From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C88CAC77B76 for ; Mon, 17 Apr 2023 14:10:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:From:References:Cc:To: Subject:MIME-Version:Date:Message-ID:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Ic7av7BZdVOWA2TixraYi/lpdQNkR/W7Mg/pmTdnOkg=; b=HXPsWgvRCjtseD h7qpWSum4lZsulKkxPSDEPg6MSyuFTC/z9vP+CvDhbkQ3ZYiHwWG4AUoAatbEiHOmhZQJ79b/zAjR k8fCJt0jti53+L3Y0mBbu4NO5tPSsv7rUKZyEkWb+q4Ns8PNdMzvr3Wwuasl+CpuIft3jkuhXh6WI rkfyKhABgZMmLV4rac71zM257twLyNf84epgim1rOMXWSfwA5hbsiVJwPxoBxMGIBgVT60Gdzuq2u FO8M684NPExyhkJ9/oCNNPfPd3tQtwtUsn/yxCtuOKyOdVMglJnoVo25W2c4weRQMtTzAxclhwRJs eqhgOUh/0kemiG5OWjfg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1poPXm-00GXpL-1A; Mon, 17 Apr 2023 14:09:22 +0000 Received: from foss.arm.com ([217.140.110.172]) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1poPXj-00GXoN-1T for linux-arm-kernel@lists.infradead.org; Mon, 17 Apr 2023 14:09:21 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id BEF091FB; Mon, 17 Apr 2023 07:09:59 -0700 (PDT) Received: from [10.57.68.227] (unknown [10.57.68.227]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 5C0933F5A1; Mon, 17 Apr 2023 07:09:14 -0700 (PDT) Message-ID: Date: Mon, 17 Apr 2023 15:09:12 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.9.1 Subject: Re: [PATCH v3 25/60] arm64: head: Clear BSS and the kernel page tables in one go Content-Language: en-US To: Ard Biesheuvel Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, Catalin Marinas , Will Deacon , Marc Zyngier , Mark Rutland , Anshuman Khandual , Kees Cook References: <20230307140522.2311461-1-ardb@kernel.org> <20230307140522.2311461-26-ardb@kernel.org> <37412bd5-9e73-024f-26ab-a351853bc846@arm.com> From: Ryan Roberts In-Reply-To: X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230417_070919_589901_792F17E0 X-CRM114-Status: GOOD ( 22.83 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On 17/04/2023 15:02, Ard Biesheuvel wrote: > On Mon, 17 Apr 2023 at 16:00, Ryan Roberts wrote: >> >> On 07/03/2023 14:04, Ard Biesheuvel wrote: >>> We will move the CPU feature overrides into BSS in a subsequent patch, >>> and this requires that BSS is zeroed before the feature override >>> detection code runs. So let's map BSS read-write in the ID map, and zero >>> it via this mapping. >>> >>> Since the kernel page tables are right next to it, and also zeroed via >>> the ID map, let's drop the separate clear_page_tables() function, and >>> just zero everything in one go. >>> >>> Signed-off-by: Ard Biesheuvel >>> --- >>> arch/arm64/kernel/head.S | 33 +++++++------------- >>> 1 file changed, 11 insertions(+), 22 deletions(-) >>> >>> diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S >>> index 0fa44b3188c1e204..ade0cb99c8a83a3d 100644 >>> --- a/arch/arm64/kernel/head.S >>> +++ b/arch/arm64/kernel/head.S >>> @@ -177,17 +177,6 @@ SYM_CODE_START_LOCAL(preserve_boot_args) >>> ret >>> SYM_CODE_END(preserve_boot_args) >>> >>> -SYM_FUNC_START_LOCAL(clear_page_tables) >>> - /* >>> - * Clear the init page tables. >>> - */ >>> - adrp x0, init_pg_dir >>> - adrp x1, init_pg_end >>> - sub x2, x1, x0 >>> - mov x1, xzr >>> - b __pi_memset // tail call >>> -SYM_FUNC_END(clear_page_tables) >>> - >>> /* >>> * Macro to populate page table entries, these entries can be pointers to the next level >>> * or last level entries pointing to physical memory. >>> @@ -386,9 +375,9 @@ SYM_FUNC_START_LOCAL(create_idmap) >>> >>> map_memory x0, x1, x3, x6, x7, x3, IDMAP_PGD_ORDER, x10, x11, x12, x13, x14, EXTRA_SHIFT >>> >>> - /* Remap the kernel page tables r/w in the ID map */ >>> + /* Remap BSS and the kernel page tables r/w in the ID map */ >>> adrp x1, _text >>> - adrp x2, init_pg_dir >>> + adrp x2, __bss_start >>> adrp x3, _end >>> bic x4, x2, #SWAPPER_BLOCK_SIZE - 1 >>> mov x5, SWAPPER_RW_MMUFLAGS >>> @@ -489,14 +478,6 @@ SYM_FUNC_START_LOCAL(__primary_switched) >>> mov x0, x20 >>> bl set_cpu_boot_mode_flag >>> >>> - // Clear BSS >>> - adr_l x0, __bss_start >>> - mov x1, xzr >>> - adr_l x2, __bss_stop >>> - sub x2, x2, x0 >>> - bl __pi_memset >>> - dsb ishst // Make zero page visible to PTW >>> - >>> #if VA_BITS > 48 >>> adr_l x8, vabits_actual // Set this early so KASAN early init >>> str x25, [x8] // ... observes the correct value >>> @@ -780,6 +761,15 @@ SYM_FUNC_START_LOCAL(__primary_switch) >>> adrp x1, reserved_pg_dir >>> adrp x2, init_idmap_pg_dir >>> bl __enable_mmu >>> + >>> + // Clear BSS >>> + adrp x0, __bss_start >>> + mov x1, xzr >>> + adrp x2, init_pg_end >>> + sub x2, x2, x0 >>> + bl __pi_memset >>> + dsb ishst // Make zero page visible to PTW >> >> Is it possible to add an assert somewhere (or at the very least a comment in >> vmlinux.lds.S) to ensure that nothing gets inserted between the BSS and the page >> tables? It feels a bit fragile otherwise. >> > > I'm not sure that matters. The contents are not covered by the loaded > image so they are undefined otherwise in any case. OK, so you couldn't accidentally zero anything in the image. But it could represent a performance regression if something big was added between them that doesn't need to be zeroed. All hypothetical, but this is currently an unstated assumption that I think is worth stating at least as a comment in the linker script. > >> I also wonder what's the point in calling __pi_memset() from here? Why not just >> do it all in C? >> > > That happens in one of the subsequent patches. Ahh, cheers... Haven't got that far yet. (very impressive that you immediately knew that given you posted the series 6 weeks ago! I usually can't remember what I did yesterday ;-) _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel