From: Ard Biesheuvel <ardb+git@google.com>
To: linux-arm-kernel@lists.infradead.org
Cc: linux-kernel@vger.kernel.org, will@kernel.org,
catalin.marinas@arm.com, mark.rutland@arm.com,
Ard Biesheuvel <ardb@kernel.org>,
Ryan Roberts <ryan.roberts@arm.com>,
Anshuman Khandual <anshuman.khandual@arm.com>,
Liz Prucka <lizprucka@google.com>,
Seth Jenkins <sethjenkins@google.com>,
Kees Cook <kees@kernel.org>, Mike Rapoport <rppt@kernel.org>,
David Hildenbrand <david@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Jann Horn <jannh@google.com>,
linux-mm@kvack.org, linux-hardening@vger.kernel.org,
linuxppc-dev@lists.ozlabs.org, linux-sh@vger.kernel.org,
Madhavan Srinivasan <maddy@linux.ibm.com>,
Michael Ellerman <mpe@ellerman.id.au>,
Nicholas Piggin <npiggin@gmail.com>,
"Christophe Leroy (CS GROUP)" <chleroy@kernel.org>
Subject: [PATCH v6 12/15] powerpc/code-patching: Avoid r/w mapping of the zero page
Date: Tue, 26 May 2026 19:58:59 +0200 [thread overview]
Message-ID: <20260526175846.2694125-29-ardb+git@google.com> (raw)
In-Reply-To: <20260526175846.2694125-17-ardb+git@google.com>
From: Ard Biesheuvel <ardb@kernel.org>
The only remaining use of map_patch_area() is mapping the zero page, and
immediately unmapping it again so that the intermediate page table
levels are all guaranteed to be populated.
The use of the zero page here is completely arbitrary, and not harmful
per se, but currently, it creates a writable mapping, and does so in a
manner that requires that the empty_zero_page[] symbol is not
const-qualified.
Given that this is about to change, and that map_patch_area() now never
maps anything other than the zero page, let's simplify the code and
- remove the helpers and call [un]map_kernel_page() directly
- take the PA of empty_zero_page directly
- create a read-only temporary mapping.
This allows empty_zero_page[] to be repainted as const u8[] in a
subsequent patch, without making substantial changes to this code
patching logic.
Cc: Madhavan Srinivasan <maddy@linux.ibm.com>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Nicholas Piggin <npiggin@gmail.com>
Cc: "Christophe Leroy (CS GROUP)" <chleroy@kernel.org>
Link: https://lore.kernel.org/all/20260520085423.485402-1-ardb@kernel.org/
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
arch/powerpc/lib/code-patching.c | 52 +-------------------
1 file changed, 2 insertions(+), 50 deletions(-)
diff --git a/arch/powerpc/lib/code-patching.c b/arch/powerpc/lib/code-patching.c
index f84e0337cc02..44ff9f684bef 100644
--- a/arch/powerpc/lib/code-patching.c
+++ b/arch/powerpc/lib/code-patching.c
@@ -60,9 +60,6 @@ struct patch_context {
static DEFINE_PER_CPU(struct patch_context, cpu_patching_context);
-static int map_patch_area(void *addr, unsigned long text_poke_addr);
-static void unmap_patch_area(unsigned long addr);
-
static bool mm_patch_enabled(void)
{
return IS_ENABLED(CONFIG_SMP) && radix_enabled();
@@ -117,11 +114,11 @@ static int text_area_cpu_up(unsigned int cpu)
// Map/unmap the area to ensure all page tables are pre-allocated
addr = (unsigned long)area->addr;
- err = map_patch_area(empty_zero_page, addr);
+ err = map_kernel_page(addr, __pa_symbol(empty_zero_page), PAGE_KERNEL_RO);
if (err)
return err;
- unmap_patch_area(addr);
+ unmap_kernel_page(addr);
this_cpu_write(cpu_patching_context.area, area);
this_cpu_write(cpu_patching_context.addr, addr);
@@ -233,51 +230,6 @@ static unsigned long get_patch_pfn(void *addr)
return __pa_symbol(addr) >> PAGE_SHIFT;
}
-/*
- * This can be called for kernel text or a module.
- */
-static int map_patch_area(void *addr, unsigned long text_poke_addr)
-{
- unsigned long pfn = get_patch_pfn(addr);
-
- return map_kernel_page(text_poke_addr, (pfn << PAGE_SHIFT), PAGE_KERNEL);
-}
-
-static void unmap_patch_area(unsigned long addr)
-{
- pte_t *ptep;
- pmd_t *pmdp;
- pud_t *pudp;
- p4d_t *p4dp;
- pgd_t *pgdp;
-
- pgdp = pgd_offset_k(addr);
- if (WARN_ON(pgd_none(*pgdp)))
- return;
-
- p4dp = p4d_offset(pgdp, addr);
- if (WARN_ON(p4d_none(*p4dp)))
- return;
-
- pudp = pud_offset(p4dp, addr);
- if (WARN_ON(pud_none(*pudp)))
- return;
-
- pmdp = pmd_offset(pudp, addr);
- if (WARN_ON(pmd_none(*pmdp)))
- return;
-
- ptep = pte_offset_kernel(pmdp, addr);
- if (WARN_ON(pte_none(*ptep)))
- return;
-
- /*
- * In hash, pte_clear flushes the tlb, in radix, we have to
- */
- pte_clear(&init_mm, addr, ptep);
- flush_tlb_kernel_range(addr, addr + PAGE_SIZE);
-}
-
static int __do_patch_mem_mm(void *addr, unsigned long val, bool is_dword)
{
int err;
--
2.54.0.794.g4f17f83d09-goog
next prev parent reply other threads:[~2026-05-26 18:00 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-26 17:58 [PATCH v6 00/15] arm64: Unmap linear alias of kernel data/bss Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 01/15] arm64: mm: Remove bogus stop condition from map_mem() loop Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 02/15] arm64: mm: Drop redundant pgd_t* argument from map_mem() Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 03/15] arm64: mm: Check for pud_/pmd_set_huge() failures on kernel mappings Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 04/15] arm64: mm: Preserve existing table mappings when mapping DRAM Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 05/15] arm64: mm: Preserve non-contiguous descriptors " Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 06/15] arm64: mm: Permit contiguous descriptors to be manipulated Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 07/15] arm64: kfence: Avoid NOMAP tricks when mapping the early pool Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 08/15] arm64: mm: Permit contiguous attribute for preliminary mappings Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 09/15] arm64: Move fixmap and kasan page tables to end of kernel image Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 10/15] arm64: mm: Don't abuse memblock NOMAP to check for overlaps Ard Biesheuvel
2026-05-26 17:58 ` [PATCH v6 11/15] arm64: mm: Map the kernel data/bss read-only in the linear map Ard Biesheuvel
2026-05-26 17:58 ` Ard Biesheuvel [this message]
2026-05-26 17:59 ` [PATCH v6 13/15] sh: cast away constness from the zero page when flushing it from the cache Ard Biesheuvel
2026-05-26 17:59 ` [PATCH v6 14/15] mm: Make empty_zero_page[] const Ard Biesheuvel
2026-05-26 17:59 ` [PATCH v6 15/15] arm64: mm: Unmap kernel data/bss entirely from the linear map Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260526175846.2694125-29-ardb+git@google.com \
--to=ardb+git@google.com \
--cc=akpm@linux-foundation.org \
--cc=anshuman.khandual@arm.com \
--cc=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=chleroy@kernel.org \
--cc=david@kernel.org \
--cc=jannh@google.com \
--cc=kees@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-sh@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=lizprucka@google.com \
--cc=maddy@linux.ibm.com \
--cc=mark.rutland@arm.com \
--cc=mpe@ellerman.id.au \
--cc=npiggin@gmail.com \
--cc=rppt@kernel.org \
--cc=ryan.roberts@arm.com \
--cc=sethjenkins@google.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox