From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>
Cc: x86@kernel.org, Kostya Serebryany <kcc@google.com>,
Andrey Ryabinin <ryabinin.a.a@gmail.com>,
Andrey Konovalov <andreyknvl@gmail.com>,
Alexander Potapenko <glider@google.com>,
Taras Madan <tarasmadan@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
"H . J . Lu" <hjl.tools@gmail.com>,
Andi Kleen <ak@linux.intel.com>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Bharata B Rao <bharata@amd.com>,
Jacob Pan <jacob.jun.pan@linux.intel.com>,
Ashok Raj <ashok.raj@intel.com>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Subject: [PATCHv10 10/15] x86/mm, iommu/sva: Make LAM and SVM mutually exclusive
Date: Tue, 18 Oct 2022 14:33:53 +0300 [thread overview]
Message-ID: <20221018113358.7833-11-kirill.shutemov@linux.intel.com> (raw)
In-Reply-To: <20221018113358.7833-1-kirill.shutemov@linux.intel.com>
IOMMU and SVM-capable devices know nothing about LAM and only expect
canonical addresses. Attempt to pass down tagged pointer will lead to
address translation failure.
By default do not allow to enable both LAM and use SVM in the same
process.
The new ARCH_FORCE_TAGGED_SVM arch_prctl() overrides the limitation.
By using the arch_prctl() userspace takes responsibility to never pass
tagged address to the device.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
arch/x86/include/asm/mmu.h | 6 ++++--
arch/x86/include/asm/mmu_context.h | 2 ++
arch/x86/include/uapi/asm/prctl.h | 1 +
arch/x86/kernel/process_64.c | 13 +++++++++++++
drivers/iommu/iommu-sva-lib.c | 12 ++++++++++++
include/linux/mmu_context.h | 4 ++++
6 files changed, 36 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/mmu.h b/arch/x86/include/asm/mmu.h
index 2fdb390040b5..cce9b32b0d6d 100644
--- a/arch/x86/include/asm/mmu.h
+++ b/arch/x86/include/asm/mmu.h
@@ -9,9 +9,11 @@
#include <linux/bits.h>
/* Uprobes on this MM assume 32-bit code */
-#define MM_CONTEXT_UPROBE_IA32 BIT(0)
+#define MM_CONTEXT_UPROBE_IA32 BIT(0)
/* vsyscall page is accessible on this MM */
-#define MM_CONTEXT_HAS_VSYSCALL BIT(1)
+#define MM_CONTEXT_HAS_VSYSCALL BIT(1)
+/* Allow LAM and SVM coexisting */
+#define MM_CONTEXT_FORCE_TAGGED_SVM BIT(2)
/*
* x86 has arch-specific MMU state beyond what lives in mm_struct.
diff --git a/arch/x86/include/asm/mmu_context.h b/arch/x86/include/asm/mmu_context.h
index b0e9ea23758b..6b9ac2c60cec 100644
--- a/arch/x86/include/asm/mmu_context.h
+++ b/arch/x86/include/asm/mmu_context.h
@@ -113,6 +113,8 @@ static inline void mm_reset_untag_mask(struct mm_struct *mm)
mm->context.untag_mask = -1UL;
}
+#define arch_pgtable_dma_compat(mm) \
+ (!mm_lam_cr3_mask(mm) || (mm->context.flags & MM_CONTEXT_FORCE_TAGGED_SVM))
#else
static inline unsigned long mm_lam_cr3_mask(struct mm_struct *mm)
diff --git a/arch/x86/include/uapi/asm/prctl.h b/arch/x86/include/uapi/asm/prctl.h
index a31e27b95b19..7bd22defb558 100644
--- a/arch/x86/include/uapi/asm/prctl.h
+++ b/arch/x86/include/uapi/asm/prctl.h
@@ -23,5 +23,6 @@
#define ARCH_GET_UNTAG_MASK 0x4001
#define ARCH_ENABLE_TAGGED_ADDR 0x4002
#define ARCH_GET_MAX_TAG_BITS 0x4003
+#define ARCH_FORCE_TAGGED_SVM 0x4004
#endif /* _ASM_X86_PRCTL_H */
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index 9952e9f517ec..8faa8774bb93 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -783,6 +783,13 @@ static int prctl_enable_tagged_addr(struct mm_struct *mm, unsigned long nr_bits)
goto out;
}
+#ifdef CONFIG_IOMMU_SVA
+ if (pasid_valid(mm->pasid) &&
+ !(mm->context.flags & MM_CONTEXT_FORCE_TAGGED_SVM)) {
+ ret = -EBUSY;
+ goto out;
+ }
+#endif
if (!nr_bits) {
ret = -EINVAL;
goto out;
@@ -893,6 +900,12 @@ long do_arch_prctl_64(struct task_struct *task, int option, unsigned long arg2)
(unsigned long __user *)arg2);
case ARCH_ENABLE_TAGGED_ADDR:
return prctl_enable_tagged_addr(task->mm, arg2);
+ case ARCH_FORCE_TAGGED_SVM:
+ if (mmap_write_lock_killable(task->mm))
+ return -EINTR;
+ task->mm->context.flags |= MM_CONTEXT_FORCE_TAGGED_SVM;
+ mmap_write_unlock(task->mm);
+ return 0;
case ARCH_GET_MAX_TAG_BITS:
if (!cpu_feature_enabled(X86_FEATURE_LAM))
return put_user(0, (unsigned long __user *)arg2);
diff --git a/drivers/iommu/iommu-sva-lib.c b/drivers/iommu/iommu-sva-lib.c
index 106506143896..593ae2472e2c 100644
--- a/drivers/iommu/iommu-sva-lib.c
+++ b/drivers/iommu/iommu-sva-lib.c
@@ -2,6 +2,8 @@
/*
* Helpers for IOMMU drivers implementing SVA
*/
+#include <linux/mm.h>
+#include <linux/mmu_context.h>
#include <linux/mutex.h>
#include <linux/sched/mm.h>
@@ -31,6 +33,15 @@ int iommu_sva_alloc_pasid(struct mm_struct *mm, ioasid_t min, ioasid_t max)
min == 0 || max < min)
return -EINVAL;
+ /* Serialize against address tagging enabling */
+ if (mmap_write_lock_killable(mm))
+ return -EINTR;
+
+ if (!arch_pgtable_dma_compat(mm)) {
+ mmap_write_unlock(mm);
+ return -EBUSY;
+ }
+
mutex_lock(&iommu_sva_lock);
/* Is a PASID already associated with this mm? */
if (pasid_valid(mm->pasid)) {
@@ -46,6 +57,7 @@ int iommu_sva_alloc_pasid(struct mm_struct *mm, ioasid_t min, ioasid_t max)
mm_pasid_set(mm, pasid);
out:
mutex_unlock(&iommu_sva_lock);
+ mmap_write_unlock(mm);
return ret;
}
EXPORT_SYMBOL_GPL(iommu_sva_alloc_pasid);
diff --git a/include/linux/mmu_context.h b/include/linux/mmu_context.h
index b9b970f7ab45..115e2b518079 100644
--- a/include/linux/mmu_context.h
+++ b/include/linux/mmu_context.h
@@ -28,4 +28,8 @@ static inline void leave_mm(int cpu) { }
# define task_cpu_possible(cpu, p) cpumask_test_cpu((cpu), task_cpu_possible_mask(p))
#endif
+#ifndef arch_pgtable_dma_compat
+#define arch_pgtable_dma_compat(mm) true
+#endif
+
#endif
--
2.38.0
next prev parent reply other threads:[~2022-10-18 11:34 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-18 11:33 [PATCHv10 00/15] Linear Address Masking enabling Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 01/15] x86/mm: Fix CR3_ADDR_MASK Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 02/15] x86: CPUID and CR3/CR4 flags for Linear Address Masking Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 03/15] mm: Pass down mm_struct to untagged_addr() Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 04/15] x86/mm: Handle LAM on context switch Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 05/15] x86/uaccess: Provide untagged_addr() and remove tags before address check Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 06/15] KVM: Serialize tagged address check against tagging enabling Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 07/15] x86/mm: Provide arch_prctl() interface for LAM Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 08/15] x86/mm: Reduce untagged_addr() overhead until the first LAM user Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 09/15] x86: Expose untagging mask in /proc/$PID/arch_status Kirill A. Shutemov
2022-10-18 21:02 ` Dave Hansen
2022-10-18 22:24 ` Kirill A. Shutemov
2022-10-18 22:41 ` Dave Hansen
2022-10-18 11:33 ` Kirill A. Shutemov [this message]
2022-10-18 20:07 ` [PATCHv10 10/15] x86/mm, iommu/sva: Make LAM and SVM mutually exclusive Ashok Raj
2022-10-18 22:35 ` Kirill A. Shutemov
2022-10-18 23:59 ` Ashok Raj
2022-10-18 21:00 ` Dave Hansen
2022-10-18 22:33 ` Kirill A. Shutemov
2022-10-18 22:43 ` Dave Hansen
2022-10-19 0:17 ` Kirill A. Shutemov
2022-10-19 7:04 ` Vasant Hegde
2022-10-18 11:33 ` [PATCHv10 11/15] selftests/x86/lam: Add malloc and tag-bits test cases for linear-address masking Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 12/15] selftests/x86/lam: Add mmap and SYSCALL " Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 13/15] selftests/x86/lam: Add io_uring " Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 14/15] selftests/x86/lam: Add inherit " Kirill A. Shutemov
2022-10-18 11:33 ` [PATCHv10 15/15] selftests/x86/lam: Add ARCH_FORCE_TAGGED_SVM " Kirill A. Shutemov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221018113358.7833-11-kirill.shutemov@linux.intel.com \
--to=kirill.shutemov@linux.intel.com \
--cc=ak@linux.intel.com \
--cc=andreyknvl@gmail.com \
--cc=ashok.raj@intel.com \
--cc=bharata@amd.com \
--cc=dave.hansen@linux.intel.com \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=hjl.tools@gmail.com \
--cc=jacob.jun.pan@linux.intel.com \
--cc=kcc@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=ryabinin.a.a@gmail.com \
--cc=tarasmadan@google.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox