From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=fGrr=KT=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-23.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,
	USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 4B597C04FF3
	for <linux-mm@archiver.kernel.org>; Mon, 24 May 2021 10:04:32 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id C4796610C8
	for <linux-mm@archiver.kernel.org>; Mon, 24 May 2021 10:04:31 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C4796610C8
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 6168D940067; Mon, 24 May 2021 06:04:31 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 5ECA9940055; Mon, 24 May 2021 06:04:31 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 418BE940067; Mon, 24 May 2021 06:04:31 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0075.hostedemail.com [216.40.44.75])
	by kanga.kvack.org (Postfix) with ESMTP id 0B88E940055
	for <linux-mm@kvack.org>; Mon, 24 May 2021 06:04:30 -0400 (EDT)
Received: from smtpin29.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay01.hostedemail.com (Postfix) with ESMTP id A3E9B180ACF9A
	for <linux-mm@kvack.org>; Mon, 24 May 2021 10:04:30 +0000 (UTC)
X-FDA: 78175689900.29.F8BF833
Received: from mail-ot1-f44.google.com (mail-ot1-f44.google.com [209.85.210.44])
	by imf12.hostedemail.com (Postfix) with ESMTP id 3BA492CA
	for <linux-mm@kvack.org>; Mon, 24 May 2021 10:04:23 +0000 (UTC)
Received: by mail-ot1-f44.google.com with SMTP id i12-20020a05683033ecb02903346fa0f74dso14063364otu.10
        for <linux-mm@kvack.org>; Mon, 24 May 2021 03:04:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=5LIVDxSTAx+v+3BlB7H3HwH9zYuBEuDEtS9LHuHrcO4=;
        b=rQkzdS5dztN31yOdw1eoDmv/6SnnGWs7N/EwYlHUkJUSqmG++CFUk6djblqQq1p1Hf
         w5ig1pZRrBrL+PjW0mdvPSshlnfyy/4gkY/UIFPp4vSTJJbqAofNYKdfPQDrbV1TLY/Q
         EWEs890k6LSIhThWNr+nPvCeDdLXK2iKIIXranfB8GXTqcxG9fB6RgcAirG3SkyDVp71
         +b2Op2vlfqOWOsUxCYHbNjtlPPWHidfpQv42OGIzyrdfM5DY1z7qihasF4w6LaObXi4w
         OtC6849vEPh10WPC/1ZgvsTQWFpEnlqCY2jSPSE3tZaGYPR1OCnCpMSoMZ7aEECFdo2L
         HUaw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=5LIVDxSTAx+v+3BlB7H3HwH9zYuBEuDEtS9LHuHrcO4=;
        b=E7HpNyhKj+vAcEbtslSIjdDR6Ih0v2OI4cXeuTq25smSrxbCBJHzWE7zBVJN9h5fBA
         u59CF0M0VT1dvmQoYIwJX6Qm4PKPCqr8XLJanjjNWvVhCjCbXQiuT8cqo1z/Flux2MPt
         2DZQRUNvMl2Wf4wEni9FIW1O3XFIG4uzn9MGkppHKU+ozxfKrzEqAmBb10dx3a+5sI/7
         zx8/RYQCWwt96/b9wzhyXjAlJ+8JGUCiZxESOA8RlObx957WFBaxK2sn1DZF44lbj6D3
         0aqPC+W7vHbfaRuY3e0SwNQYFSNSHzo+/Ob+VQetVvtp7NxgliKM63VLjxqxIkVyv/XR
         Yx4w==
X-Gm-Message-State: AOAM531zBXRfScgDKfKUHbZkkjBvuoR910jpoc5+ifcDwBTYKqq8yvsn
	ifMmI5fCuzZQmFHsFS+OIzWPCpw6oYom8wTSnODcew==
X-Google-Smtp-Source: ABdhPJyq8txa+iw2m92FjJqhBhzKDa7d/LMZI9ViqDJJaVaaD6CDDpVh1eFBYpew85q1Cy33X1Rxc3NOtLOnlTz7p5c=
X-Received: by 2002:a05:6830:349b:: with SMTP id c27mr18932645otu.251.1621850669515;
 Mon, 24 May 2021 03:04:29 -0700 (PDT)
MIME-Version: 1.0
References: <20210524172433.015b3b6b@xhacker.debian> <20210524172606.08dac28d@xhacker.debian>
In-Reply-To: <20210524172606.08dac28d@xhacker.debian>
From: Marco Elver <elver@google.com>
Date: Mon, 24 May 2021 12:04:18 +0200
Message-ID: <CANpmjNNuaYneLb3ScSwF=o0DnECBt4NRkBZJuwRqBrOKnTGPbA@mail.gmail.com>
Subject: Re: [PATCH 2/2] arm64: remove page granularity limitation from KFENCE
To: Jisheng Zhang <Jisheng.Zhang@synaptics.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>, 
	Alexander Potapenko <glider@google.com>, Dmitry Vyukov <dvyukov@google.com>, 
	Andrew Morton <akpm@linux-foundation.org>, 
	Linux ARM <linux-arm-kernel@lists.infradead.org>, LKML <linux-kernel@vger.kernel.org>, 
	kasan-dev <kasan-dev@googlegroups.com>, 
	Linux Memory Management List <linux-mm@kvack.org>, Mark Rutland <mark.rutland@arm.com>
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: 3BA492CA
Authentication-Results: imf12.hostedemail.com;
	dkim=pass header.d=google.com header.s=20161025 header.b=rQkzdS5d;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf12.hostedemail.com: domain of elver@google.com designates 209.85.210.44 as permitted sender) smtp.mailfrom=elver@google.com
X-Rspamd-Server: rspam03
X-Stat-Signature: 3dacnx15btxhaxssaq6bornw5o8hs5jw
X-HE-Tag: 1621850663-661627
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

+Cc Mark

On Mon, 24 May 2021 at 11:26, Jisheng Zhang <Jisheng.Zhang@synaptics.com> wrote:
>
> KFENCE requires linear map to be mapped at page granularity, so that
> it is possible to protect/unprotect single pages in the KFENCE pool.
> Currently if KFENCE is enabled, arm64 maps all pages at page
> granularity, it seems overkilled. In fact, we only need to map the
> pages in KFENCE pool itself at page granularity. We acchieve this goal
> by allocating KFENCE pool before paging_init() so we know the KFENCE
> pool address, then we take care to map the pool at page granularity
> during map_mem().
>
> Signed-off-by: Jisheng Zhang <Jisheng.Zhang@synaptics.com>
> ---
>  arch/arm64/kernel/setup.c |  3 +++
>  arch/arm64/mm/mmu.c       | 27 +++++++++++++++++++--------
>  2 files changed, 22 insertions(+), 8 deletions(-)
>
> diff --git a/arch/arm64/kernel/setup.c b/arch/arm64/kernel/setup.c
> index 61845c0821d9..51c0d6e8b67b 100644
> --- a/arch/arm64/kernel/setup.c
> +++ b/arch/arm64/kernel/setup.c
> @@ -18,6 +18,7 @@
>  #include <linux/screen_info.h>
>  #include <linux/init.h>
>  #include <linux/kexec.h>
> +#include <linux/kfence.h>
>  #include <linux/root_dev.h>
>  #include <linux/cpu.h>
>  #include <linux/interrupt.h>
> @@ -345,6 +346,8 @@ void __init __no_sanitize_address setup_arch(char **cmdline_p)
>
>         arm64_memblock_init();
>
> +       kfence_alloc_pool();
> +
>         paging_init();
>
>         acpi_table_upgrade();
> diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
> index 89b66ef43a0f..12712d31a054 100644
> --- a/arch/arm64/mm/mmu.c
> +++ b/arch/arm64/mm/mmu.c
> @@ -13,6 +13,7 @@
>  #include <linux/init.h>
>  #include <linux/ioport.h>
>  #include <linux/kexec.h>
> +#include <linux/kfence.h>
>  #include <linux/libfdt.h>
>  #include <linux/mman.h>
>  #include <linux/nodemask.h>
> @@ -515,10 +516,16 @@ static void __init map_mem(pgd_t *pgdp)
>          */
>         BUILD_BUG_ON(pgd_index(direct_map_end - 1) == pgd_index(direct_map_end));
>
> -       if (rodata_full || crash_mem_map || debug_pagealloc_enabled() ||
> -           IS_ENABLED(CONFIG_KFENCE))
> +       if (rodata_full || crash_mem_map || debug_pagealloc_enabled())
>                 flags |= NO_BLOCK_MAPPINGS | NO_CONT_MAPPINGS;
>
> +       /*
> +        * KFENCE requires linear map to be mapped at page granularity, so
> +        * temporarily skip mapping for __kfence_pool in the following
> +        * for-loop
> +        */
> +       memblock_mark_nomap(__pa(__kfence_pool), KFENCE_POOL_SIZE);
> +

Did you build this with CONFIG_KFENCE unset? I don't think it builds.

>         /*
>          * Take care not to create a writable alias for the
>          * read-only text and rodata sections of the kernel image.
> @@ -553,6 +560,15 @@ static void __init map_mem(pgd_t *pgdp)
>         __map_memblock(pgdp, kernel_start, kernel_end,
>                        PAGE_KERNEL, NO_CONT_MAPPINGS);
>         memblock_clear_nomap(kernel_start, kernel_end - kernel_start);
> +
> +       /*
> +        * Map the __kfence_pool at page granularity now.
> +        */
> +       __map_memblock(pgdp, __pa(__kfence_pool),
> +                      __pa(__kfence_pool + KFENCE_POOL_SIZE),
> +                      pgprot_tagged(PAGE_KERNEL),
> +                      NO_EXEC_MAPPINGS | NO_BLOCK_MAPPINGS | NO_CONT_MAPPINGS);
> +       memblock_clear_nomap(__pa(__kfence_pool), KFENCE_POOL_SIZE);
>  }
>
>  void mark_rodata_ro(void)
> @@ -1480,12 +1496,7 @@ int arch_add_memory(int nid, u64 start, u64 size,
>
>         VM_BUG_ON(!mhp_range_allowed(start, size, true));
>
> -       /*
> -        * KFENCE requires linear map to be mapped at page granularity, so that
> -        * it is possible to protect/unprotect single pages in the KFENCE pool.
> -        */
> -       if (rodata_full || debug_pagealloc_enabled() ||
> -           IS_ENABLED(CONFIG_KFENCE))
> +       if (rodata_full || debug_pagealloc_enabled())
>                 flags |= NO_BLOCK_MAPPINGS | NO_CONT_MAPPINGS;
>
>         __create_pgd_mapping(swapper_pg_dir, start, __phys_to_virt(start),
> --
> 2.31.0
>
> --
> You received this message because you are subscribed to the Google Groups "kasan-dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to kasan-dev+unsubscribe@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/kasan-dev/20210524172606.08dac28d%40xhacker.debian.