfx0QYI2aR8rxTzEldy mXKA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov.name header.s=fm1 header.b=PWLLBsRK; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=GCn6alqf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 17-20020a170906201100b0093defbd6280si5326111ejo.1031.2023.04.03.03.20.07; Mon, 03 Apr 2023 03:20:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov.name header.s=fm1 header.b=PWLLBsRK; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=GCn6alqf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231748AbjDCKRO (ORCPT + 99 others); Mon, 3 Apr 2023 06:17:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34698 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231571AbjDCKRL (ORCPT ); Mon, 3 Apr 2023 06:17:11 -0400 Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 99A7565BC for ; Mon, 3 Apr 2023 03:17:10 -0700 (PDT) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 0F9B05C0112; Mon, 3 Apr 2023 06:17:10 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Mon, 03 Apr 2023 06:17:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov.name; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm1; t=1680517030; x= 1680603430; bh=2X6kQY81kFbB9dD0hTeXUDO4hec/j/TMwLdo/emFpoY=; b=P WLLBsRKU3t6HU9mytrKeBmCsce7DZbXrEbUsP1XSyJocFnMliyjsW7SnrhRtB3kl +RJdXf/OUH3loUP8GtoUzEdn8h13+Z1I8baYYOlMCYxEkS4QPyOMLmxTj6LEGAnF 5YYGdEHZuvr5A3KK8ytIT4Boh+rVNJh9JPHPOClTSxeGPVe5uVCDLTajqhyPloGD nXy5uM8s0Fk/ZAJygBi2nOUhzQywjq4nxF8r+uCreRnXr6Rv4MInRqnRJiexhDc6 WRxWESBdAwFiwR1sTDoRBlQasm0pg8dyGb9dObhQOE5CB6lAS6lexRTnVKEw7FnS aPGS1IXrkrK8UuKUuNWKw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1680517030; x=1680603430; bh=2X6kQY81kFbB9 dD0hTeXUDO4hec/j/TMwLdo/emFpoY=; b=GCn6alqfL8Z3dAUqoE+HVZPwtPvs+ xXfC3DT4YTTh2NGlc5tZn2Gh59F7uch966MlUSKIvMuv54SN5DF/vIawhnY6C4oa tBxWQmvyduZr9B/Co0hJNkSoxABDXJcvOKyr9koR+oanupXr0IgpOlgGDsY7Ggh/ HUbF9XwzXxj6hOiFqZJ/1s1fSzrXjwA5w1eub8WyR9aDet1wV3mCIhR4kMfaGYPF NYMjdxHBoK9A+mZ+QLLQUlOM0zUi69grpoEMrsVaDBn+qipctRjR9IgX5CdgwLuq Xq4n/k9r/vATx1HCCHwpR0ZLGY9lpFUNWAoDtomW9av+UOt5zPM1EZvNQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrvdeijedgvdehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkfhggtggujgesthdtredttddtvdenucfhrhhomhepfdfmihhr ihhllhcutedrucfuhhhuthgvmhhovhdfuceokhhirhhilhhlsehshhhuthgvmhhovhdrnh grmhgvqeenucggtffrrghtthgvrhhnpeekvddvjeffheetgedtvdfgieejiedvgeejieet jeehieehveffueekfeehffdvveenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmh epmhgrihhlfhhrohhmpehkihhrihhllhesshhhuhhtvghmohhvrdhnrghmvg X-ME-Proxy: Feedback-ID: ie3994620:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 3 Apr 2023 06:17:09 -0400 (EDT) Received: by box.shutemov.name (Postfix, from userid 1000) id C0E9010D7B3; Mon, 3 Apr 2023 13:17:07 +0300 (+03) Date: Mon, 3 Apr 2023 13:17:07 +0300 From: "Kirill A. Shutemov" To: Dmitry Vyukov Cc: "Kirill A. Shutemov" , Dave Hansen , Andy Lutomirski , Peter Zijlstra , x86@kernel.org, Kostya Serebryany , Andrey Ryabinin , Andrey Konovalov , Alexander Potapenko , Taras Madan , "H . J . Lu" , Andi Kleen , Rick Edgecombe , Bharata B Rao , Jacob Pan , Ashok Raj , Linus Torvalds , linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: Re: [PATCHv16 11/17] x86/mm/iommu/sva: Make LAM and SVA mutually exclusive Message-ID: <20230403101707.satsniziz3tn2zyd@box> References: <20230312112612.31869-1-kirill.shutemov@linux.intel.com> <20230312112612.31869-12-kirill.shutemov@linux.intel.com> <20230403094419.zl2ncsd4qyd35fex@box> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 03, 2023 at 11:56:48AM +0200, Dmitry Vyukov wrote: > On Mon, 3 Apr 2023 at 11:44, Kirill A. Shutemov wrote: > > > > On Mon, Apr 03, 2023 at 08:18:57AM +0200, Dmitry Vyukov wrote: > > > Hi Kirill, > > > > > > ARCH_ENABLE_TAGGED_ADDR checks that task->mm == current->mm, > > > shouldn't ARCH_FORCE_TAGGED_SVA check that as well? > > > > Do you a particular race in mind? I cannot think of anything right away. > > > > I guess we can add the check for consistency. But if there's a bug it is a > > different story. > > No, I don't have a particular race in mind. Was thinking solely about > consistency and if these things should be set for other processes > (relaxing the check is always possible in future, but adding new > restrictions is generally not possible). Okay. Makes sense. It is only reachable with task != current from ptrace, which is rather obscure path. Anyway, I will prepare a proper patch with this fixup: diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index eda826a956df..4ffd8e67d273 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -883,6 +883,8 @@ long do_arch_prctl_64(struct task_struct *task, int option, unsigned long arg2) case ARCH_ENABLE_TAGGED_ADDR: return prctl_enable_tagged_addr(task->mm, arg2); case ARCH_FORCE_TAGGED_SVA: + if (current != task) + return -EINVAL; set_bit(MM_CONTEXT_FORCE_TAGGED_SVA, &task->mm->context.flags); return 0; case ARCH_GET_MAX_TAG_BITS: > > > Also it looks like currently to enable both LAM and SVA. > > > LAM enabling checks for SVA, but SVA doesn't and both are not mutually > > > exclusive. > > > > For LAM we check SVM with mm_valid_pasid() && !test_bit() in > > prctl_enable_tagged_addr(). > > > > For SVM we check for LAM with !mm_lam_cr3_mask() || test_bit() in > > arch_pgtable_dma_compat() which called from iommu_sva_alloc_pasid(). > > It seems that currently it's possible to both enable LAM and set SVA bit. > Then arch_pgtable_dma_compat() will return true, but LAM is enabled. Right. That's the point of the bit. It allows SVA and LAM to co-exist: The new ARCH_FORCE_TAGGED_SVA arch_prctl() overrides the limitation. By using the arch_prctl() userspace takes responsibility to never pass tagged address to the device. I'm confused. -- Kiryl Shutsemau / Kirill A. Shutemov