Received: by 2002:a05:7412:3784:b0:e2:908c:2ebd with SMTP id jk4csp1576253rdb; Mon, 2 Oct 2023 14:09:09 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFQUf0CDZkekby0MgXajMRszk11Ss1h2SF0xE4+X7srFPFIWo8Gr1fsKEEPJOf7cx3oDw9s X-Received: by 2002:a17:902:7008:b0:1bd:bbc3:c87b with SMTP id y8-20020a170902700800b001bdbbc3c87bmr10685946plk.41.1696280949489; Mon, 02 Oct 2023 14:09:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696280949; cv=none; d=google.com; s=arc-20160816; b=CPHdB+LoqWAX4XeW9tHYOr0GkPwThiQRBAu6HRz2lCeg+lsSJyYecKLI5TYSHNQYNH yupFAg1tiGLa1W+gPy4iuyDkcwML0OsEZRtBBxA8XYbRK1iDpV4Bzv81ypfw7dJdVEDx ez36jzefCU7T5jqrk/dVktwFD8mnQCBQx8YtybBmPc8g28Oyaudj7LuvN5vHi5jimrCz 7lfOHe1nK6H2wSboKu2xmT3pCthd6kI/7M0HXFdaku5p92wqUFhQm76NYYJjnudUda9O sjeJKfsMf4yrcA82bYRtVhgrxzTvLDupdmTEQ1xz0KNyFP1Lb6l4UG5fQT4kUzOsgfA2 y0cw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=V/uBY1GHK5wM8Sw0r1xr8kkIVh7PpQ9+l557Rxtbl80=; fh=ZTm7ECa+cNAjuUFSGyX7vLyPwCjX1usaxXsCID1rHoU=; b=e55IjIm0XoQQ12to1UJQu5Me1flFql8PUFFb4jy2aFfVUxbjrrVWmLdKjl7dhOtSsj 8thIEr2uXhRB5OU4hBbIQabtOX2FHk07WbHyPexw7a72YwnSiR/j705UAcgFEb98Oq6+ f5XvZNhRjT4cJwWRu6PkF0Ogr6hlVF89IPDNrjkfeKvj9Zli4bAFL3v8oD/kLoyAnFwd rZpv04g3RLXLMEgbUyJuC2HJAJMLGbr/Q+a5oKA7dPGm7VwvXrrUhxxdra6K6AA48Q4m uRFfApugKAhfWkR3uicC0w9rpUqeF8HLkAAitTnJXyrwagSuCPmf4S0dQvPR8n74Kpk1 q5GQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=Pc7dFJlY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id h11-20020a170902680b00b001c3f5db54acsi2488440plk.635.2023.10.02.14.09.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 02 Oct 2023 14:09:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=Pc7dFJlY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 2E4A181444C2; Mon, 2 Oct 2023 08:58:54 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238285AbjJBP6u (ORCPT + 99 others); Mon, 2 Oct 2023 11:58:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44782 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238026AbjJBP6t (ORCPT ); Mon, 2 Oct 2023 11:58:49 -0400 Received: from mail-ua1-x92a.google.com (mail-ua1-x92a.google.com [IPv6:2607:f8b0:4864:20::92a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B80F91 for ; Mon, 2 Oct 2023 08:58:46 -0700 (PDT) Received: by mail-ua1-x92a.google.com with SMTP id a1e0cc1a2514c-78f1210e27fso7304664241.1 for ; Mon, 02 Oct 2023 08:58:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1696262325; x=1696867125; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=V/uBY1GHK5wM8Sw0r1xr8kkIVh7PpQ9+l557Rxtbl80=; b=Pc7dFJlYTRopiol2lzwUFAHigo2IMLSYGRyMF9T0hPL/qJwLZ/OHPF4xthoEazJ7VW 4L+IevofZ3PFQsGMvoP6OXLPnKpZ+j7NE4kDB2dDyNnVPT2Twz99DLakTHI5O+0ux9p0 mtuX5YX7WxrsXH1Ka85C4Qqk2sfnCGlKv+nFDnDJYm2XgMqFFCmwRBI0aWAs0xo6exVu YERYjRcNEtTT4igoIy0CQZlV4WZmgMhWJl8yn6m34UQW5/KeoHPfOu9pE0iL/HCe3UjV ZItTjFykQHMNdA4C4xlC218BBOiEc9apsxICASsjCqkoV9H6y2VNE+djvL3VtJoSvxm+ I4mg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696262325; x=1696867125; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=V/uBY1GHK5wM8Sw0r1xr8kkIVh7PpQ9+l557Rxtbl80=; b=cxaPaVmGHaaltP3FV9+SpfmZxAyg3yp+p+yMCo/aARwpHDmAwJIrPb/JQYZy6tMIeg ObB1RBSLYEKvGtTClRlaM98SPdWTECecUh+FU7Yas5FGD/yQYS+SjyeL6R4CkzB47p0z tbHicO308cZDbFBuDCDb9/aY8yEUybh/MGfoCtDgdPhfBBmrsfEplfdxm0KZeR9Rs5Jb YNF5cUb6Al0vknjqhUra1nrEJACE2h206VMYBijcyDZ+DE6LI0hMGll4mS9YzPM7p9vr UYXDAR9j3ioTqmqdj7CfdBbWYemE2p1/uUu5X3ZXm66Ra2EklQU6b7BnO/A1BUp5dZFO wQOw== X-Gm-Message-State: AOJu0YxluODNG10F9bJN9sjC9GN2/0GDk8YDxT5fqiHKWWfkdz1QuQLF AOOZM95drVBQlSzkapCRQP0hBW4yRecBFkI1fdMeLQ== X-Received: by 2002:a05:6102:2db:b0:452:cfeb:160d with SMTP id h27-20020a05610202db00b00452cfeb160dmr10233920vsh.26.1696262325473; Mon, 02 Oct 2023 08:58:45 -0700 (PDT) MIME-Version: 1.0 References: <20230929211155.3910949-4-samitolvanen@google.com> <20230929211155.3910949-6-samitolvanen@google.com> <202309291452.66ED9B4D83@keescook> <20230930-emporium-share-2bbdf7074e54@spud> <202309301400.4E1AD87@keescook> <8d305ae1-4235-6ae8-7dfb-9f432fdfcd41@ghiti.fr> In-Reply-To: <8d305ae1-4235-6ae8-7dfb-9f432fdfcd41@ghiti.fr> From: Sami Tolvanen Date: Mon, 2 Oct 2023 08:58:07 -0700 Message-ID: Subject: Re: [PATCH 2/2] riscv: mm: Update mmap_rnd_bits_max To: Alexandre Ghiti Cc: Pedro Falcato , Kees Cook , Conor Dooley , Paul Walmsley , Palmer Dabbelt , Albert Ou , Andrew Morton , linux-mm@kvack.org, linux-riscv@lists.infradead.org, llvm@lists.linux.dev, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Mon, 02 Oct 2023 08:58:54 -0700 (PDT) On Mon, Oct 2, 2023 at 12:02=E2=80=AFAM Alexandre Ghiti wro= te: > > On 01/10/2023 17:19, Pedro Falcato wrote: > > On Sun, Oct 1, 2023 at 2:51=E2=80=AFAM Kees Cook wrote: > >> On Sat, Sep 30, 2023 at 10:02:35AM +0100, Conor Dooley wrote: > >>> On Fri, Sep 29, 2023 at 03:52:22PM -0700, Sami Tolvanen wrote: > >>>> On Fri, Sep 29, 2023 at 2:54=E2=80=AFPM Kees Cook wrote: > >>>>> On Fri, Sep 29, 2023 at 09:11:58PM +0000, Sami Tolvanen wrote: > >>>>>> ARCH_MMAP_RND_BITS_MAX is based on Sv39, which leaves a few > >>>>>> potential bits of mmap randomness on the table if we end up enabli= ng > >>>>>> 4/5-level paging. Update mmap_rnd_bits_max to take the final addre= ss > >>>>>> space size into account. This increases mmap_rnd_bits_max from 24 = to > >>>>>> 33 with Sv48/57. > >>>>>> > >>>>>> Signed-off-by: Sami Tolvanen > >>>>> I like this. Is RISCV the only arch where the paging level can be c= hosen > >>>>> at boot time? > >>>> I haven't seen this elsewhere, but I also haven't looked at all the > >>>> other architectures that closely. arm64 does something interesting > >>>> with ARM64_VA_BITS_52, but I think we can still handle that in > >>>> Kconfig. > >>> AFAIU, x86-64 can do this also: > >>> > >>> no4lvl [RISCV] Disable 4-level and 5-level paging mod= es. Forces > >>> kernel to use 3-level paging instead. > >>> > >>> no5lvl [X86-64,RISCV] Disable 5-level paging mode. Fo= rces > >>> kernel to use 4-level paging instead. > >> Ah-ha! Okay, well, then let's track this idea: > >> https://github.com/KSPP/linux/issues/346 > > (Replying here for visibility, tell me if you want to move this > > discussion to github) > > > > AIUI, x86 cannot do this for compat reasons. Even if you enable LA57, > > mmap only gives you < 48-bit addresses, for compatibility with things > > like JITs, etc that stash information in the upper 16 bits. You need > > to pass a > 48-bit mmap hint to get 57-bit addresses. > > > > I imagine riscv does not have this issue yet, due to little > > accumulated cruft, but it may be wise to check against popular JITters > > for these problems on riscv code. > > > > We already encountered those issues and the same solution was recently > merged (restrict to sv48 unless otherwise specified): > https://lore.kernel.org/all/20230809232218.849726-1-charlie@rivosinc.com/ We recently ran into this issue when bringing up Android as well because qemu defaults to Sv57 and some userspace bits weren't happy with >48-bit mmap addresses. Note that this patch uses MMAP_VA_BITS, which is 48 for both Sv48 and Sv57, which is why mmap_rnd_bits_max will be 33 even with Sv57. Sami