From: Catalin Marinas <catalin.marinas@arm.com>
To: Tong Tiangen <tongtiangen@huawei.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Pasha Tatashin <pasha.tatashin@soleen.com>,
Andrew Morton <akpm@linux-foundation.org>,
Will Deacon <will@kernel.org>,
Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Palmer Dabbelt <palmerdabbelt@google.com>,
Albert Ou <aou@eecs.berkeley.edu>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
linux-arm-kernel@lists.infradead.org,
linux-riscv@lists.infradead.org
Subject: Re: [PATCH -next 3/4] arm64: mm: add support for page table check
Date: Fri, 18 Mar 2022 17:18:16 +0000 [thread overview]
Message-ID: <YjS+2FVpq8D4Gx0S@arm.com> (raw)
In-Reply-To: <cb91532b-c0cd-034c-2f93-4f76fabf5fc1@huawei.com>
On Fri, Mar 18, 2022 at 11:58:22AM +0800, Tong Tiangen wrote:
> 在 2022/3/18 3:00, Catalin Marinas 写道:
> > On Thu, Mar 17, 2022 at 02:12:02PM +0000, Tong Tiangen wrote:
> > > @@ -628,6 +647,25 @@ static inline unsigned long pmd_page_vaddr(pmd_t pmd)
> > > #define pud_leaf(pud) pud_sect(pud)
> > > #define pud_valid(pud) pte_valid(pud_pte(pud))
> > > +#ifdef CONFIG_PAGE_TABLE_CHECK
> > > +static inline bool pte_user_accessible_page(pte_t pte)
> > > +{
> > > + return (pte_val(pte) & PTE_VALID) && (pte_val(pte) & PTE_USER);
> > > +}
[...]
> > Do we care about PROT_NONE mappings here? They have the valid bit
> > cleared but pte_present() is true.
> >
>
> PTC will not check this special type(PROT_NONE) of page.
PROT_NONE is just a permission but since we don't have independent read
and write bits in the pte, we implement it as an invalid pte (bit 0
cleared). The other content of the pte is fine, so pte_pfn() should
still work. PTC could as well check this, I don't think it hurts.
> > > +static inline bool pmd_user_accessible_page(pmd_t pmd)
> > > +{
> > > + return pmd_leaf(pmd) && (pmd_val(pmd) & PTE_VALID) &&
> > > + (pmd_val(pmd) & PTE_USER);
> > > +}
> >
> > pmd_leaf() implies valid, so you can skip it if that's the aim.
>
> PTC only checks whether the memory block corresponding to the pmd_leaf type
> can access, for !pmd_leaf, PTC checks at the pte level. So i think this is
> necessary.
My point is that the (pmd_val(pmd) & PTE_VALID) check is superfluous
since that's covered by pmd_leaf() already.
--
Catalin
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
WARNING: multiple messages have this Message-ID (diff)
From: Catalin Marinas <catalin.marinas@arm.com>
To: Tong Tiangen <tongtiangen@huawei.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Pasha Tatashin <pasha.tatashin@soleen.com>,
Andrew Morton <akpm@linux-foundation.org>,
Will Deacon <will@kernel.org>,
Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Palmer Dabbelt <palmerdabbelt@google.com>,
Albert Ou <aou@eecs.berkeley.edu>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
linux-arm-kernel@lists.infradead.org,
linux-riscv@lists.infradead.org
Subject: Re: [PATCH -next 3/4] arm64: mm: add support for page table check
Date: Fri, 18 Mar 2022 17:18:16 +0000 [thread overview]
Message-ID: <YjS+2FVpq8D4Gx0S@arm.com> (raw)
In-Reply-To: <cb91532b-c0cd-034c-2f93-4f76fabf5fc1@huawei.com>
On Fri, Mar 18, 2022 at 11:58:22AM +0800, Tong Tiangen wrote:
> 在 2022/3/18 3:00, Catalin Marinas 写道:
> > On Thu, Mar 17, 2022 at 02:12:02PM +0000, Tong Tiangen wrote:
> > > @@ -628,6 +647,25 @@ static inline unsigned long pmd_page_vaddr(pmd_t pmd)
> > > #define pud_leaf(pud) pud_sect(pud)
> > > #define pud_valid(pud) pte_valid(pud_pte(pud))
> > > +#ifdef CONFIG_PAGE_TABLE_CHECK
> > > +static inline bool pte_user_accessible_page(pte_t pte)
> > > +{
> > > + return (pte_val(pte) & PTE_VALID) && (pte_val(pte) & PTE_USER);
> > > +}
[...]
> > Do we care about PROT_NONE mappings here? They have the valid bit
> > cleared but pte_present() is true.
> >
>
> PTC will not check this special type(PROT_NONE) of page.
PROT_NONE is just a permission but since we don't have independent read
and write bits in the pte, we implement it as an invalid pte (bit 0
cleared). The other content of the pte is fine, so pte_pfn() should
still work. PTC could as well check this, I don't think it hurts.
> > > +static inline bool pmd_user_accessible_page(pmd_t pmd)
> > > +{
> > > + return pmd_leaf(pmd) && (pmd_val(pmd) & PTE_VALID) &&
> > > + (pmd_val(pmd) & PTE_USER);
> > > +}
> >
> > pmd_leaf() implies valid, so you can skip it if that's the aim.
>
> PTC only checks whether the memory block corresponding to the pmd_leaf type
> can access, for !pmd_leaf, PTC checks at the pte level. So i think this is
> necessary.
My point is that the (pmd_val(pmd) & PTE_VALID) check is superfluous
since that's covered by pmd_leaf() already.
--
Catalin
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Catalin Marinas <catalin.marinas@arm.com>
To: Tong Tiangen <tongtiangen@huawei.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Pasha Tatashin <pasha.tatashin@soleen.com>,
Andrew Morton <akpm@linux-foundation.org>,
Will Deacon <will@kernel.org>,
Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Palmer Dabbelt <palmerdabbelt@google.com>,
Albert Ou <aou@eecs.berkeley.edu>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
linux-arm-kernel@lists.infradead.org,
linux-riscv@lists.infradead.org
Subject: Re: [PATCH -next 3/4] arm64: mm: add support for page table check
Date: Fri, 18 Mar 2022 17:18:16 +0000 [thread overview]
Message-ID: <YjS+2FVpq8D4Gx0S@arm.com> (raw)
In-Reply-To: <cb91532b-c0cd-034c-2f93-4f76fabf5fc1@huawei.com>
On Fri, Mar 18, 2022 at 11:58:22AM +0800, Tong Tiangen wrote:
> 在 2022/3/18 3:00, Catalin Marinas 写道:
> > On Thu, Mar 17, 2022 at 02:12:02PM +0000, Tong Tiangen wrote:
> > > @@ -628,6 +647,25 @@ static inline unsigned long pmd_page_vaddr(pmd_t pmd)
> > > #define pud_leaf(pud) pud_sect(pud)
> > > #define pud_valid(pud) pte_valid(pud_pte(pud))
> > > +#ifdef CONFIG_PAGE_TABLE_CHECK
> > > +static inline bool pte_user_accessible_page(pte_t pte)
> > > +{
> > > + return (pte_val(pte) & PTE_VALID) && (pte_val(pte) & PTE_USER);
> > > +}
[...]
> > Do we care about PROT_NONE mappings here? They have the valid bit
> > cleared but pte_present() is true.
> >
>
> PTC will not check this special type(PROT_NONE) of page.
PROT_NONE is just a permission but since we don't have independent read
and write bits in the pte, we implement it as an invalid pte (bit 0
cleared). The other content of the pte is fine, so pte_pfn() should
still work. PTC could as well check this, I don't think it hurts.
> > > +static inline bool pmd_user_accessible_page(pmd_t pmd)
> > > +{
> > > + return pmd_leaf(pmd) && (pmd_val(pmd) & PTE_VALID) &&
> > > + (pmd_val(pmd) & PTE_USER);
> > > +}
> >
> > pmd_leaf() implies valid, so you can skip it if that's the aim.
>
> PTC only checks whether the memory block corresponding to the pmd_leaf type
> can access, for !pmd_leaf, PTC checks at the pte level. So i think this is
> necessary.
My point is that the (pmd_val(pmd) & PTE_VALID) check is superfluous
since that's covered by pmd_leaf() already.
--
Catalin
next prev parent reply other threads:[~2022-03-18 17:18 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-17 14:11 [PATCH -next 0/4]mm: page_table_check: add support on arm64 and riscv Tong Tiangen
2022-03-17 14:11 ` Tong Tiangen
2022-03-17 14:11 ` Tong Tiangen
2022-03-17 14:12 ` [PATCH -next 1/4] mm: page_table_check: move pxx_user_accessible_page into x86 Tong Tiangen
2022-03-17 14:12 ` Tong Tiangen
2022-03-17 14:12 ` Tong Tiangen
2022-03-17 14:12 ` [PATCH -next 2/4] mm: page_table_check: add hooks to public helpers Tong Tiangen
2022-03-17 14:12 ` Tong Tiangen
2022-03-17 14:12 ` Tong Tiangen
2022-03-17 14:12 ` [PATCH -next 3/4] arm64: mm: add support for page table check Tong Tiangen
2022-03-17 14:12 ` Tong Tiangen
2022-03-17 14:12 ` Tong Tiangen
2022-03-17 19:00 ` Catalin Marinas
2022-03-17 19:00 ` Catalin Marinas
2022-03-17 19:00 ` Catalin Marinas
2022-03-18 3:58 ` Tong Tiangen
2022-03-18 3:58 ` Tong Tiangen
2022-03-18 3:58 ` Tong Tiangen
2022-03-18 17:18 ` Catalin Marinas [this message]
2022-03-18 17:18 ` Catalin Marinas
2022-03-18 17:18 ` Catalin Marinas
2022-03-21 6:15 ` Tong Tiangen
2022-03-21 6:15 ` Tong Tiangen
2022-03-21 6:15 ` Tong Tiangen
2022-03-21 16:40 ` Catalin Marinas
2022-03-21 16:40 ` Catalin Marinas
2022-03-21 16:40 ` Catalin Marinas
2022-03-22 3:07 ` Tong Tiangen
2022-03-22 3:07 ` Tong Tiangen
2022-03-22 3:07 ` Tong Tiangen
2022-03-17 14:12 ` [PATCH -next 4/4] riscv: " Tong Tiangen
2022-03-17 14:12 ` Tong Tiangen
2022-03-17 14:12 ` Tong Tiangen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YjS+2FVpq8D4Gx0S@arm.com \
--to=catalin.marinas@arm.com \
--cc=akpm@linux-foundation.org \
--cc=aou@eecs.berkeley.edu \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-riscv@lists.infradead.org \
--cc=mingo@redhat.com \
--cc=palmer@dabbelt.com \
--cc=palmerdabbelt@google.com \
--cc=pasha.tatashin@soleen.com \
--cc=paul.walmsley@sifive.com \
--cc=tglx@linutronix.de \
--cc=tongtiangen@huawei.com \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.