From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1C119EE4993 for ; Wed, 23 Aug 2023 13:17:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A586B28006F; Wed, 23 Aug 2023 09:17:32 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A0A4928005D; Wed, 23 Aug 2023 09:17:32 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 900A128006F; Wed, 23 Aug 2023 09:17:32 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 80D7E28005D for ; Wed, 23 Aug 2023 09:17:32 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 5EA771A0120 for ; Wed, 23 Aug 2023 13:17:32 +0000 (UTC) X-FDA: 81155421144.12.BC58DED Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by imf11.hostedemail.com (Postfix) with ESMTP id 6A3E540002 for ; Wed, 23 Aug 2023 13:17:30 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=arm.com; spf=pass (imf11.hostedemail.com: domain of alexandru.elisei@arm.com designates 217.140.110.172 as permitted sender) smtp.mailfrom=alexandru.elisei@arm.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1692796650; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5fj6tIYo4ds0aZkTInoE9tiuTxGBTaiRl4FDFdunSvM=; b=hGVa60JrbmytdRCkmPOZJ/nWtyJxbbB4fiKsBOmO1U+UrhJAV7im5GaN4aI/y1DyAewLmO qcGI4pN0TshO2T5UvCXy7zGvjVvu3ERJ3Qn0+Sh3uC4vCp9ZXC5LXl4THuc+d54t/hrZJA Rs+aEQnB4NC0NvnC2Kl15ztd1FhcPUw= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=none; dmarc=pass (policy=none) header.from=arm.com; spf=pass (imf11.hostedemail.com: domain of alexandru.elisei@arm.com designates 217.140.110.172 as permitted sender) smtp.mailfrom=alexandru.elisei@arm.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1692796650; a=rsa-sha256; cv=none; b=4hwT2qq4ha0xG+NtIhghkskdBsEv8l/Uj6jkrRt0TCisVWoyhtLLRa3w/idJGAt/3XOjoR dJnO6OptBTIpiJXEpksm+HZSyTV6Jk+qgKqwBeNAhPnBXBpSDCG6BY75f4LDppDeikSsTZ 4n9bIyKAKf1hNyNb46N7xbZSHqg3S4Q= Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 4D5841756; Wed, 23 Aug 2023 06:18:10 -0700 (PDT) Received: from e121798.cable.virginm.net (unknown [172.31.20.19]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 6F2923F740; Wed, 23 Aug 2023 06:17:23 -0700 (PDT) From: Alexandru Elisei To: catalin.marinas@arm.com, will@kernel.org, oliver.upton@linux.dev, maz@kernel.org, james.morse@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, arnd@arndb.de, akpm@linux-foundation.org, mingo@redhat.com, peterz@infradead.org, juri.lelli@redhat.com, vincent.guittot@linaro.org, dietmar.eggemann@arm.com, rostedt@goodmis.org, bsegall@google.com, mgorman@suse.de, bristot@redhat.com, vschneid@redhat.com, mhiramat@kernel.org, rppt@kernel.org, hughd@google.com Cc: pcc@google.com, steven.price@arm.com, anshuman.khandual@arm.com, vincenzo.frascino@arm.com, david@redhat.com, eugenis@google.com, kcc@google.com, hyesoo.yu@samsung.com, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, kvmarm@lists.linux.dev, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-mm@kvack.org, linux-trace-kernel@vger.kernel.org Subject: [PATCH RFC 31/37] mm: arm64: Set PAGE_METADATA_NONE in set_pte_at() if missing metadata storage Date: Wed, 23 Aug 2023 14:13:44 +0100 Message-Id: <20230823131350.114942-32-alexandru.elisei@arm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230823131350.114942-1-alexandru.elisei@arm.com> References: <20230823131350.114942-1-alexandru.elisei@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 6A3E540002 X-Stat-Signature: qn47nczixura7dr64zmbf8quowsajimc X-HE-Tag: 1692796650-285581 X-HE-Meta: U2FsdGVkX1+WZ6mMjPfh0XBXcjk997IyHKHHInohM+p5Kk68SKKy7aY9QRYLJJbSQaAxxAQGRpNmk9Te/6jz4n6tZ9CCpfqV58d6ai+SlxYJBjtnIAg3mVfghUQ1+8oOkTS5lToRFrozGpHwZcdyMYnr6gGWFjVJFd6wRogK/jCawzLkrsgeCkTAyfS2u/TCIONzEzmDBuysQ/SXvPinPP+QDr06IX7Iuxq6oECxvffBlgQfROfDVRoL4qbTS8sXLOzJh4lWCbqb24vW/OJ+kw0/rxMs3OXA7CdT2U2tDeaDGFarHiInE/+vJMRY3IHSjmqutN76MoZOa93ud+H2D+fSqMkmaDN2STWaP9nqpNLE5ic9mKpIHMAdCTUHtF16AUULe5FGyh8QmIKpNgLoEZiBqUWtpHDnPW3zYTegU4/t1PqY570WHbsSXT+Pz1VDatIW1jkaI7Z0gW2lpLIBFLrMwx6/AmaR8dKgAnFi8Sokh/btgTk6QpkN+VLh92412ytzrfVOra4UD2q9v5rZwyA3T/x+jjzoDNzXGHtiwrrghAheOzm1TLH/wgK51Ru/6CIjqDa8qgA0KcI1/tQnEcCinei7HTpDO/CP0+/MHaRfFcM243KdHPq9ThpuK82duYP7tVrTwmEpvMFmlZFGT+618rFWIL6pHhZuQF4LKgYSSHjh4N1dHLLSOh4xr/bVtbUUuRYoubi3F/3uuAcODuEJ5zKc2qOBi8z299pHw2UlGB3araMKICnOs85+lofkrOtn3AP/VV6a9G8qqcZ6bZURxDdvOMlW1fidenYsvsffmQg1ekxjcCGFd+LZSzP/SYp09BdfdCdFFKoVRsK1AqypCknvFNbN9zy3gnRd/c1EyNDBCXsWQETyZSpYdfjkwvmjFqXWv+yWncEfAxuFk0nZz4FCuWm4bsgicuCc6L6BcVV6Ern+D6LsOkMTAY5Ab8QQ+RVHHoQH+H6LTBi UztE6UAy VlsjRKwNnAH6f1pZ57ahZGUAr85Pv2n2tOfIeZvU00VLMbULpCilVWIyhy0WLjRRBfcGsGn09mUHX3OkzeI5oprWY+cRzUPO5+btR/NcfBnLkfGxYKvduN0pDnG9vCY/Ch0KAmwHb+yx8ZWZhZ1PF4PoQnD/SnjUMSBKagWqgKs1UOPpWftaUy4rbh5I3TUPvN+qF/r/hVT6r2Yw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: When a metadata page is mapped in the process address space and then mprotect(PROT_MTE) changes the VMA flags to allow the use of tags, the page is migrated out when it is first accessed. But this creates an interesting corner case. Let's consider the scenario: Initial conditions: metadata page M1 and page P1 are mapped in a VMA without VM_MTE. The metadata storage for page P1 is **metadata page M1**. 1. mprotect(PROT_MTE) changes the VMA, so now all pages must have the associated metadata storage reserved. The to-be-tagged pages are marked as PAGE_METADATA_NONE. 2. Page P1 is accessed and metadata page M1 must be reserved. 3. Because it is mapped, the metadata storage code will migrate metadata page M1. The replacement page for M1, page P2, is allocated without metadata storage (__GFP_TAGGED is not set). This is done intentionally in reserve_metadata_storage() to avoid recursion and deadlock. 4. Migration finishes and page P2 replaces M1 in a VMA with VM_MTE set. The result: P2 is mapped in a VM_MTE VMA, but the associated metadata storage is not reserved. Fix this by teaching set_pte_at() -> mte_sync_tags() to change the PTE protection to PAGE_METADATA_NONE when the associated metadata storage is not reserved. Signed-off-by: Alexandru Elisei --- arch/arm64/include/asm/mte.h | 4 ++-- arch/arm64/include/asm/pgtable.h | 2 +- arch/arm64/kernel/mte.c | 14 +++++++++++--- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/arch/arm64/include/asm/mte.h b/arch/arm64/include/asm/mte.h index 70cfd09b4a11..e89d1fa3f410 100644 --- a/arch/arm64/include/asm/mte.h +++ b/arch/arm64/include/asm/mte.h @@ -108,7 +108,7 @@ static inline bool try_page_mte_tagging(struct page *page) } void mte_zero_clear_page_tags(void *addr); -void mte_sync_tags(pte_t pte); +void mte_sync_tags(pte_t *pteval); void mte_copy_page_tags(void *kto, const void *kfrom); void mte_thread_init_user(void); void mte_thread_switch(struct task_struct *next); @@ -140,7 +140,7 @@ static inline bool try_page_mte_tagging(struct page *page) static inline void mte_zero_clear_page_tags(void *addr) { } -static inline void mte_sync_tags(pte_t pte) +static inline void mte_sync_tags(pte_t *pteval) { } static inline void mte_copy_page_tags(void *kto, const void *kfrom) diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h index 2e42f7713425..e5e1c23afb14 100644 --- a/arch/arm64/include/asm/pgtable.h +++ b/arch/arm64/include/asm/pgtable.h @@ -338,7 +338,7 @@ static inline void __set_pte_at(struct mm_struct *mm, unsigned long addr, */ if (system_supports_mte() && pte_access_permitted(pte, false) && !pte_special(pte) && pte_tagged(pte)) - mte_sync_tags(pte); + mte_sync_tags(&pte); __check_safe_pte_update(mm, ptep, pte); diff --git a/arch/arm64/kernel/mte.c b/arch/arm64/kernel/mte.c index 4edecaac8f91..4556989f0b9e 100644 --- a/arch/arm64/kernel/mte.c +++ b/arch/arm64/kernel/mte.c @@ -20,7 +20,9 @@ #include #include +#include #include +#include #include #include @@ -35,13 +37,19 @@ DEFINE_STATIC_KEY_FALSE(mte_async_or_asymm_mode); EXPORT_SYMBOL_GPL(mte_async_or_asymm_mode); #endif -void mte_sync_tags(pte_t pte) +void mte_sync_tags(pte_t *pteval) { - struct page *page = pte_page(pte); + struct page *page = pte_page(*pteval); long i, nr_pages = compound_nr(page); - /* if PG_mte_tagged is set, tags have already been initialised */ for (i = 0; i < nr_pages; i++, page++) { + if (metadata_storage_enabled() && + unlikely(!page_tag_storage_reserved(page))) { + *pteval = pte_modify(*pteval, PAGE_METADATA_NONE); + continue; + } + + /* if PG_mte_tagged is set, tags have already been initialised */ if (try_page_mte_tagging(page)) { mte_clear_page_tags(page_address(page)); set_page_mte_tagged(page); -- 2.41.0