From: Tycho Andersen <tycho@docker.com>
To: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org, kernel-hardening@lists.openwall.com,
Marco Benatto <marco.antonio.780@gmail.com>,
Juerg Haefliger <juerg.haefliger@canonical.com>,
linux-arm-kernel@lists.infradead.org,
Tycho Andersen <tycho@docker.com>
Subject: [kernel-hardening] [PATCH v6 08/11] arm64/mm: Add support for XPFO to swiotlb
Date: Thu, 7 Sep 2017 11:36:06 -0600 [thread overview]
Message-ID: <20170907173609.22696-9-tycho@docker.com> (raw)
In-Reply-To: <20170907173609.22696-1-tycho@docker.com>
From: Juerg Haefliger <juerg.haefliger@canonical.com>
Pages that are unmapped by XPFO need to be mapped before and unmapped
again after (to restore the original state) the __dma_{map,unmap}_area()
operations to prevent fatal page faults.
v6: * use the hoisted out temporary mapping code instead
CC: linux-arm-kernel@lists.infradead.org
Signed-off-by: Juerg Haefliger <juerg.haefliger@canonical.com>
Signed-off-by: Tycho Andersen <tycho@docker.com>
---
arch/arm64/include/asm/cacheflush.h | 11 +++++++++++
arch/arm64/mm/dma-mapping.c | 32 ++++++++++++++++----------------
arch/arm64/mm/xpfo.c | 18 ++++++++++++++++++
include/linux/xpfo.h | 2 ++
4 files changed, 47 insertions(+), 16 deletions(-)
diff --git a/arch/arm64/include/asm/cacheflush.h b/arch/arm64/include/asm/cacheflush.h
index d74a284abdc2..b6a462e3b2f9 100644
--- a/arch/arm64/include/asm/cacheflush.h
+++ b/arch/arm64/include/asm/cacheflush.h
@@ -93,6 +93,17 @@ extern void __dma_map_area(const void *, size_t, int);
extern void __dma_unmap_area(const void *, size_t, int);
extern void __dma_flush_area(const void *, size_t);
+#ifdef CONFIG_XPFO
+#include <linux/xpfo.h>
+#define _dma_map_area(addr, size, dir) \
+ xpfo_dma_map_unmap_area(true, addr, size, dir)
+#define _dma_unmap_area(addr, size, dir) \
+ xpfo_dma_map_unmap_area(false, addr, size, dir)
+#else
+#define _dma_map_area(addr, size, dir) __dma_map_area(addr, size, dir)
+#define _dma_unmap_area(addr, size, dir) __dma_unmap_area(addr, size, dir)
+#endif
+
/*
* Copy user data from/to a page which is mapped into a different
* processes address space. Really, we want to allow our "user
diff --git a/arch/arm64/mm/dma-mapping.c b/arch/arm64/mm/dma-mapping.c
index f27d4dd04384..a79f200786ab 100644
--- a/arch/arm64/mm/dma-mapping.c
+++ b/arch/arm64/mm/dma-mapping.c
@@ -204,7 +204,7 @@ static dma_addr_t __swiotlb_map_page(struct device *dev, struct page *page,
dev_addr = swiotlb_map_page(dev, page, offset, size, dir, attrs);
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
return dev_addr;
}
@@ -216,7 +216,7 @@ static void __swiotlb_unmap_page(struct device *dev, dma_addr_t dev_addr,
{
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
swiotlb_unmap_page(dev, dev_addr, size, dir, attrs);
}
@@ -231,8 +231,8 @@ static int __swiotlb_map_sg_attrs(struct device *dev, struct scatterlist *sgl,
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
for_each_sg(sgl, sg, ret, i)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
return ret;
}
@@ -248,8 +248,8 @@ static void __swiotlb_unmap_sg_attrs(struct device *dev,
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
swiotlb_unmap_sg_attrs(dev, sgl, nelems, dir, attrs);
}
@@ -258,7 +258,7 @@ static void __swiotlb_sync_single_for_cpu(struct device *dev,
enum dma_data_direction dir)
{
if (!is_device_dma_coherent(dev))
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
swiotlb_sync_single_for_cpu(dev, dev_addr, size, dir);
}
@@ -268,7 +268,7 @@ static void __swiotlb_sync_single_for_device(struct device *dev,
{
swiotlb_sync_single_for_device(dev, dev_addr, size, dir);
if (!is_device_dma_coherent(dev))
- __dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
}
static void __swiotlb_sync_sg_for_cpu(struct device *dev,
@@ -280,8 +280,8 @@ static void __swiotlb_sync_sg_for_cpu(struct device *dev,
if (!is_device_dma_coherent(dev))
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
swiotlb_sync_sg_for_cpu(dev, sgl, nelems, dir);
}
@@ -295,8 +295,8 @@ static void __swiotlb_sync_sg_for_device(struct device *dev,
swiotlb_sync_sg_for_device(dev, sgl, nelems, dir);
if (!is_device_dma_coherent(dev))
for_each_sg(sgl, sg, nelems, i)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
}
static int __swiotlb_mmap_pfn(struct vm_area_struct *vma,
@@ -758,7 +758,7 @@ static void __iommu_sync_single_for_cpu(struct device *dev,
return;
phys = iommu_iova_to_phys(iommu_get_domain_for_dev(dev), dev_addr);
- __dma_unmap_area(phys_to_virt(phys), size, dir);
+ _dma_unmap_area(phys_to_virt(phys), size, dir);
}
static void __iommu_sync_single_for_device(struct device *dev,
@@ -771,7 +771,7 @@ static void __iommu_sync_single_for_device(struct device *dev,
return;
phys = iommu_iova_to_phys(iommu_get_domain_for_dev(dev), dev_addr);
- __dma_map_area(phys_to_virt(phys), size, dir);
+ _dma_map_area(phys_to_virt(phys), size, dir);
}
static dma_addr_t __iommu_map_page(struct device *dev, struct page *page,
@@ -811,7 +811,7 @@ static void __iommu_sync_sg_for_cpu(struct device *dev,
return;
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(sg_virt(sg), sg->length, dir);
+ _dma_unmap_area(sg_virt(sg), sg->length, dir);
}
static void __iommu_sync_sg_for_device(struct device *dev,
@@ -825,7 +825,7 @@ static void __iommu_sync_sg_for_device(struct device *dev,
return;
for_each_sg(sgl, sg, nelems, i)
- __dma_map_area(sg_virt(sg), sg->length, dir);
+ _dma_map_area(sg_virt(sg), sg->length, dir);
}
static int __iommu_map_sg_attrs(struct device *dev, struct scatterlist *sgl,
diff --git a/arch/arm64/mm/xpfo.c b/arch/arm64/mm/xpfo.c
index 678e2be848eb..342a9ccb93c1 100644
--- a/arch/arm64/mm/xpfo.c
+++ b/arch/arm64/mm/xpfo.c
@@ -11,8 +11,10 @@
* the Free Software Foundation.
*/
+#include <linux/highmem.h>
#include <linux/mm.h>
#include <linux/module.h>
+#include <linux/xpfo.h>
#include <asm/tlbflush.h>
@@ -56,3 +58,19 @@ inline void xpfo_flush_kernel_tlb(struct page *page, int order)
flush_tlb_kernel_range(kaddr, kaddr + (1 << order) * size);
}
+
+void xpfo_dma_map_unmap_area(bool map, const void *addr, size_t size,
+ enum dma_data_direction dir)
+{
+ unsigned long num_pages = XPFO_NUM_PAGES(addr, size);
+ void *mapping[num_pages];
+
+ xpfo_temp_map(addr, size, mapping, sizeof(mapping[0]) * num_pages);
+
+ if (map)
+ __dma_map_area(addr, size, dir);
+ else
+ __dma_unmap_area(addr, size, dir);
+
+ xpfo_temp_unmap(addr, size, mapping, sizeof(mapping[0]) * num_pages);
+}
diff --git a/include/linux/xpfo.h b/include/linux/xpfo.h
index 304b104ec637..d37a06c9d62c 100644
--- a/include/linux/xpfo.h
+++ b/include/linux/xpfo.h
@@ -18,6 +18,8 @@
#ifdef CONFIG_XPFO
+#include <linux/dma-mapping.h>
+
extern struct page_ext_operations page_xpfo_ops;
void set_kpte(void *kaddr, struct page *page, pgprot_t prot);
--
2.11.0
WARNING: multiple messages have this Message-ID (diff)
From: tycho@docker.com (Tycho Andersen)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v6 08/11] arm64/mm: Add support for XPFO to swiotlb
Date: Thu, 7 Sep 2017 11:36:06 -0600 [thread overview]
Message-ID: <20170907173609.22696-9-tycho@docker.com> (raw)
In-Reply-To: <20170907173609.22696-1-tycho@docker.com>
From: Juerg Haefliger <juerg.haefliger@canonical.com>
Pages that are unmapped by XPFO need to be mapped before and unmapped
again after (to restore the original state) the __dma_{map,unmap}_area()
operations to prevent fatal page faults.
v6: * use the hoisted out temporary mapping code instead
CC: linux-arm-kernel at lists.infradead.org
Signed-off-by: Juerg Haefliger <juerg.haefliger@canonical.com>
Signed-off-by: Tycho Andersen <tycho@docker.com>
---
arch/arm64/include/asm/cacheflush.h | 11 +++++++++++
arch/arm64/mm/dma-mapping.c | 32 ++++++++++++++++----------------
arch/arm64/mm/xpfo.c | 18 ++++++++++++++++++
include/linux/xpfo.h | 2 ++
4 files changed, 47 insertions(+), 16 deletions(-)
diff --git a/arch/arm64/include/asm/cacheflush.h b/arch/arm64/include/asm/cacheflush.h
index d74a284abdc2..b6a462e3b2f9 100644
--- a/arch/arm64/include/asm/cacheflush.h
+++ b/arch/arm64/include/asm/cacheflush.h
@@ -93,6 +93,17 @@ extern void __dma_map_area(const void *, size_t, int);
extern void __dma_unmap_area(const void *, size_t, int);
extern void __dma_flush_area(const void *, size_t);
+#ifdef CONFIG_XPFO
+#include <linux/xpfo.h>
+#define _dma_map_area(addr, size, dir) \
+ xpfo_dma_map_unmap_area(true, addr, size, dir)
+#define _dma_unmap_area(addr, size, dir) \
+ xpfo_dma_map_unmap_area(false, addr, size, dir)
+#else
+#define _dma_map_area(addr, size, dir) __dma_map_area(addr, size, dir)
+#define _dma_unmap_area(addr, size, dir) __dma_unmap_area(addr, size, dir)
+#endif
+
/*
* Copy user data from/to a page which is mapped into a different
* processes address space. Really, we want to allow our "user
diff --git a/arch/arm64/mm/dma-mapping.c b/arch/arm64/mm/dma-mapping.c
index f27d4dd04384..a79f200786ab 100644
--- a/arch/arm64/mm/dma-mapping.c
+++ b/arch/arm64/mm/dma-mapping.c
@@ -204,7 +204,7 @@ static dma_addr_t __swiotlb_map_page(struct device *dev, struct page *page,
dev_addr = swiotlb_map_page(dev, page, offset, size, dir, attrs);
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
return dev_addr;
}
@@ -216,7 +216,7 @@ static void __swiotlb_unmap_page(struct device *dev, dma_addr_t dev_addr,
{
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
swiotlb_unmap_page(dev, dev_addr, size, dir, attrs);
}
@@ -231,8 +231,8 @@ static int __swiotlb_map_sg_attrs(struct device *dev, struct scatterlist *sgl,
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
for_each_sg(sgl, sg, ret, i)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
return ret;
}
@@ -248,8 +248,8 @@ static void __swiotlb_unmap_sg_attrs(struct device *dev,
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
swiotlb_unmap_sg_attrs(dev, sgl, nelems, dir, attrs);
}
@@ -258,7 +258,7 @@ static void __swiotlb_sync_single_for_cpu(struct device *dev,
enum dma_data_direction dir)
{
if (!is_device_dma_coherent(dev))
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
swiotlb_sync_single_for_cpu(dev, dev_addr, size, dir);
}
@@ -268,7 +268,7 @@ static void __swiotlb_sync_single_for_device(struct device *dev,
{
swiotlb_sync_single_for_device(dev, dev_addr, size, dir);
if (!is_device_dma_coherent(dev))
- __dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
}
static void __swiotlb_sync_sg_for_cpu(struct device *dev,
@@ -280,8 +280,8 @@ static void __swiotlb_sync_sg_for_cpu(struct device *dev,
if (!is_device_dma_coherent(dev))
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
swiotlb_sync_sg_for_cpu(dev, sgl, nelems, dir);
}
@@ -295,8 +295,8 @@ static void __swiotlb_sync_sg_for_device(struct device *dev,
swiotlb_sync_sg_for_device(dev, sgl, nelems, dir);
if (!is_device_dma_coherent(dev))
for_each_sg(sgl, sg, nelems, i)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
}
static int __swiotlb_mmap_pfn(struct vm_area_struct *vma,
@@ -758,7 +758,7 @@ static void __iommu_sync_single_for_cpu(struct device *dev,
return;
phys = iommu_iova_to_phys(iommu_get_domain_for_dev(dev), dev_addr);
- __dma_unmap_area(phys_to_virt(phys), size, dir);
+ _dma_unmap_area(phys_to_virt(phys), size, dir);
}
static void __iommu_sync_single_for_device(struct device *dev,
@@ -771,7 +771,7 @@ static void __iommu_sync_single_for_device(struct device *dev,
return;
phys = iommu_iova_to_phys(iommu_get_domain_for_dev(dev), dev_addr);
- __dma_map_area(phys_to_virt(phys), size, dir);
+ _dma_map_area(phys_to_virt(phys), size, dir);
}
static dma_addr_t __iommu_map_page(struct device *dev, struct page *page,
@@ -811,7 +811,7 @@ static void __iommu_sync_sg_for_cpu(struct device *dev,
return;
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(sg_virt(sg), sg->length, dir);
+ _dma_unmap_area(sg_virt(sg), sg->length, dir);
}
static void __iommu_sync_sg_for_device(struct device *dev,
@@ -825,7 +825,7 @@ static void __iommu_sync_sg_for_device(struct device *dev,
return;
for_each_sg(sgl, sg, nelems, i)
- __dma_map_area(sg_virt(sg), sg->length, dir);
+ _dma_map_area(sg_virt(sg), sg->length, dir);
}
static int __iommu_map_sg_attrs(struct device *dev, struct scatterlist *sgl,
diff --git a/arch/arm64/mm/xpfo.c b/arch/arm64/mm/xpfo.c
index 678e2be848eb..342a9ccb93c1 100644
--- a/arch/arm64/mm/xpfo.c
+++ b/arch/arm64/mm/xpfo.c
@@ -11,8 +11,10 @@
* the Free Software Foundation.
*/
+#include <linux/highmem.h>
#include <linux/mm.h>
#include <linux/module.h>
+#include <linux/xpfo.h>
#include <asm/tlbflush.h>
@@ -56,3 +58,19 @@ inline void xpfo_flush_kernel_tlb(struct page *page, int order)
flush_tlb_kernel_range(kaddr, kaddr + (1 << order) * size);
}
+
+void xpfo_dma_map_unmap_area(bool map, const void *addr, size_t size,
+ enum dma_data_direction dir)
+{
+ unsigned long num_pages = XPFO_NUM_PAGES(addr, size);
+ void *mapping[num_pages];
+
+ xpfo_temp_map(addr, size, mapping, sizeof(mapping[0]) * num_pages);
+
+ if (map)
+ __dma_map_area(addr, size, dir);
+ else
+ __dma_unmap_area(addr, size, dir);
+
+ xpfo_temp_unmap(addr, size, mapping, sizeof(mapping[0]) * num_pages);
+}
diff --git a/include/linux/xpfo.h b/include/linux/xpfo.h
index 304b104ec637..d37a06c9d62c 100644
--- a/include/linux/xpfo.h
+++ b/include/linux/xpfo.h
@@ -18,6 +18,8 @@
#ifdef CONFIG_XPFO
+#include <linux/dma-mapping.h>
+
extern struct page_ext_operations page_xpfo_ops;
void set_kpte(void *kaddr, struct page *page, pgprot_t prot);
--
2.11.0
WARNING: multiple messages have this Message-ID (diff)
From: Tycho Andersen <tycho@docker.com>
To: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org, kernel-hardening@lists.openwall.com,
Marco Benatto <marco.antonio.780@gmail.com>,
Juerg Haefliger <juerg.haefliger@canonical.com>,
linux-arm-kernel@lists.infradead.org,
Tycho Andersen <tycho@docker.com>
Subject: [PATCH v6 08/11] arm64/mm: Add support for XPFO to swiotlb
Date: Thu, 7 Sep 2017 11:36:06 -0600 [thread overview]
Message-ID: <20170907173609.22696-9-tycho@docker.com> (raw)
In-Reply-To: <20170907173609.22696-1-tycho@docker.com>
From: Juerg Haefliger <juerg.haefliger@canonical.com>
Pages that are unmapped by XPFO need to be mapped before and unmapped
again after (to restore the original state) the __dma_{map,unmap}_area()
operations to prevent fatal page faults.
v6: * use the hoisted out temporary mapping code instead
CC: linux-arm-kernel@lists.infradead.org
Signed-off-by: Juerg Haefliger <juerg.haefliger@canonical.com>
Signed-off-by: Tycho Andersen <tycho@docker.com>
---
arch/arm64/include/asm/cacheflush.h | 11 +++++++++++
arch/arm64/mm/dma-mapping.c | 32 ++++++++++++++++----------------
arch/arm64/mm/xpfo.c | 18 ++++++++++++++++++
include/linux/xpfo.h | 2 ++
4 files changed, 47 insertions(+), 16 deletions(-)
diff --git a/arch/arm64/include/asm/cacheflush.h b/arch/arm64/include/asm/cacheflush.h
index d74a284abdc2..b6a462e3b2f9 100644
--- a/arch/arm64/include/asm/cacheflush.h
+++ b/arch/arm64/include/asm/cacheflush.h
@@ -93,6 +93,17 @@ extern void __dma_map_area(const void *, size_t, int);
extern void __dma_unmap_area(const void *, size_t, int);
extern void __dma_flush_area(const void *, size_t);
+#ifdef CONFIG_XPFO
+#include <linux/xpfo.h>
+#define _dma_map_area(addr, size, dir) \
+ xpfo_dma_map_unmap_area(true, addr, size, dir)
+#define _dma_unmap_area(addr, size, dir) \
+ xpfo_dma_map_unmap_area(false, addr, size, dir)
+#else
+#define _dma_map_area(addr, size, dir) __dma_map_area(addr, size, dir)
+#define _dma_unmap_area(addr, size, dir) __dma_unmap_area(addr, size, dir)
+#endif
+
/*
* Copy user data from/to a page which is mapped into a different
* processes address space. Really, we want to allow our "user
diff --git a/arch/arm64/mm/dma-mapping.c b/arch/arm64/mm/dma-mapping.c
index f27d4dd04384..a79f200786ab 100644
--- a/arch/arm64/mm/dma-mapping.c
+++ b/arch/arm64/mm/dma-mapping.c
@@ -204,7 +204,7 @@ static dma_addr_t __swiotlb_map_page(struct device *dev, struct page *page,
dev_addr = swiotlb_map_page(dev, page, offset, size, dir, attrs);
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
return dev_addr;
}
@@ -216,7 +216,7 @@ static void __swiotlb_unmap_page(struct device *dev, dma_addr_t dev_addr,
{
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
swiotlb_unmap_page(dev, dev_addr, size, dir, attrs);
}
@@ -231,8 +231,8 @@ static int __swiotlb_map_sg_attrs(struct device *dev, struct scatterlist *sgl,
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
for_each_sg(sgl, sg, ret, i)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
return ret;
}
@@ -248,8 +248,8 @@ static void __swiotlb_unmap_sg_attrs(struct device *dev,
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
swiotlb_unmap_sg_attrs(dev, sgl, nelems, dir, attrs);
}
@@ -258,7 +258,7 @@ static void __swiotlb_sync_single_for_cpu(struct device *dev,
enum dma_data_direction dir)
{
if (!is_device_dma_coherent(dev))
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
swiotlb_sync_single_for_cpu(dev, dev_addr, size, dir);
}
@@ -268,7 +268,7 @@ static void __swiotlb_sync_single_for_device(struct device *dev,
{
swiotlb_sync_single_for_device(dev, dev_addr, size, dir);
if (!is_device_dma_coherent(dev))
- __dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
}
static void __swiotlb_sync_sg_for_cpu(struct device *dev,
@@ -280,8 +280,8 @@ static void __swiotlb_sync_sg_for_cpu(struct device *dev,
if (!is_device_dma_coherent(dev))
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
swiotlb_sync_sg_for_cpu(dev, sgl, nelems, dir);
}
@@ -295,8 +295,8 @@ static void __swiotlb_sync_sg_for_device(struct device *dev,
swiotlb_sync_sg_for_device(dev, sgl, nelems, dir);
if (!is_device_dma_coherent(dev))
for_each_sg(sgl, sg, nelems, i)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
}
static int __swiotlb_mmap_pfn(struct vm_area_struct *vma,
@@ -758,7 +758,7 @@ static void __iommu_sync_single_for_cpu(struct device *dev,
return;
phys = iommu_iova_to_phys(iommu_get_domain_for_dev(dev), dev_addr);
- __dma_unmap_area(phys_to_virt(phys), size, dir);
+ _dma_unmap_area(phys_to_virt(phys), size, dir);
}
static void __iommu_sync_single_for_device(struct device *dev,
@@ -771,7 +771,7 @@ static void __iommu_sync_single_for_device(struct device *dev,
return;
phys = iommu_iova_to_phys(iommu_get_domain_for_dev(dev), dev_addr);
- __dma_map_area(phys_to_virt(phys), size, dir);
+ _dma_map_area(phys_to_virt(phys), size, dir);
}
static dma_addr_t __iommu_map_page(struct device *dev, struct page *page,
@@ -811,7 +811,7 @@ static void __iommu_sync_sg_for_cpu(struct device *dev,
return;
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(sg_virt(sg), sg->length, dir);
+ _dma_unmap_area(sg_virt(sg), sg->length, dir);
}
static void __iommu_sync_sg_for_device(struct device *dev,
@@ -825,7 +825,7 @@ static void __iommu_sync_sg_for_device(struct device *dev,
return;
for_each_sg(sgl, sg, nelems, i)
- __dma_map_area(sg_virt(sg), sg->length, dir);
+ _dma_map_area(sg_virt(sg), sg->length, dir);
}
static int __iommu_map_sg_attrs(struct device *dev, struct scatterlist *sgl,
diff --git a/arch/arm64/mm/xpfo.c b/arch/arm64/mm/xpfo.c
index 678e2be848eb..342a9ccb93c1 100644
--- a/arch/arm64/mm/xpfo.c
+++ b/arch/arm64/mm/xpfo.c
@@ -11,8 +11,10 @@
* the Free Software Foundation.
*/
+#include <linux/highmem.h>
#include <linux/mm.h>
#include <linux/module.h>
+#include <linux/xpfo.h>
#include <asm/tlbflush.h>
@@ -56,3 +58,19 @@ inline void xpfo_flush_kernel_tlb(struct page *page, int order)
flush_tlb_kernel_range(kaddr, kaddr + (1 << order) * size);
}
+
+void xpfo_dma_map_unmap_area(bool map, const void *addr, size_t size,
+ enum dma_data_direction dir)
+{
+ unsigned long num_pages = XPFO_NUM_PAGES(addr, size);
+ void *mapping[num_pages];
+
+ xpfo_temp_map(addr, size, mapping, sizeof(mapping[0]) * num_pages);
+
+ if (map)
+ __dma_map_area(addr, size, dir);
+ else
+ __dma_unmap_area(addr, size, dir);
+
+ xpfo_temp_unmap(addr, size, mapping, sizeof(mapping[0]) * num_pages);
+}
diff --git a/include/linux/xpfo.h b/include/linux/xpfo.h
index 304b104ec637..d37a06c9d62c 100644
--- a/include/linux/xpfo.h
+++ b/include/linux/xpfo.h
@@ -18,6 +18,8 @@
#ifdef CONFIG_XPFO
+#include <linux/dma-mapping.h>
+
extern struct page_ext_operations page_xpfo_ops;
void set_kpte(void *kaddr, struct page *page, pgprot_t prot);
--
2.11.0
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Tycho Andersen <tycho@docker.com>
To: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org, kernel-hardening@lists.openwall.com,
Marco Benatto <marco.antonio.780@gmail.com>,
Juerg Haefliger <juerg.haefliger@canonical.com>,
linux-arm-kernel@lists.infradead.org,
Tycho Andersen <tycho@docker.com>
Subject: [PATCH v6 08/11] arm64/mm: Add support for XPFO to swiotlb
Date: Thu, 7 Sep 2017 11:36:06 -0600 [thread overview]
Message-ID: <20170907173609.22696-9-tycho@docker.com> (raw)
In-Reply-To: <20170907173609.22696-1-tycho@docker.com>
From: Juerg Haefliger <juerg.haefliger@canonical.com>
Pages that are unmapped by XPFO need to be mapped before and unmapped
again after (to restore the original state) the __dma_{map,unmap}_area()
operations to prevent fatal page faults.
v6: * use the hoisted out temporary mapping code instead
CC: linux-arm-kernel@lists.infradead.org
Signed-off-by: Juerg Haefliger <juerg.haefliger@canonical.com>
Signed-off-by: Tycho Andersen <tycho@docker.com>
---
arch/arm64/include/asm/cacheflush.h | 11 +++++++++++
arch/arm64/mm/dma-mapping.c | 32 ++++++++++++++++----------------
arch/arm64/mm/xpfo.c | 18 ++++++++++++++++++
include/linux/xpfo.h | 2 ++
4 files changed, 47 insertions(+), 16 deletions(-)
diff --git a/arch/arm64/include/asm/cacheflush.h b/arch/arm64/include/asm/cacheflush.h
index d74a284abdc2..b6a462e3b2f9 100644
--- a/arch/arm64/include/asm/cacheflush.h
+++ b/arch/arm64/include/asm/cacheflush.h
@@ -93,6 +93,17 @@ extern void __dma_map_area(const void *, size_t, int);
extern void __dma_unmap_area(const void *, size_t, int);
extern void __dma_flush_area(const void *, size_t);
+#ifdef CONFIG_XPFO
+#include <linux/xpfo.h>
+#define _dma_map_area(addr, size, dir) \
+ xpfo_dma_map_unmap_area(true, addr, size, dir)
+#define _dma_unmap_area(addr, size, dir) \
+ xpfo_dma_map_unmap_area(false, addr, size, dir)
+#else
+#define _dma_map_area(addr, size, dir) __dma_map_area(addr, size, dir)
+#define _dma_unmap_area(addr, size, dir) __dma_unmap_area(addr, size, dir)
+#endif
+
/*
* Copy user data from/to a page which is mapped into a different
* processes address space. Really, we want to allow our "user
diff --git a/arch/arm64/mm/dma-mapping.c b/arch/arm64/mm/dma-mapping.c
index f27d4dd04384..a79f200786ab 100644
--- a/arch/arm64/mm/dma-mapping.c
+++ b/arch/arm64/mm/dma-mapping.c
@@ -204,7 +204,7 @@ static dma_addr_t __swiotlb_map_page(struct device *dev, struct page *page,
dev_addr = swiotlb_map_page(dev, page, offset, size, dir, attrs);
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
return dev_addr;
}
@@ -216,7 +216,7 @@ static void __swiotlb_unmap_page(struct device *dev, dma_addr_t dev_addr,
{
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
swiotlb_unmap_page(dev, dev_addr, size, dir, attrs);
}
@@ -231,8 +231,8 @@ static int __swiotlb_map_sg_attrs(struct device *dev, struct scatterlist *sgl,
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
for_each_sg(sgl, sg, ret, i)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
return ret;
}
@@ -248,8 +248,8 @@ static void __swiotlb_unmap_sg_attrs(struct device *dev,
if (!is_device_dma_coherent(dev) &&
(attrs & DMA_ATTR_SKIP_CPU_SYNC) == 0)
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
swiotlb_unmap_sg_attrs(dev, sgl, nelems, dir, attrs);
}
@@ -258,7 +258,7 @@ static void __swiotlb_sync_single_for_cpu(struct device *dev,
enum dma_data_direction dir)
{
if (!is_device_dma_coherent(dev))
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
swiotlb_sync_single_for_cpu(dev, dev_addr, size, dir);
}
@@ -268,7 +268,7 @@ static void __swiotlb_sync_single_for_device(struct device *dev,
{
swiotlb_sync_single_for_device(dev, dev_addr, size, dir);
if (!is_device_dma_coherent(dev))
- __dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, dev_addr)), size, dir);
}
static void __swiotlb_sync_sg_for_cpu(struct device *dev,
@@ -280,8 +280,8 @@ static void __swiotlb_sync_sg_for_cpu(struct device *dev,
if (!is_device_dma_coherent(dev))
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_unmap_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
swiotlb_sync_sg_for_cpu(dev, sgl, nelems, dir);
}
@@ -295,8 +295,8 @@ static void __swiotlb_sync_sg_for_device(struct device *dev,
swiotlb_sync_sg_for_device(dev, sgl, nelems, dir);
if (!is_device_dma_coherent(dev))
for_each_sg(sgl, sg, nelems, i)
- __dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
- sg->length, dir);
+ _dma_map_area(phys_to_virt(dma_to_phys(dev, sg->dma_address)),
+ sg->length, dir);
}
static int __swiotlb_mmap_pfn(struct vm_area_struct *vma,
@@ -758,7 +758,7 @@ static void __iommu_sync_single_for_cpu(struct device *dev,
return;
phys = iommu_iova_to_phys(iommu_get_domain_for_dev(dev), dev_addr);
- __dma_unmap_area(phys_to_virt(phys), size, dir);
+ _dma_unmap_area(phys_to_virt(phys), size, dir);
}
static void __iommu_sync_single_for_device(struct device *dev,
@@ -771,7 +771,7 @@ static void __iommu_sync_single_for_device(struct device *dev,
return;
phys = iommu_iova_to_phys(iommu_get_domain_for_dev(dev), dev_addr);
- __dma_map_area(phys_to_virt(phys), size, dir);
+ _dma_map_area(phys_to_virt(phys), size, dir);
}
static dma_addr_t __iommu_map_page(struct device *dev, struct page *page,
@@ -811,7 +811,7 @@ static void __iommu_sync_sg_for_cpu(struct device *dev,
return;
for_each_sg(sgl, sg, nelems, i)
- __dma_unmap_area(sg_virt(sg), sg->length, dir);
+ _dma_unmap_area(sg_virt(sg), sg->length, dir);
}
static void __iommu_sync_sg_for_device(struct device *dev,
@@ -825,7 +825,7 @@ static void __iommu_sync_sg_for_device(struct device *dev,
return;
for_each_sg(sgl, sg, nelems, i)
- __dma_map_area(sg_virt(sg), sg->length, dir);
+ _dma_map_area(sg_virt(sg), sg->length, dir);
}
static int __iommu_map_sg_attrs(struct device *dev, struct scatterlist *sgl,
diff --git a/arch/arm64/mm/xpfo.c b/arch/arm64/mm/xpfo.c
index 678e2be848eb..342a9ccb93c1 100644
--- a/arch/arm64/mm/xpfo.c
+++ b/arch/arm64/mm/xpfo.c
@@ -11,8 +11,10 @@
* the Free Software Foundation.
*/
+#include <linux/highmem.h>
#include <linux/mm.h>
#include <linux/module.h>
+#include <linux/xpfo.h>
#include <asm/tlbflush.h>
@@ -56,3 +58,19 @@ inline void xpfo_flush_kernel_tlb(struct page *page, int order)
flush_tlb_kernel_range(kaddr, kaddr + (1 << order) * size);
}
+
+void xpfo_dma_map_unmap_area(bool map, const void *addr, size_t size,
+ enum dma_data_direction dir)
+{
+ unsigned long num_pages = XPFO_NUM_PAGES(addr, size);
+ void *mapping[num_pages];
+
+ xpfo_temp_map(addr, size, mapping, sizeof(mapping[0]) * num_pages);
+
+ if (map)
+ __dma_map_area(addr, size, dir);
+ else
+ __dma_unmap_area(addr, size, dir);
+
+ xpfo_temp_unmap(addr, size, mapping, sizeof(mapping[0]) * num_pages);
+}
diff --git a/include/linux/xpfo.h b/include/linux/xpfo.h
index 304b104ec637..d37a06c9d62c 100644
--- a/include/linux/xpfo.h
+++ b/include/linux/xpfo.h
@@ -18,6 +18,8 @@
#ifdef CONFIG_XPFO
+#include <linux/dma-mapping.h>
+
extern struct page_ext_operations page_xpfo_ops;
void set_kpte(void *kaddr, struct page *page, pgprot_t prot);
--
2.11.0
next prev parent reply other threads:[~2017-09-07 17:36 UTC|newest]
Thread overview: 241+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-07 17:35 [kernel-hardening] [PATCH v6 00/11] Add support for eXclusive Page Frame Ownership Tycho Andersen
2017-09-07 17:35 ` Tycho Andersen
2017-09-07 17:35 ` Tycho Andersen
2017-09-07 17:35 ` [kernel-hardening] [PATCH v6 01/11] mm: add MAP_HUGETLB support to vm_mmap Tycho Andersen
2017-09-07 17:35 ` Tycho Andersen
2017-09-07 17:35 ` Tycho Andersen
2017-09-08 7:42 ` [kernel-hardening] " Christoph Hellwig
2017-09-08 7:42 ` Christoph Hellwig
2017-09-08 7:42 ` Christoph Hellwig
2017-09-07 17:36 ` [kernel-hardening] [PATCH v6 02/11] x86: always set IF before oopsing from page fault Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` [kernel-hardening] [PATCH v6 03/11] mm, x86: Add support for eXclusive Page Frame Ownership (XPFO) Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 18:33 ` [kernel-hardening] " Ralph Campbell
2017-09-07 18:33 ` Ralph Campbell
2017-09-07 18:33 ` Ralph Campbell
2017-09-07 18:50 ` [kernel-hardening] " Tycho Andersen
2017-09-07 18:50 ` Tycho Andersen
2017-09-07 18:50 ` Tycho Andersen
2017-09-08 7:51 ` [kernel-hardening] " Christoph Hellwig
2017-09-08 7:51 ` Christoph Hellwig
2017-09-08 7:51 ` Christoph Hellwig
2017-09-08 14:58 ` [kernel-hardening] " Tycho Andersen
2017-09-08 14:58 ` Tycho Andersen
2017-09-08 14:58 ` Tycho Andersen
2017-09-09 15:35 ` [kernel-hardening] " Laura Abbott
2017-09-09 15:35 ` Laura Abbott
2017-09-09 15:35 ` Laura Abbott
2017-09-11 15:03 ` [kernel-hardening] " Tycho Andersen
2017-09-11 15:03 ` Tycho Andersen
2017-09-11 15:03 ` Tycho Andersen
2017-09-11 7:24 ` [kernel-hardening] " Yisheng Xie
2017-09-11 7:24 ` Yisheng Xie
2017-09-11 7:24 ` Yisheng Xie
2017-09-11 14:50 ` [kernel-hardening] " Tycho Andersen
2017-09-11 14:50 ` Tycho Andersen
2017-09-11 14:50 ` Tycho Andersen
2017-09-11 16:03 ` [kernel-hardening] " Juerg Haefliger
2017-09-11 16:03 ` Juerg Haefliger
2017-09-11 16:03 ` Juerg Haefliger
2017-09-11 16:59 ` [kernel-hardening] " Tycho Andersen
2017-09-11 16:59 ` Tycho Andersen
2017-09-11 16:59 ` Tycho Andersen
2017-09-12 8:05 ` [kernel-hardening] " Yisheng Xie
2017-09-12 8:05 ` Yisheng Xie
2017-09-12 8:05 ` Yisheng Xie
2017-09-12 14:36 ` [kernel-hardening] " Tycho Andersen
2017-09-12 14:36 ` Tycho Andersen
2017-09-12 14:36 ` Tycho Andersen
2017-09-12 18:13 ` [kernel-hardening] " Tycho Andersen
2017-09-12 18:13 ` Tycho Andersen
2017-09-12 18:13 ` Tycho Andersen
2017-09-14 6:15 ` [kernel-hardening] " Yisheng Xie
2017-09-14 6:15 ` Yisheng Xie
2017-09-14 6:15 ` Yisheng Xie
2017-09-20 23:46 ` [kernel-hardening] " Dave Hansen
2017-09-20 23:46 ` Dave Hansen
2017-09-20 23:46 ` Dave Hansen
2017-09-21 0:02 ` [kernel-hardening] " Tycho Andersen
2017-09-21 0:02 ` Tycho Andersen
2017-09-21 0:02 ` Tycho Andersen
2017-09-21 0:04 ` [kernel-hardening] " Dave Hansen
2017-09-21 0:04 ` Dave Hansen
2017-09-21 0:04 ` Dave Hansen
2017-09-11 18:32 ` [kernel-hardening] " Tycho Andersen
2017-09-11 18:32 ` Tycho Andersen
2017-09-11 18:32 ` Tycho Andersen
2017-09-11 21:54 ` [kernel-hardening] " Marco Benatto
2017-09-11 21:54 ` Marco Benatto
2017-09-11 21:54 ` Marco Benatto
2017-09-20 15:48 ` [kernel-hardening] " Dave Hansen
2017-09-20 15:48 ` Dave Hansen
2017-09-20 15:48 ` Dave Hansen
2017-09-20 22:34 ` [kernel-hardening] " Tycho Andersen
2017-09-20 22:34 ` Tycho Andersen
2017-09-20 22:34 ` Tycho Andersen
2017-09-20 23:21 ` [kernel-hardening] " Dave Hansen
2017-09-20 23:21 ` Dave Hansen
2017-09-20 23:21 ` Dave Hansen
2017-09-21 0:09 ` [kernel-hardening] " Tycho Andersen
2017-09-21 0:09 ` Tycho Andersen
2017-09-21 0:09 ` Tycho Andersen
2017-09-21 0:27 ` [kernel-hardening] " Dave Hansen
2017-09-21 0:27 ` Dave Hansen
2017-09-21 0:27 ` Dave Hansen
2017-09-21 1:37 ` [kernel-hardening] " Tycho Andersen
2017-09-21 1:37 ` Tycho Andersen
2017-09-21 1:37 ` Tycho Andersen
2017-11-10 1:09 ` [kernel-hardening] " Tycho Andersen
2017-11-10 1:09 ` Tycho Andersen
2017-11-10 1:09 ` Tycho Andersen
2017-11-13 22:20 ` [kernel-hardening] " Dave Hansen
2017-11-13 22:20 ` Dave Hansen
2017-11-13 22:20 ` Dave Hansen
2017-11-13 22:46 ` [kernel-hardening] " Dave Hansen
2017-11-13 22:46 ` Dave Hansen
2017-11-13 22:46 ` Dave Hansen
2017-11-15 0:33 ` [kernel-hardening] " Tycho Andersen
2017-11-15 0:33 ` Tycho Andersen
2017-11-15 0:37 ` Dave Hansen
2017-11-15 0:37 ` Dave Hansen
2017-11-15 0:42 ` Tycho Andersen
2017-11-15 0:42 ` Tycho Andersen
2017-11-15 3:44 ` Matthew Wilcox
2017-11-15 3:44 ` Matthew Wilcox
2017-11-15 3:44 ` Matthew Wilcox
2017-11-15 7:00 ` [kernel-hardening] " Dave Hansen
2017-11-15 7:00 ` Dave Hansen
2017-11-15 7:00 ` Dave Hansen
2017-11-15 14:58 ` [kernel-hardening] " Matthew Wilcox
2017-11-15 14:58 ` Matthew Wilcox
2017-11-15 14:58 ` Matthew Wilcox
2017-11-15 16:20 ` [kernel-hardening] " Tycho Andersen
2017-11-15 16:20 ` Tycho Andersen
2017-11-15 21:34 ` Matthew Wilcox
2017-11-15 21:34 ` Matthew Wilcox
2017-09-21 0:03 ` Dave Hansen
2017-09-21 0:03 ` Dave Hansen
2017-09-21 0:03 ` Dave Hansen
2017-09-21 0:28 ` [kernel-hardening] " Dave Hansen
2017-09-21 0:28 ` Dave Hansen
2017-09-21 0:28 ` Dave Hansen
2017-09-21 1:04 ` [kernel-hardening] " Tycho Andersen
2017-09-21 1:04 ` Tycho Andersen
2017-09-21 1:04 ` Tycho Andersen
2017-09-07 17:36 ` [kernel-hardening] [PATCH v6 04/11] swiotlb: Map the buffer if it was unmapped by XPFO Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 18:10 ` [kernel-hardening] " Christoph Hellwig
2017-09-07 18:10 ` Christoph Hellwig
2017-09-07 18:10 ` Christoph Hellwig
2017-09-07 18:44 ` [kernel-hardening] " Tycho Andersen
2017-09-07 18:44 ` Tycho Andersen
2017-09-07 18:44 ` Tycho Andersen
2017-09-08 7:13 ` [kernel-hardening] " Christoph Hellwig
2017-09-08 7:13 ` Christoph Hellwig
2017-09-08 7:13 ` Christoph Hellwig
2017-09-07 17:36 ` [kernel-hardening] [PATCH v6 05/11] arm64/mm: Add support for XPFO Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-08 7:53 ` [kernel-hardening] " Christoph Hellwig
2017-09-08 7:53 ` Christoph Hellwig
2017-09-08 7:53 ` Christoph Hellwig
2017-09-08 7:53 ` Christoph Hellwig
2017-09-08 17:24 ` [kernel-hardening] " Tycho Andersen
2017-09-08 17:24 ` Tycho Andersen
2017-09-08 17:24 ` Tycho Andersen
2017-09-08 17:24 ` Tycho Andersen
2017-09-14 10:41 ` [kernel-hardening] " Julien Grall
2017-09-14 10:41 ` Julien Grall
2017-09-14 10:41 ` Julien Grall
2017-09-14 10:41 ` Julien Grall
2017-09-14 11:29 ` Juergen Gross
2017-09-14 11:29 ` [kernel-hardening] " Juergen Gross
2017-09-14 11:29 ` Juergen Gross
2017-09-14 11:29 ` Juergen Gross
2017-09-14 11:29 ` Juergen Gross
2017-09-14 10:41 ` Julien Grall
2017-09-08 17:24 ` Tycho Andersen
2017-09-14 18:22 ` [kernel-hardening] " Mark Rutland
2017-09-14 18:22 ` Mark Rutland
2017-09-14 18:22 ` Mark Rutland
2017-09-18 21:27 ` Tycho Andersen
2017-09-18 21:27 ` Tycho Andersen
2017-09-18 21:27 ` Tycho Andersen
2017-09-07 17:36 ` [kernel-hardening] [PATCH v6 06/11] xpfo: add primitives for mapping underlying memory Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` [kernel-hardening] [PATCH v6 07/11] arm64/mm, xpfo: temporarily map dcache regions Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-14 18:25 ` [kernel-hardening] " Mark Rutland
2017-09-14 18:25 ` Mark Rutland
2017-09-14 18:25 ` Mark Rutland
2017-09-14 18:25 ` Mark Rutland
2017-09-18 21:29 ` [kernel-hardening] " Tycho Andersen
2017-09-18 21:29 ` Tycho Andersen
2017-09-18 21:29 ` Tycho Andersen
2017-09-18 21:29 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen [this message]
2017-09-07 17:36 ` [PATCH v6 08/11] arm64/mm: Add support for XPFO to swiotlb Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` [kernel-hardening] [PATCH v6 09/11] arm64/mm: disable section/contiguous mappings if XPFO is enabled Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-09 15:38 ` [kernel-hardening] " Laura Abbott
2017-09-09 15:38 ` Laura Abbott
2017-09-09 15:38 ` Laura Abbott
2017-09-09 15:38 ` Laura Abbott
2017-09-07 17:36 ` [kernel-hardening] [PATCH v6 10/11] mm: add a user_virt_to_phys symbol Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-08 7:55 ` [kernel-hardening] " Christoph Hellwig
2017-09-08 7:55 ` Christoph Hellwig
2017-09-08 7:55 ` Christoph Hellwig
2017-09-08 7:55 ` Christoph Hellwig
2017-09-08 15:44 ` [kernel-hardening] " Kees Cook
2017-09-08 15:44 ` Kees Cook
2017-09-08 15:44 ` Kees Cook
2017-09-08 15:44 ` Kees Cook
2017-09-11 7:36 ` [kernel-hardening] " Christoph Hellwig
2017-09-11 7:36 ` Christoph Hellwig
2017-09-11 7:36 ` Christoph Hellwig
2017-09-11 7:36 ` Christoph Hellwig
2017-09-14 18:34 ` [kernel-hardening] " Mark Rutland
2017-09-14 18:34 ` Mark Rutland
2017-09-14 18:34 ` Mark Rutland
2017-09-18 20:56 ` Tycho Andersen
2017-09-18 20:56 ` Tycho Andersen
2017-09-18 20:56 ` Tycho Andersen
2017-09-07 17:36 ` [kernel-hardening] [PATCH v6 11/11] lkdtm: Add test for XPFO Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 17:36 ` Tycho Andersen
2017-09-07 19:08 ` [kernel-hardening] " Kees Cook
2017-09-07 19:08 ` Kees Cook
2017-09-07 19:08 ` Kees Cook
2017-09-10 0:57 ` [kernel-hardening] " kbuild test robot
2017-09-10 0:57 ` kbuild test robot
2017-09-10 0:57 ` kbuild test robot
2017-09-11 10:34 ` [kernel-hardening] Re: [PATCH v6 00/11] Add support for eXclusive Page Frame Ownership Yisheng Xie
2017-09-11 10:34 ` Yisheng Xie
2017-09-11 10:34 ` Yisheng Xie
2017-09-11 15:02 ` [kernel-hardening] " Tycho Andersen
2017-09-11 15:02 ` Tycho Andersen
2017-09-11 15:02 ` Tycho Andersen
2017-09-12 7:07 ` [kernel-hardening] " Yisheng Xie
2017-09-12 7:07 ` Yisheng Xie
2017-09-12 7:07 ` Yisheng Xie
2017-09-12 7:40 ` [kernel-hardening] " Juerg Haefliger
2017-09-12 7:40 ` Juerg Haefliger
2017-09-12 7:40 ` Juerg Haefliger
2017-09-12 8:11 ` [kernel-hardening] " Yisheng Xie
2017-09-12 8:11 ` Yisheng Xie
2017-09-12 8:11 ` Yisheng Xie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170907173609.22696-9-tycho@docker.com \
--to=tycho@docker.com \
--cc=juerg.haefliger@canonical.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=marco.antonio.780@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.