Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1105580pxj; Wed, 2 Jun 2021 21:24:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw3a6wOjuUua/T79/ZMD6iwSM2rBZtfPthJUK83drFHHK0H02voJ7ELPYSKq080DbnvQOfn X-Received: by 2002:a17:906:6dc3:: with SMTP id j3mr37956476ejt.448.1622694269294; Wed, 02 Jun 2021 21:24:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622694269; cv=none; d=google.com; s=arc-20160816; b=lkslBsM/Q/bKn+i0Kd+6a6bl9XULdDOYMWx2odXk0tJp/mVTAfeKO0wGunhMWzl2g+ NkfebOFoPyB72o848eJifn5rLM9jX2CCLDONorM2bOyKCRRAmCXYgn4q8QnTIuIK8zYM 7qYFxZpXn/et7Te+PJ8W4weCy/tSxU4u3uswYxDRZLzsAcjovcK+VNJ+u6qkpKo3a+wm VQoWP1WNRrYpQ1zVoZsRcLGqv0+159FAbyV0RtY9UzcYdxBtTA9tiquQqn6Ga8B4YNot 058AApII4RTzuDm95gdDom+Ezcqg73fK4AABCGkSzokNKnIgmcTUah58vmtploDUAgOT +r8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:message-id :mime-version:in-reply-to:references:cc:to:subject:from:date :dkim-signature; bh=t/G8ts/OsTfzZ2YcjxToq7b0TvLbNV1D7hhxkpokyx8=; b=gedLFn73AWx+tU55C2gZ8xrCZebdOw7GmfZmMLlR6u91m3jMmGZ876d0CCs67rgy2y GP7Oci6P6i/ICFtXxaarXZcpWOZX0hWlKJfvu2UuvuUfxC0OA9D+RbvUT3rVJtvkgtna Mi5AHska6GnV2v6fJrE4nVzHUim6yMxq6+OgtLCqec2RjscgumI/lG95pgCpV/zS/nly YSnf4Lz5s+RdgjP8ZL0M0wv4WP/YPzguvvesM/unJGjJHmjbjNT3xczQQYvg89yBJyrb k72m7LWxu9pHYCljT6dU403SvZ6zuSaCgcxeow4j6Z0X61m3wDgJoE3lLMgbnHzYpgts qVEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=IWkwZG5N; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h14si1581769edr.526.2021.06.02.21.23.56; Wed, 02 Jun 2021 21:24:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=IWkwZG5N; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229501AbhFCEYg (ORCPT + 99 others); Thu, 3 Jun 2021 00:24:36 -0400 Received: from mail-pl1-f181.google.com ([209.85.214.181]:38483 "EHLO mail-pl1-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229479AbhFCEYf (ORCPT ); Thu, 3 Jun 2021 00:24:35 -0400 Received: by mail-pl1-f181.google.com with SMTP id 69so2230000plc.5 for ; Wed, 02 Jun 2021 21:22:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:subject:to:cc:references:in-reply-to:mime-version :message-id:content-transfer-encoding; bh=t/G8ts/OsTfzZ2YcjxToq7b0TvLbNV1D7hhxkpokyx8=; b=IWkwZG5N0JiGkMMKDhrJN9ZGpgNfQZ8iMnAiXhPbaXK/gKaudoaRd64lPSk8rww+/A UPaceYY64viUcn7D6+q+qMzpPt9ex23vlyKu/Sq7Bt/ZLOEnr2MHDj9SDKlg18AklLrZ yiAC597idqw3WZTOvP3DiAAf0IWjiLfufz51i/g275GHrr6WUme67rcx4ijaNxXkpc5/ Fxk/heJMgFyGT8GYcwgsesQ6xT2vqZKDLcu+iA5cBZCwCBJJVd3WK5pVkgs+YVW1SqoO bO07HsSkCXQnG5QnfLhLvaex5epTSpe2XeBSw1zquPWCvJ8V3AaHDeSQa0GzXA44NeM1 2PLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:subject:to:cc:references:in-reply-to :mime-version:message-id:content-transfer-encoding; bh=t/G8ts/OsTfzZ2YcjxToq7b0TvLbNV1D7hhxkpokyx8=; b=Ea4fuT/St+RDH1U0/Z1fhACU0DlQ4wDSQ1BHMb2sO/6ZvmLUkIR7n1kPhJHIq1yl31 PfFwqphXfvnTw9K0myYSHgq+UrzD92qGqrs8Xz6RSPf1A+JUffQLHDcI57iKcOeq5KAJ NdP7CRjw0Vy8tVAoT0+aIiyrs6Db+e0mtiZpGNHK/eBapm3wgkQb1w56ZVdW0kaDx+OC cDtfDFojrfGSVF7t6D+haydNKtALc0TFj5dwFikZbgi+yUScfpa4KeHuEh42sRrqUCNO Z6QFPLPpihtTVv8EgnMaE5oJxk7LMwdr4f6wi04rGMtNHAckIHimAdKFhgTSQQuPblRJ rnTQ== X-Gm-Message-State: AOAM5300Y+yrSoSmRu6yK5cRmJXVDRvk+D7vTHAKwvVDakAP27ODmKoP oUku4tMSfx+vGPB+7dBLNfk= X-Received: by 2002:a17:902:860b:b029:ef:46b8:886e with SMTP id f11-20020a170902860bb02900ef46b8886emr34068937plo.18.1622694098100; Wed, 02 Jun 2021 21:21:38 -0700 (PDT) Received: from localhost (60-242-147-73.tpgi.com.au. [60.242.147.73]) by smtp.gmail.com with ESMTPSA id n72sm959106pfd.8.2021.06.02.21.21.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Jun 2021 21:21:37 -0700 (PDT) Date: Thu, 03 Jun 2021 14:21:32 +1000 From: Nicholas Piggin Subject: Re: [PATCH v4 04/16] powerpc/vas: Create take/drop pid and mm references To: Haren Myneni , herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, mpe@ellerman.id.au Cc: haren@us.ibm.com, hbabu@us.ibm.com References: <8d219c0816133a8643d650709066cf04c9c77322.camel@linux.ibm.com> <16a319614a7ab4ce843f42a49c3ecf68ed03dd36.camel@linux.ibm.com> In-Reply-To: <16a319614a7ab4ce843f42a49c3ecf68ed03dd36.camel@linux.ibm.com> MIME-Version: 1.0 Message-Id: <1622693213.hz0uqko6dk.astroid@bobo.none> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Excerpts from Haren Myneni's message of May 21, 2021 7:31 pm: >=20 > Take pid and mm references when each window opens and drops during > close. This functionality is needed for powerNV and pseries. So > this patch defines the existing code as functions in common book3s > platform vas-api.c >=20 > Signed-off-by: Haren Myneni Seems like a good idea to put these into their own helper functions. > --- > arch/powerpc/include/asm/vas.h | 25 +++++++++ > arch/powerpc/platforms/book3s/vas-api.c | 51 ++++++++++++++++++ > arch/powerpc/platforms/powernv/vas-fault.c | 10 ++-- > arch/powerpc/platforms/powernv/vas-window.c | 57 ++------------------- > arch/powerpc/platforms/powernv/vas.h | 6 +-- > 5 files changed, 88 insertions(+), 61 deletions(-) >=20 > diff --git a/arch/powerpc/include/asm/vas.h b/arch/powerpc/include/asm/va= s.h > index 668303198772..3f2b02461a76 100644 > --- a/arch/powerpc/include/asm/vas.h > +++ b/arch/powerpc/include/asm/vas.h > @@ -5,6 +5,9 @@ > =20 > #ifndef _ASM_POWERPC_VAS_H > #define _ASM_POWERPC_VAS_H > +#include > +#include > +#include > #include > =20 > struct vas_window; > @@ -49,6 +52,17 @@ enum vas_cop_type { > VAS_COP_TYPE_MAX, > }; > =20 > +/* > + * User space VAS windows are opened by tasks and take references > + * to pid and mm until windows are closed. > + * Stores pid, mm, and tgid for each window. > + */ > +struct vas_user_win_ref { > + struct pid *pid; /* PID of owner */ > + struct pid *tgid; /* Thread group ID of owner */ > + struct mm_struct *mm; /* Linux process mm_struct */ > +}; > + > /* > * User space window operations used for powernv and powerVM > */ > @@ -59,6 +73,16 @@ struct vas_user_win_ops { > int (*close_win)(void *); > }; > =20 > +static inline void vas_drop_reference_pid_mm(struct vas_user_win_ref *re= f) > +{ > + /* Drop references to pid and mm */ > + put_pid(ref->pid); > + if (ref->mm) { > + mm_context_remove_vas_window(ref->mm); > + mmdrop(ref->mm); > + } > +} You don't have to make up a new name for such a thing because you=20 already have one put_vas_user_win_ref(struct vas_user_win_ref *ref) > + > /* > * Receive window attributes specified by the (in-kernel) owner of windo= w. > */ > @@ -192,4 +216,5 @@ int vas_register_coproc_api(struct module *mod, enum = vas_cop_type cop_type, > struct vas_user_win_ops *vops); > void vas_unregister_coproc_api(void); > =20 > +int vas_reference_pid_mm(struct vas_user_win_ref *task_ref); > #endif /* __ASM_POWERPC_VAS_H */ > diff --git a/arch/powerpc/platforms/book3s/vas-api.c b/arch/powerpc/platf= orms/book3s/vas-api.c > index 6c39320bfb9b..a0141bfb2e4b 100644 > --- a/arch/powerpc/platforms/book3s/vas-api.c > +++ b/arch/powerpc/platforms/book3s/vas-api.c > @@ -55,6 +55,57 @@ static char *coproc_devnode(struct device *dev, umode_= t *mode) > return kasprintf(GFP_KERNEL, "crypto/%s", dev_name(dev)); > } > =20 > +/* > + * Take reference to pid and mm > + */ > +int vas_reference_pid_mm(struct vas_user_win_ref *task_ref) > +{ So this is quite different from a typical refcount object in that it's=20 opening it for access as well. I would split it in two functions, one matching put_vas_user_win_ref() and appearing in the same place in code, which is up to about mmput and another function that adds the window and does the CP_ABORT etc... hmm, where do you release tgid? Thanks, Nick > + /* > + * Window opened by a child thread may not be closed when > + * it exits. So take reference to its pid and release it > + * when the window is free by parent thread. > + * Acquire a reference to the task's pid to make sure > + * pid will not be re-used - needed only for multithread > + * applications. > + */ > + task_ref->pid =3D get_task_pid(current, PIDTYPE_PID); > + /* > + * Acquire a reference to the task's mm. > + */ > + task_ref->mm =3D get_task_mm(current); > + if (!task_ref->mm) { > + put_pid(task_ref->pid); > + pr_err("VAS: pid(%d): mm_struct is not found\n", > + current->pid); > + return -EPERM; > + } > + > + mmgrab(task_ref->mm); > + mmput(task_ref->mm); > + mm_context_add_vas_window(task_ref->mm); > + /* > + * Process closes window during exit. In the case of > + * multithread application, the child thread can open > + * window and can exit without closing it. Expects parent > + * thread to use and close the window. So do not need > + * to take pid reference for parent thread. > + */ > + task_ref->tgid =3D find_get_pid(task_tgid_vnr(current)); > + /* > + * Even a process that has no foreign real address mapping can > + * use an unpaired COPY instruction (to no real effect). Issue > + * CP_ABORT to clear any pending COPY and prevent a covert > + * channel. > + * > + * __switch_to() will issue CP_ABORT on future context switches > + * if process / thread has any open VAS window (Use > + * current->mm->context.vas_windows). > + */ > + asm volatile(PPC_CP_ABORT); > + > + return 0; > +} > + > static int coproc_open(struct inode *inode, struct file *fp) > { > struct coproc_instance *cp_inst; > diff --git a/arch/powerpc/platforms/powernv/vas-fault.c b/arch/powerpc/pl= atforms/powernv/vas-fault.c > index 3d21fce254b7..ac3a71ec3bd5 100644 > --- a/arch/powerpc/platforms/powernv/vas-fault.c > +++ b/arch/powerpc/platforms/powernv/vas-fault.c > @@ -73,7 +73,7 @@ static void update_csb(struct vas_window *window, > * NX user space windows can not be opened for task->mm=3DNULL > * and faults will not be generated for kernel requests. > */ > - if (WARN_ON_ONCE(!window->mm || !window->user_win)) > + if (WARN_ON_ONCE(!window->task_ref.mm || !window->user_win)) > return; > =20 > csb_addr =3D (void __user *)be64_to_cpu(crb->csb_addr); > @@ -92,7 +92,7 @@ static void update_csb(struct vas_window *window, > csb.address =3D crb->stamp.nx.fault_storage_addr; > csb.flags =3D 0; > =20 > - pid =3D window->pid; > + pid =3D window->task_ref.pid; > tsk =3D get_pid_task(pid, PIDTYPE_PID); > /* > * Process closes send window after all pending NX requests are > @@ -111,7 +111,7 @@ static void update_csb(struct vas_window *window, > * a window and exits without closing it. > */ > if (!tsk) { > - pid =3D window->tgid; > + pid =3D window->task_ref.tgid; > tsk =3D get_pid_task(pid, PIDTYPE_PID); > /* > * Parent thread (tgid) will be closing window when it > @@ -127,7 +127,7 @@ static void update_csb(struct vas_window *window, > return; > } > =20 > - kthread_use_mm(window->mm); > + kthread_use_mm(window->task_ref.mm); > rc =3D copy_to_user(csb_addr, &csb, sizeof(csb)); > /* > * User space polls on csb.flags (first byte). So add barrier > @@ -139,7 +139,7 @@ static void update_csb(struct vas_window *window, > smp_mb(); > rc =3D copy_to_user(csb_addr, &csb, sizeof(u8)); > } > - kthread_unuse_mm(window->mm); > + kthread_unuse_mm(window->task_ref.mm); > put_task_struct(tsk); > =20 > /* Success */ > diff --git a/arch/powerpc/platforms/powernv/vas-window.c b/arch/powerpc/p= latforms/powernv/vas-window.c > index 3ccd3edcaf1a..ffd619e5a218 100644 > --- a/arch/powerpc/platforms/powernv/vas-window.c > +++ b/arch/powerpc/platforms/powernv/vas-window.c > @@ -1065,51 +1065,9 @@ struct vas_window *vas_tx_win_open(int vasid, enum= vas_cop_type cop, > rc =3D -ENODEV; > goto free_window; > } > - > - /* > - * Window opened by a child thread may not be closed when > - * it exits. So take reference to its pid and release it > - * when the window is free by parent thread. > - * Acquire a reference to the task's pid to make sure > - * pid will not be re-used - needed only for multithread > - * applications. > - */ > - txwin->pid =3D get_task_pid(current, PIDTYPE_PID); > - /* > - * Acquire a reference to the task's mm. > - */ > - txwin->mm =3D get_task_mm(current); > - > - if (!txwin->mm) { > - put_pid(txwin->pid); > - pr_err("VAS: pid(%d): mm_struct is not found\n", > - current->pid); > - rc =3D -EPERM; > + rc =3D vas_reference_pid_mm(&txwin->task_ref); > + if (rc) > goto free_window; > - } > - > - mmgrab(txwin->mm); > - mmput(txwin->mm); > - mm_context_add_vas_window(txwin->mm); > - /* > - * Process closes window during exit. In the case of > - * multithread application, the child thread can open > - * window and can exit without closing it. Expects parent > - * thread to use and close the window. So do not need > - * to take pid reference for parent thread. > - */ > - txwin->tgid =3D find_get_pid(task_tgid_vnr(current)); > - /* > - * Even a process that has no foreign real address mapping can > - * use an unpaired COPY instruction (to no real effect). Issue > - * CP_ABORT to clear any pending COPY and prevent a covert > - * channel. > - * > - * __switch_to() will issue CP_ABORT on future context switches > - * if process / thread has any open VAS window (Use > - * current->mm->context.vas_windows). > - */ > - asm volatile(PPC_CP_ABORT); > } > =20 > set_vinst_win(vinst, txwin); > @@ -1339,14 +1297,9 @@ int vas_win_close(struct vas_window *window) > =20 > /* if send window, drop reference to matching receive window */ > if (window->tx_win) { > - if (window->user_win) { > - /* Drop references to pid and mm */ > - put_pid(window->pid); > - if (window->mm) { > - mm_context_remove_vas_window(window->mm); > - mmdrop(window->mm); > - } > - } > + if (window->user_win) > + vas_drop_reference_pid_mm(&window->task_ref); > + > put_rx_win(window->rxwin); > } > =20 > diff --git a/arch/powerpc/platforms/powernv/vas.h b/arch/powerpc/platform= s/powernv/vas.h > index c7db3190baca..f354dd5c51bd 100644 > --- a/arch/powerpc/platforms/powernv/vas.h > +++ b/arch/powerpc/platforms/powernv/vas.h > @@ -357,11 +357,9 @@ struct vas_window { > bool user_win; /* True if user space window */ > void *hvwc_map; /* HV window context */ > void *uwc_map; /* OS/User window context */ > - struct pid *pid; /* Linux process id of owner */ > - struct pid *tgid; /* Thread group ID of owner */ > - struct mm_struct *mm; /* Linux process mm_struct */ > int wcreds_max; /* Window credits */ > =20 > + struct vas_user_win_ref task_ref; > char *dbgname; > struct dentry *dbgdir; > =20 > @@ -443,7 +441,7 @@ extern void vas_win_paste_addr(struct vas_window *win= dow, u64 *addr, > =20 > static inline int vas_window_pid(struct vas_window *window) > { > - return pid_vnr(window->pid); > + return pid_vnr(window->task_ref.pid); > } > =20 > static inline void vas_log_write(struct vas_window *win, char *name, > --=20 > 2.18.2 >=20 >=20 >=20