From: Daniel Axtens <dja@axtens.net>
To: Christophe Leroy <christophe.leroy@csgroup.eu>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
linuxppc-dev@lists.ozlabs.org, kasan-dev@googlegroups.com,
aneesh.kumar@linux.ibm.com, bsingharora@gmail.com
Subject: Re: [PATCH v11 0/6] KASAN for powerpc64 radix
Date: Tue, 23 Mar 2021 12:21:32 +1100 [thread overview]
Message-ID: <87ft0mbr6r.fsf@dja-thinkpad.axtens.net> (raw)
In-Reply-To: <5a3b5952-b31f-42bf-eaf4-ea24444f8df6@csgroup.eu>
Hi Christophe,
> In the discussion we had long time ago,
> https://patchwork.ozlabs.org/project/linuxppc-dev/patch/20190806233827.16454-5-dja@axtens.net/#2321067
> , I challenged you on why it was not possible to implement things the same way as other
> architectures, in extenso with an early mapping.
>
> Your first answer was that too many things were done in real mode at startup. After some discussion
> you said that finally there was not that much things at startup but the issue was KVM.
>
> Now you say that instrumentation on KVM is fully disabled.
>
> So my question is, if KVM is not a problem anymore, why not go the standard way with an early shadow
> ? Then you could also support inline instrumentation.
Fair enough, I've had some trouble both understanding the problem myself
and clearly articulating it. Let me try again.
We need translations on to access the shadow area.
We reach setup_64.c::early_setup() with translations off. At this point
we don't know what MMU we're running under, or our CPU features.
To determine our MMU and CPU features, early_setup() calls functions
(dt_cpu_ftrs_init, early_init_devtree) that call out to generic code
like of_scan_flat_dt. We need to do this before we turn on translations
because we can't set up the MMU until we know what MMU we have.
So this puts us in a bind:
- We can't set up an early shadow until we have translations on, which
requires that the MMU is set up.
- We can't set up an MMU until we call out to generic code for FDT
parsing.
So there will be calls to generic FDT parsing code that happen before the
early shadow is set up.
The setup code also prints a bunch of information about the platform
with printk() while translations are off, so it wouldn't even be enough
to disable instrumentation for bits of the generic DT code on ppc64.
Does that make sense? If you can figure out how to 'square the circle'
here I'm all ears.
Other notes:
- There's a comment about printk() being 'safe' in early_setup(), that
refers to having a valid PACA, it doesn't mean that it's safe in any
other sense.
- KVM does indeed also run stuff with translations off but we can catch
all of that by disabling instrumentation on the real-mode handlers:
it doesn't seem to leak out to generic code. So you are right that
KVM is no longer an issue.
Kind regards,
Daniel
>
> Christophe
next prev parent reply other threads:[~2021-03-23 1:21 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-19 14:40 Daniel Axtens
2021-03-19 14:40 ` [PATCH v11 1/6] kasan: allow an architecture to disable inline instrumentation Daniel Axtens
2021-03-20 1:46 ` Balbir Singh
2021-03-22 0:29 ` Daniel Axtens
2021-03-22 11:08 ` Michael Ellerman
2021-03-22 8:18 ` Marco Elver
2021-03-19 14:40 ` [PATCH v11 2/6] kasan: allow architectures to provide an outline readiness check Daniel Axtens
2021-03-22 8:17 ` Marco Elver
2021-03-19 14:40 ` [PATCH v11 3/6] kasan: define and use MAX_PTRS_PER_* for early shadow tables Daniel Axtens
2021-03-19 14:40 ` [PATCH v11 4/6] kasan: Document support on 32-bit powerpc Daniel Axtens
2021-03-19 14:40 ` [PATCH v11 5/6] powerpc/mm/kasan: rename kasan_init_32.c to init_32.c Daniel Axtens
2021-03-19 14:40 ` [PATCH v11 6/6] powerpc: Book3S 64-bit outline-only KASAN support Daniel Axtens
2021-03-20 6:02 ` Balbir Singh
2021-03-22 0:55 ` Daniel Axtens
2021-03-22 2:59 ` Balbir Singh
2021-03-22 5:52 ` Daniel Axtens
2021-03-22 15:14 ` Christophe Leroy
2021-04-21 12:29 ` Christophe Leroy
2021-03-20 1:40 ` [PATCH v11 0/6] KASAN for powerpc64 radix Balbir Singh
2021-03-22 14:32 ` Christophe Leroy
2021-03-23 1:21 ` Daniel Axtens [this message]
2021-03-23 13:27 ` Christophe Leroy
2021-03-29 23:53 ` Michael Ellerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ft0mbr6r.fsf@dja-thinkpad.axtens.net \
--to=dja@axtens.net \
--cc=aneesh.kumar@linux.ibm.com \
--cc=bsingharora@gmail.com \
--cc=christophe.leroy@csgroup.eu \
--cc=kasan-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox