Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp8389953rwd; Tue, 20 Jun 2023 14:38:58 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6MZ5yQ2942auvWq5mn/5Shma+CstGq6HjwSloVZDt9F1s5wxdJq5OPOhu3GCMpjBE0shDZ X-Received: by 2002:a17:902:b197:b0:1b1:af8e:d31d with SMTP id s23-20020a170902b19700b001b1af8ed31dmr3526952plr.40.1687297138297; Tue, 20 Jun 2023 14:38:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1687297138; cv=none; d=google.com; s=arc-20160816; b=yZy/+i6T5xiuVL6Wi1Eiou6VuWOPrhpA2ZbaOZsT55e3ZNEirMPa5wXCjRykqcK3zT 6QqLkwQ08muyIwaqjsQ5MUGK3DE3IE/wd9N5ZvD3hO5eJ/Res6c14RRGDUqhS9+zxPyw mP2U/PKaQu+6sO4yvaXphi2h2jZ6mFHWI8fIYJS0ScL2dethpg2mugA4dmTLAib7+2RL xWNcKE23hriIb7R9jkWtx83sgHSl3k8VTbAovpGQGVq3Y16HctxyDkZrDgnCnEwbkBUy 69OKMuqzKl3kcVdqsgzDkyaV/1VXuu6I4rHLPlKjLuEr31QsWSW+2Og/InSdxsSE6jal r3og== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:subject:cc:to:from:date:references:in-reply-to :message-id:mime-version:user-agent:feedback-id:dkim-signature; bh=8jarQwxHT8yvhIQenywME8l9l7Ip5yj+cMcsI7OrpdQ=; b=wpWjw2apc+R7kx4UN69qZQ2K8SzCgmrqROWQX9C9oQ+hCZNMPcjTjwAQPefL7O+DFQ yWSlj3/La2EJpWmQKc280mjBOoe//u9BSLcsB0egsH4i35iO733FQHreePfnIAF1g4I4 ZDRJj5LRomhGHC8yMwwQDadvwyuE/bcUE2W3io55lx7UfEC2VYZ+FK31Si/T059U+uDk cz2brYOuYCD0KZxXcQXv7r5unyqiAigferQ+mU1Xk2ybgZX/WbzuJh2TN/gjT+uq3FTr QuOl58d94zRyj4qxDp37YPmo79PoXLohnUTYCZdBsK8N+Lb/Jo1X8Ndvf6Wl4tC6854x 2FfA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=VQe9AdAx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id kw16-20020a170902f91000b001ac94b7f2f0si2525608plb.523.2023.06.20.14.38.45; Tue, 20 Jun 2023 14:38:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=VQe9AdAx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230074AbjFTUnK (ORCPT + 99 others); Tue, 20 Jun 2023 16:43:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39922 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229918AbjFTUnJ (ORCPT ); Tue, 20 Jun 2023 16:43:09 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 063AAD1; Tue, 20 Jun 2023 13:43:07 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 791BA611C1; Tue, 20 Jun 2023 20:43:07 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7A1B6C433C8; Tue, 20 Jun 2023 20:43:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1687293786; bh=+GKm7AfWZk7imJmF+l1VZpt2mG2VQKVZcNY+CGDuwQk=; h=In-Reply-To:References:Date:From:To:Cc:Subject:From; b=VQe9AdAxuEPFM73E+RYB29XXizQJv29BxaIFRpr30ZiNRuwtlBWEeo3b3Quc09Qrv Lbk7FiN13cGWjbkYU7T+Vvrt2TbYo4n3JUAag+v8I62wbWHqlkfvJZ2ndvcao/LKJN IXblNGlYRYX0ZmNb/w4CBlIfaSk3PFk8RmV/792ddJcbzJgiT9yIQ4lXi/CL5Kpjtl oEEnY0P/fLRM+QcCudm0anW5iHuDv90kA5u8T4/obTdTaFqUiUAEpQ0vHNfo0qbcyQ lJDbdvPDVhIpImS9hjQgEDRhzqN4kHrGm9gh6dhZSc4tRxsC3jN7UTY0/SR6ZhVXPG WPjehgJiy1FcA== Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailauth.nyi.internal (Postfix) with ESMTP id 60AC127C0054; Tue, 20 Jun 2023 16:43:05 -0400 (EDT) Received: from imap48 ([10.202.2.98]) by compute3.internal (MEProxy); Tue, 20 Jun 2023 16:43:05 -0400 X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrgeefhedgudefvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvvefutgesthdtredtreertdenucfhrhhomhepfdet nhguhicunfhuthhomhhirhhskhhifdcuoehluhhtoheskhgvrhhnvghlrdhorhhgqeenuc ggtffrrghtthgvrhhnpedvveelvdeukedtuefhgeevvdeluefgteeggffggfegteehhfek tdffkeeiffetjeenucffohhmrghinhepghhouggsohhlthdrohhrghenucevlhhushhtvg hrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegrnhguhidomhgvshhmthhp rghuthhhphgvrhhsohhnrghlihhthidqudduiedukeehieefvddqvdeifeduieeitdekqd hluhhtoheppehkvghrnhgvlhdrohhrgheslhhinhhugidrlhhuthhordhush X-ME-Proxy: Feedback-ID: ieff94742:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id D107931A0064; Tue, 20 Jun 2023 16:43:04 -0400 (EDT) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.9.0-alpha0-499-gf27bbf33e2-fm-20230619.001-gf27bbf33 Mime-Version: 1.0 Message-Id: In-Reply-To: <37d2378e-72de-e474-5e25-656b691384ba@intel.com> References: <20230509165657.1735798-1-kent.overstreet@linux.dev> <20230509165657.1735798-8-kent.overstreet@linux.dev> <20230619104717.3jvy77y3quou46u3@moria.home.lan> <20230619191740.2qmlza3inwycljih@moria.home.lan> <5ef2246b-9fe5-4206-acf0-0ce1f4469e6c@app.fastmail.com> <20230620180839.oodfav5cz234pph7@moria.home.lan> <37d2378e-72de-e474-5e25-656b691384ba@intel.com> Date: Tue, 20 Jun 2023 13:42:44 -0700 From: "Andy Lutomirski" To: "Dave Hansen" , "Kent Overstreet" Cc: "Mark Rutland" , "Linux Kernel Mailing List" , linux-fsdevel@vger.kernel.org, "linux-bcachefs@vger.kernel.org" , "Kent Overstreet" , "Andrew Morton" , "Uladzislau Rezki" , "hch@infradead.org" , linux-mm@kvack.org, "Kees Cook" , "the arch/x86 maintainers" Subject: Re: [PATCH 07/32] mm: Bring back vmalloc_exec Content-Type: text/plain X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi all- On Tue, Jun 20, 2023, at 11:48 AM, Dave Hansen wrote: >>> No, I'm saying your concerns are baseless and too vague to >>> address. >> If you don't address them, the NAK will stand forever, or at least >> until a different group of people take over x86 maintainership. >> That's fine with me. > > I've got a specific concern: I don't see vmalloc_exec() used in this > series anywhere. I also don't see any of the actual assembly that's > being generated, or the glue code that's calling into the generated > assembly. > > I grepped around a bit in your git trees, but I also couldn't find it in > there. Any chance you could help a guy out and point us to some of the > specifics of this new, tiny JIT? > So I had a nice discussion with Kent on IRC, and, for the benefit of everyone else reading along, I *think* the JITted code can be replaced by a table-driven approach like this: typedef unsigned int u32; typedef unsigned long u64; struct uncompressed { u32 a; u32 b; u64 c; u64 d; u64 e; u64 f; }; struct bitblock { u64 source; u64 target; u64 mask; int shift; }; // out needs to be zeroed first void unpack(struct uncompressed *out, const u64 *in, const struct bitblock *blocks, int nblocks) { u64 *out_as_words = (u64*)out; for (int i = 0; i < nblocks; i++) { const struct bitblock *b; out_as_words[b->target] |= (in[b->source] & b->mask) << b->shift; } } void apply_offsets(struct uncompressed *out, const struct uncompressed *offsets) { out->a += offsets->a; out->b += offsets->b; out->c += offsets->c; out->d += offsets->d; out->e += offsets->e; out->f += offsets->f; } Which generates nice code: https://godbolt.org/z/3fEq37hf5 It would need spectre protection in two places, I think, because it's almost most certainly a great gadget if the attacker can speculatively control the 'blocks' table. This could be mitigated (I think) by hardcoding nblocks as 12 and by masking b->target. In contrast, the JIT approach needs a retpoline on each call, which could be more expensive than my entire function :) I haven't benchmarked them lately.