From: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
To: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: Thomas Gleixner <tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>,
"H . Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>,
Toshi Kani <toshi.kani-VXdhtT5mjnY@public.gmane.org>,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Sai Praneeth Prakhya
<sai.praneeth.prakhya-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
Dave Hansen <dave.hansen-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
Borislav Petkov <bp-l3A5Bk7waGM@public.gmane.org>
Subject: Re: [PATCH v2 1/5] x86/mm/pageattr: Ensure cpa->pfn only contains page frame numbers
Date: Fri, 20 Nov 2015 12:01:29 +0000 [thread overview]
Message-ID: <20151120120129.GA2608@codeblueprint.co.uk> (raw)
In-Reply-To: <20151118081423.GA23844-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
On Wed, 18 Nov, at 09:14:23AM, Ingo Molnar wrote:
>
> * Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org> wrote:
>
> > > > + npages = (_end - _text) >> PAGE_SHIFT;
> > >
> > > You really need to PFN_ALIGN _end and _text. Has been wrong in the
> > > existing code as well.
> >
> > Hmm... very good point.
>
> So I think we should instead guarantee that _end and _text are page aligned.
>
> _text is already page aligned:
>
> SECTIONS
> {
> #ifdef CONFIG_X86_32
> . = LOAD_OFFSET + LOAD_PHYSICAL_ADDR;
> phys_startup_32 = startup_32 - LOAD_OFFSET;
> #else
> . = __START_KERNEL;
> phys_startup_64 = startup_64 - LOAD_OFFSET;
> #endif
>
> /* Text and read-only data */
> .text : AT(ADDR(.text) - LOAD_OFFSET) {
> _text = .;
>
> The reason for aligning _end as well is that we already page-align the BSS and BRK
> sections of the kernel and its various section boundary symbols:
>
> /* BSS */
> . = ALIGN(PAGE_SIZE);
> .bss : AT(ADDR(.bss) - LOAD_OFFSET) {
> __bss_start = .;
> *(.bss..page_aligned)
> *(.bss)
> . = ALIGN(PAGE_SIZE);
> __bss_stop = .;
> }
>
> . = ALIGN(PAGE_SIZE);
> .brk : AT(ADDR(.brk) - LOAD_OFFSET) {
> __brk_base = .;
> . += 64 * 1024; /* 64k alignment slop space */
> *(.brk_reservation) /* areas brk users have reserved */
> __brk_limit = .;
> }
>
> _end = .;
>
> STABS_DEBUG
> DWARF_DEBUG
>
> _end is the only odd one out, so we should align it as well - because it's easy to
> make such pfn conversion bugs.
FWIW, I saw no changes in either 32-bit or 64-bit vmlinux size when
building with the following patch, so it seems like a pretty easy win,
---
>From 25ad518fa52e589f110376ae06e42fb20b3e4188 Mon Sep 17 00:00:00 2001
From: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
Date: Fri, 20 Nov 2015 11:46:11 +0000
Subject: [PATCH] x86: Page align _end to avoid pfn conversion bugs
Ingo noted that if we can guarantee _end is aligned to PAGE_SIZE we
can automatically avoid bugs along the lines of,
size = _end - _text >> PAGE_SHIFT
which is missing a call to PFN_ALIGN(). The EFI mixed mode contains
this bug, for example.
_text is already aligned to PAGE_SIZE through the use of
LOAD_PHYSICAL_ADDR, and the BSS and BRK sections are explicitly
aligned in the linker script, so it makes sense to align _end to
match.
Reported-by: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: Thomas Gleixner <tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>
Cc: "H . Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
Cc: Toshi Kani <toshi.kani-VXdhtT5mjnY@public.gmane.org>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
Cc: Dave Hansen <dave.hansen-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
Cc: Borislav Petkov <bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org>
Signed-off-by: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
---
arch/x86/kernel/vmlinux.lds.S | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index 74e4bf11f562..4f1994257a18 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -325,6 +325,7 @@ SECTIONS
__brk_limit = .;
}
+ . = ALIGN(PAGE_SIZE);
_end = .;
STABS_DEBUG
--
2.6.2
WARNING: multiple messages have this Message-ID (diff)
From: Matt Fleming <matt@codeblueprint.co.uk>
To: Ingo Molnar <mingo@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
"H . Peter Anvin" <hpa@zytor.com>, Toshi Kani <toshi.kani@hp.com>,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org,
Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>,
Dave Hansen <dave.hansen@intel.com>, Borislav Petkov <bp@suse.de>
Subject: Re: [PATCH v2 1/5] x86/mm/pageattr: Ensure cpa->pfn only contains page frame numbers
Date: Fri, 20 Nov 2015 12:01:29 +0000 [thread overview]
Message-ID: <20151120120129.GA2608@codeblueprint.co.uk> (raw)
In-Reply-To: <20151118081423.GA23844@gmail.com>
On Wed, 18 Nov, at 09:14:23AM, Ingo Molnar wrote:
>
> * Matt Fleming <matt@codeblueprint.co.uk> wrote:
>
> > > > + npages = (_end - _text) >> PAGE_SHIFT;
> > >
> > > You really need to PFN_ALIGN _end and _text. Has been wrong in the
> > > existing code as well.
> >
> > Hmm... very good point.
>
> So I think we should instead guarantee that _end and _text are page aligned.
>
> _text is already page aligned:
>
> SECTIONS
> {
> #ifdef CONFIG_X86_32
> . = LOAD_OFFSET + LOAD_PHYSICAL_ADDR;
> phys_startup_32 = startup_32 - LOAD_OFFSET;
> #else
> . = __START_KERNEL;
> phys_startup_64 = startup_64 - LOAD_OFFSET;
> #endif
>
> /* Text and read-only data */
> .text : AT(ADDR(.text) - LOAD_OFFSET) {
> _text = .;
>
> The reason for aligning _end as well is that we already page-align the BSS and BRK
> sections of the kernel and its various section boundary symbols:
>
> /* BSS */
> . = ALIGN(PAGE_SIZE);
> .bss : AT(ADDR(.bss) - LOAD_OFFSET) {
> __bss_start = .;
> *(.bss..page_aligned)
> *(.bss)
> . = ALIGN(PAGE_SIZE);
> __bss_stop = .;
> }
>
> . = ALIGN(PAGE_SIZE);
> .brk : AT(ADDR(.brk) - LOAD_OFFSET) {
> __brk_base = .;
> . += 64 * 1024; /* 64k alignment slop space */
> *(.brk_reservation) /* areas brk users have reserved */
> __brk_limit = .;
> }
>
> _end = .;
>
> STABS_DEBUG
> DWARF_DEBUG
>
> _end is the only odd one out, so we should align it as well - because it's easy to
> make such pfn conversion bugs.
FWIW, I saw no changes in either 32-bit or 64-bit vmlinux size when
building with the following patch, so it seems like a pretty easy win,
---
>From 25ad518fa52e589f110376ae06e42fb20b3e4188 Mon Sep 17 00:00:00 2001
From: Matt Fleming <matt@codeblueprint.co.uk>
Date: Fri, 20 Nov 2015 11:46:11 +0000
Subject: [PATCH] x86: Page align _end to avoid pfn conversion bugs
Ingo noted that if we can guarantee _end is aligned to PAGE_SIZE we
can automatically avoid bugs along the lines of,
size = _end - _text >> PAGE_SHIFT
which is missing a call to PFN_ALIGN(). The EFI mixed mode contains
this bug, for example.
_text is already aligned to PAGE_SIZE through the use of
LOAD_PHYSICAL_ADDR, and the BSS and BRK sections are explicitly
aligned in the linker script, so it makes sense to align _end to
match.
Reported-by: Ingo Molnar <mingo@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "H . Peter Anvin" <hpa@zytor.com>
Cc: Toshi Kani <toshi.kani@hp.com>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
---
arch/x86/kernel/vmlinux.lds.S | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index 74e4bf11f562..4f1994257a18 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -325,6 +325,7 @@ SECTIONS
__brk_limit = .;
}
+ . = ALIGN(PAGE_SIZE);
_end = .;
STABS_DEBUG
--
2.6.2
next prev parent reply other threads:[~2015-11-20 12:01 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-14 22:00 [GIT PULL v2 0/5] EFI page table isolation Matt Fleming
2015-11-14 22:00 ` Matt Fleming
[not found] ` <1447538451-5793-1-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-14 22:00 ` [PATCH v2 1/5] x86/mm/pageattr: Ensure cpa->pfn only contains page frame numbers Matt Fleming
2015-11-14 22:00 ` Matt Fleming
[not found] ` <1447538451-5793-2-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-16 15:56 ` Dave Hansen
2015-11-16 15:56 ` Dave Hansen
[not found] ` <5649FCA1.1000600-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2015-11-17 9:44 ` Matt Fleming
2015-11-17 9:44 ` Matt Fleming
2015-11-16 20:19 ` Thomas Gleixner
2015-11-16 20:19 ` Thomas Gleixner
2015-11-16 21:20 ` Borislav Petkov
[not found] ` <20151116212042.GE20435-fF5Pk5pvG8Y@public.gmane.org>
2015-11-16 21:48 ` Thomas Gleixner
2015-11-16 21:48 ` Thomas Gleixner
2015-11-17 8:50 ` Thomas Gleixner
2015-11-17 8:50 ` Thomas Gleixner
2015-11-17 9:45 ` Matt Fleming
2015-11-17 9:45 ` Matt Fleming
[not found] ` <20151117094509.GB2727-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-18 8:14 ` Ingo Molnar
2015-11-18 8:14 ` Ingo Molnar
[not found] ` <20151118081423.GA23844-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-11-20 12:01 ` Matt Fleming [this message]
2015-11-20 12:01 ` Matt Fleming
2015-11-14 22:00 ` [PATCH 2/5] x86/efi: Map RAM into the identity page table for mixed mode Matt Fleming
2015-11-14 22:00 ` Matt Fleming
2015-11-14 22:00 ` [PATCH v2 3/5] x86/efi: Hoist page table switching code into efi_call_virt() Matt Fleming
2015-11-14 22:00 ` Matt Fleming
2015-11-14 22:00 ` [PATCH v2 4/5] x86/efi: Build our own page table structures Matt Fleming
2015-11-14 22:00 ` Matt Fleming
2015-11-14 22:00 ` [PATCH 5/5] Documentation/x86: Update EFI memory region description Matt Fleming
2015-11-14 22:00 ` Matt Fleming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151120120129.GA2608@codeblueprint.co.uk \
--to=matt-mf/unelci9gs6ibeejttw/xrex20p6io@public.gmane.org \
--cc=bp-l3A5Bk7waGM@public.gmane.org \
--cc=dave.hansen-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=sai.praneeth.prakhya-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org \
--cc=toshi.kani-VXdhtT5mjnY@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.