From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id CDE6FC8303F for ; Thu, 28 Aug 2025 12:25:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:MIME-Version: Content-Transfer-Encoding:Content-Type:In-Reply-To:References:Message-ID:Date :Subject:CC:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=QxcRm5lfAR27jNQOt1Cv3ZD27Tadoj4JCPsxnEzoRq0=; b=PVYOz9/PWQHgXavH049ScM6WKO AkMnX9sr7qhkIdkIhfX3CwLY4OuFHx4CpScx+q7aNDrDA5ba5YSquDoNpw962SGSKFBxMtTkaAvbF FWt+HCbnc4NOl6wE7mR9V7Cr6enD3LlFJdJipiClun18uBh3I+7czM0747+lnKuFC1xmha1CJI9Wz JTMLmmGCEaX7jNpvM82qqGxkipq8BABdn32Q0rC7dZXpDy5R25iUh7KJCtxEyKi4Ly4FT2vRD2mQd XeDDwd9Q+68cQBqe56SgdUAZ3i7MMxqt+fWKCXx3uPVtC5ene1NmuWKdpXUhF2k2xhi5MibbZiVW2 frpx114w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux)) id 1urbgW-00000001XLT-16hd; Thu, 28 Aug 2025 12:24:56 +0000 Received: from desiato.infradead.org ([2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux)) id 1urZ6U-0000000103T-0ZCy for linux-arm-kernel@bombadil.infradead.org; Thu, 28 Aug 2025 09:39:34 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=MIME-Version:Content-Transfer-Encoding :Content-Type:In-Reply-To:References:Message-ID:Date:Subject:CC:To:From: Sender:Reply-To:Content-ID:Content-Description; bh=QxcRm5lfAR27jNQOt1Cv3ZD27Tadoj4JCPsxnEzoRq0=; b=oNZE7WV2zTO1UDUExssGNnAHqm dGEzTNZoqqoVpBSkvm7qe523zD5c3resEAMS6gcs/kP0ut7LDLHlRJcxcnXQkoSCYnMZVwHxHLnIq 5fWjv+pa0aPyyaVhBi2miXoPsNOPLtDgzTiNBqmZe9mwZAhkTuvCtvUYF+8oWq7FS0pgiQZ9YYt2o IPp1FMSmduMb/s7blb4fTQChLLIY+EQtYX/QQvyvq1u1VaGkJoz5Vmm9CbyYpl0SZuByu+buO6wm4 KWPHW5QMVtcr/qJBR+Blob48j7vKDt2pSgqk0WcjsEKbeD2s5OfoqamFO/0uDvVcljcOoVrfv3Eb4 bYQuftqw==; Received: from fra-out-011.esa.eu-central-1.outbound.mail-perimeter.amazon.com ([52.28.197.132]) by desiato.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux)) id 1urZ6R-00000002gOT-0Hbv for linux-arm-kernel@lists.infradead.org; Thu, 28 Aug 2025 09:39:32 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazoncorp2; t=1756373971; x=1787909971; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=QxcRm5lfAR27jNQOt1Cv3ZD27Tadoj4JCPsxnEzoRq0=; b=eqmsxTJKZv6MpFCsVVCtBxtAtR3lEQQyZPC6AdzUAB1eB/JBa1LrFDZL /rvGwDEP97cOzUyhub306h81mqxJ9aP7VLe6TSJMaTGawLojgjkhxHXyL wadrqO8qkpH/5I3zX34tZh6sKflbdX31O6qATFUw2CqDpYu6k2+S/KMvo I8DNJxFuekzkXzpg02VZkLBgr1m+kMSdSgNejve3AGYl7a/I2UA7ENY16 S75KU/T+ylGlUgxm0cAliACb6k5xhXlWXHPHANTRyOTgYsE6SG7syyzJY 0F/o7RIDnglutCghf/MDOjU1npDUTZC5nrHi12Cd1ARNauShT71VCKC5B Q==; X-CSE-ConnectionGUID: 7aAfSXOpQhSh0GmR202udQ== X-CSE-MsgGUID: 784e2/YRTTud5uoKzM+cEg== X-IronPort-AV: E=Sophos;i="6.17,290,1747699200"; d="scan'208";a="1198436" Received: from ip-10-6-3-216.eu-central-1.compute.internal (HELO smtpout.naws.eu-central-1.prod.farcaster.email.amazon.dev) ([10.6.3.216]) by internal-fra-out-011.esa.eu-central-1.outbound.mail-perimeter.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Aug 2025 09:39:18 +0000 Received: from EX19MTAEUC002.ant.amazon.com [54.240.197.228:9852] by smtpin.naws.eu-central-1.prod.farcaster.email.amazon.dev [10.0.18.197:2525] with esmtp (Farcaster) id f40bcc95-ba71-4bbc-8aef-317484c6e4a7; Thu, 28 Aug 2025 09:39:18 +0000 (UTC) X-Farcaster-Flow-ID: f40bcc95-ba71-4bbc-8aef-317484c6e4a7 Received: from EX19D015EUB002.ant.amazon.com (10.252.51.123) by EX19MTAEUC002.ant.amazon.com (10.252.51.181) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.2562.17; Thu, 28 Aug 2025 09:39:17 +0000 Received: from EX19D015EUB004.ant.amazon.com (10.252.51.13) by EX19D015EUB002.ant.amazon.com (10.252.51.123) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.2562.17; Thu, 28 Aug 2025 09:39:17 +0000 Received: from EX19D015EUB004.ant.amazon.com ([fe80::2dc9:7aa9:9cd3:fc8a]) by EX19D015EUB004.ant.amazon.com ([fe80::2dc9:7aa9:9cd3:fc8a%3]) with mapi id 15.02.2562.017; Thu, 28 Aug 2025 09:39:17 +0000 From: "Roy, Patrick" To: "david@redhat.com" , "seanjc@google.com" CC: "Roy, Patrick" , "tabba@google.com" , "ackerleytng@google.com" , "pbonzini@redhat.com" , "kvm@vger.kernel.org" , "linux-arm-kernel@lists.infradead.org" , "kvmarm@lists.linux.dev" , "linux-kernel@vger.kernel.org" , "linux-mm@kvack.org" , "rppt@kernel.org" , "will@kernel.org" , "vbabka@suse.cz" , "Cali, Marco" , "Kalyazin, Nikita" , "Thomson, Jack" , "Manwaring, Derek" Subject: [PATCH v5 02/12] arch: export set_direct_map_valid_noflush to KVM module Thread-Topic: [PATCH v5 02/12] arch: export set_direct_map_valid_noflush to KVM module Thread-Index: AQHcF/+fQN7WhMNbEkOkKSoqsUoNyw== Date: Thu, 28 Aug 2025 09:39:17 +0000 Message-ID: <20250828093902.2719-3-roypat@amazon.co.uk> References: <20250828093902.2719-1-roypat@amazon.co.uk> In-Reply-To: <20250828093902.2719-1-roypat@amazon.co.uk> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [172.19.88.180] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250828_103931_339379_EF13B163 X-CRM114-Status: UNSURE ( 7.56 ) X-CRM114-Notice: Please train this message. X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Use the new per-module export functionality to allow KVM (and only KVM)=0A= access to set_direct_map_valid_noflush(). This allows guest_memfd to=0A= remove its memory from the direct map, even if KVM is built as a module.=0A= =0A= Direct map removal gives guest_memfd the same protection that=0A= memfd_secret enjoys, such as hardening against Spectre-like attacks=0A= through in-kernel gadgets.=0A= =0A= Signed-off-by: Patrick Roy =0A= ---=0A= arch/arm64/mm/pageattr.c | 1 +=0A= arch/loongarch/mm/pageattr.c | 1 +=0A= arch/riscv/mm/pageattr.c | 1 +=0A= arch/s390/mm/pageattr.c | 1 +=0A= arch/x86/mm/pat/set_memory.c | 1 +=0A= 5 files changed, 5 insertions(+)=0A= =0A= diff --git a/arch/arm64/mm/pageattr.c b/arch/arm64/mm/pageattr.c=0A= index 04d4a8f676db..4f3cddfab9b0 100644=0A= --- a/arch/arm64/mm/pageattr.c=0A= +++ b/arch/arm64/mm/pageattr.c=0A= @@ -291,6 +291,7 @@ int set_direct_map_valid_noflush(struct page *page, uns= igned nr, bool valid)=0A= =0A= return set_memory_valid(addr, nr, valid);=0A= }=0A= +EXPORT_SYMBOL_FOR_MODULES(set_direct_map_valid_noflush, "kvm");=0A= =0A= #ifdef CONFIG_DEBUG_PAGEALLOC=0A= /*=0A= diff --git a/arch/loongarch/mm/pageattr.c b/arch/loongarch/mm/pageattr.c=0A= index f5e910b68229..d076bfd3fcbf 100644=0A= --- a/arch/loongarch/mm/pageattr.c=0A= +++ b/arch/loongarch/mm/pageattr.c=0A= @@ -217,6 +217,7 @@ int set_direct_map_invalid_noflush(struct page *page)= =0A= =0A= return __set_memory(addr, 1, __pgprot(0), __pgprot(_PAGE_PRESENT | _PAGE_= VALID));=0A= }=0A= +EXPORT_SYMBOL_FOR_MODULES(set_direct_map_valid_noflush, "kvm");=0A= =0A= int set_direct_map_valid_noflush(struct page *page, unsigned nr, bool vali= d)=0A= {=0A= diff --git a/arch/riscv/mm/pageattr.c b/arch/riscv/mm/pageattr.c=0A= index 3f76db3d2769..6db31040cd66 100644=0A= --- a/arch/riscv/mm/pageattr.c=0A= +++ b/arch/riscv/mm/pageattr.c=0A= @@ -400,6 +400,7 @@ int set_direct_map_valid_noflush(struct page *page, uns= igned nr, bool valid)=0A= =0A= return __set_memory((unsigned long)page_address(page), nr, set, clear);= =0A= }=0A= +EXPORT_SYMBOL_FOR_MODULES(set_direct_map_valid_noflush, "kvm");=0A= =0A= #ifdef CONFIG_DEBUG_PAGEALLOC=0A= static int debug_pagealloc_set_page(pte_t *pte, unsigned long addr, void *= data)=0A= diff --git a/arch/s390/mm/pageattr.c b/arch/s390/mm/pageattr.c=0A= index 348e759840e7..8ffd9ef09bc6 100644=0A= --- a/arch/s390/mm/pageattr.c=0A= +++ b/arch/s390/mm/pageattr.c=0A= @@ -413,6 +413,7 @@ int set_direct_map_valid_noflush(struct page *page, uns= igned nr, bool valid)=0A= =0A= return __set_memory((unsigned long)page_to_virt(page), nr, flags);=0A= }=0A= +EXPORT_SYMBOL_FOR_MODULES(set_direct_map_valid_noflush, "kvm");=0A= =0A= bool kernel_page_present(struct page *page)=0A= {=0A= diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c=0A= index 8834c76f91c9..87e9c7d2dcdc 100644=0A= --- a/arch/x86/mm/pat/set_memory.c=0A= +++ b/arch/x86/mm/pat/set_memory.c=0A= @@ -2661,6 +2661,7 @@ int set_direct_map_valid_noflush(struct page *page, u= nsigned nr, bool valid)=0A= =0A= return __set_pages_np(page, nr);=0A= }=0A= +EXPORT_SYMBOL_FOR_MODULES(set_direct_map_valid_noflush, "kvm");=0A= =0A= #ifdef CONFIG_DEBUG_PAGEALLOC=0A= void __kernel_map_pages(struct page *page, int numpages, int enable)=0A= -- =0A= 2.50.1=0A= =0A=