From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7660B357CFF for ; Fri, 3 Jul 2026 05:30:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=217.140.110.172 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783056653; cv=none; b=oLIPmE17/6T5Etds/68cJI7pT3plb96Hj4IL0qbczUE3xJG63iNMRFEs4DPTPYtXZ+5MnatlkABK9Sa+k1r8Nuikl1PfxxSut2+Wjnc+dnaoOpP451YQed5P9dRDd4i0x3KBTdODMOQi/i1oK1vsJzkr0Pm6vIX+S88TJPREkYQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783056653; c=relaxed/simple; bh=x/FZbZRvlfgDKJ87XGqUbVjYmJN5YLYtikgDpbbk+3s=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=XBTMeuDDKdaC+pSwRdjGsQh+MASi1cNT4Q3eL22FhLeaLHuTWlRFACo9GlWFOgG80ULGhfzl2tRTvXLboH/sVJR2aZappQmaKKXeQ3zP6g/SU9JaKcA8mwyD7p/hICPBk/y1ZQ7y/jaqWifgK1FS6kPTIi5QjxDuY2tWWA9DNmQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com; spf=pass smtp.mailfrom=arm.com; dkim=pass (1024-bit key) header.d=arm.com header.i=@arm.com header.b=gRZT5Ayc; arc=none smtp.client-ip=217.140.110.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=arm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=arm.com header.i=@arm.com header.b="gRZT5Ayc" Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 19BAB1D34; Thu, 2 Jul 2026 22:30:40 -0700 (PDT) Received: from [10.164.19.15] (unknown [10.164.19.15]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 93E953F673; Thu, 2 Jul 2026 22:30:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=arm.com; s=foss; t=1783056644; bh=x/FZbZRvlfgDKJ87XGqUbVjYmJN5YLYtikgDpbbk+3s=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=gRZT5Aycj8nb9nzE9CkfCAmO1Pk+zt96vwJ0a+6cKk6Wn/mIV1tYxcrUG/53HkHzj hn2MLdJulVDpzweQyjtnhqxSXAs3RDgKOuCTNjnCpg+4zOinXDuxDvU/Xyloz5ww/k V36SggskoTyyC6c++z8jGDd4uZBRW8buLuFGqQZY= Message-ID: <1ef238fd-232c-4b8a-b28d-cd20db57bcfc@arm.com> Date: Fri, 3 Jul 2026 11:00:32 +0530 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v2 6/6] mm/mprotect: use huge_ptep_get() for hugetlb To: "David Hildenbrand (Arm)" , muchun.song@linux.dev, osalvador@suse.de, akpm@linux-foundation.org, ljs@kernel.org, liam@infradead.org Cc: riel@surriel.com, vbabka@kernel.org, harry@kernel.org, jannh@google.com, lance.yang@linux.dev, kas@kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, rcampbell@nvidia.com, apopple@nvidia.com, ziy@nvidia.com, matthew.brost@intel.com, joshua.hahnjy@gmail.com, rakie.kim@sk.com, byungchul@sk.com, gourry@gourry.net, ying.huang@linux.alibaba.com, j-nomura@ce.jp.nec.com, nao.horiguchi@gmail.com, ak@linux.intel.com, mel@csn.ul.ie, pfalcato@suse.de, jpoimboe@kernel.org, dave.hansen@intel.com, tglx@kernel.org, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, ryan.roberts@arm.com, anshuman.khandual@arm.com References: <20260702051341.126509-1-dev.jain@arm.com> <20260702051341.126509-7-dev.jain@arm.com> Content-Language: en-US From: Dev Jain In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 02/07/26 9:17 pm, David Hildenbrand (Arm) wrote: > On 7/2/26 07:13, Dev Jain wrote: >> prot_none_hugetlb_entry() is the hugetlb callback for the early >> mprotect(PROT_NONE) PFN permission walk on x86. >> >> The callback passes the decoded PFN to pfn_modify_allowed(). For a >> hugetlb callback, the pte pointer refers to a hugetlb entry. On >> architectures where hugetlb entries need huge_ptep_get(), reading that >> entry with ptep_get() can make the permission check use the wrong PFN. >> >> Use huge_ptep_get() before decoding the hugetlb PFN. >> >> Currently there is no path which can trigger a bug: huge_ptep_get() is a >> simple ptep_get() for x86, and the prot_none walk occurs only for x86. >> >> So no need to backport - use the correct helper anyways. >> >> Fixes: 42e4089c7890 ("x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings") >> Signed-off-by: Dev Jain >> --- >> mm/mprotect.c | 8 +++++++- >> 1 file changed, 7 insertions(+), 1 deletion(-) >> >> diff --git a/mm/mprotect.c b/mm/mprotect.c >> index 9cbf932b028cf..23779632d18bf 100644 >> --- a/mm/mprotect.c >> +++ b/mm/mprotect.c >> @@ -699,14 +699,20 @@ static int prot_none_pte_entry(pte_t *pte, unsigned long addr, >> 0 : -EACCES; >> } >> >> +#ifdef CONFIG_HUGETLB_PAGE >> static int prot_none_hugetlb_entry(pte_t *pte, unsigned long hmask, >> unsigned long addr, unsigned long next, >> struct mm_walk *walk) >> { >> - return pfn_modify_allowed(pte_pfn(ptep_get(pte)), >> + pte_t entry = huge_ptep_get(walk->mm, addr, pte); > > Nit: can be const :) > >> + >> + return pfn_modify_allowed(pte_pfn(entry), >> *(pgprot_t *)(walk->private)) ? >> 0 : -EACCES; > > Indentation is odd. > > Can we just make this readable? > > if (pfn_modify_allowed ...) > return 0 > return -EACCESS; > Sure I'll do this. >