From: Anthony Yznaga <anthony.yznaga@oracle.com>
To: Khalid Aziz <khalid.aziz@oracle.com>
Cc: David Miller <davem@davemloft.net>,
dave.hansen@linux.intel.com, akpm@linux-foundation.org,
0x7f454c46@gmail.com, aarcange@redhat.com, ak@linux.intel.com,
Allen Pais <allen.pais@oracle.com>,
aneesh.kumar@linux.vnet.ibm.com, arnd@arndb.de,
Atish Patra <atish.patra@oracle.com>,
benh@kernel.crashing.org, Bob Picco <bob.picco@oracle.com>,
bsingharora@gmail.com, chris.hyser@oracle.com,
cmetcalf@mellanox.com, corbet@lwn.net, dan.carpenter@oracle.com,
dave.jiang@intel.com, dja@axtens.net,
Eric Saint Etienne <eric.saint.etienne@oracle.com>,
geert@linux-m68k.org, hannes@cmpxchg.org,
heiko.carstens@de.ibm.com, hpa@zytor.com, hughd@google.com,
imbrenda@linux.vnet.ibm.com, jack@suse.cz, jmarchan@redhat.com,
jroedel@suse.de, Khalid Aziz <khalid@gonehiking.org>,
kirill.shutemov@linux.intel.com, Liam.Howlett@oracle.com,
lstoakes@gmail.com, mgorman@suse.de, mhocko@suse.com,
mike.kravetz@oracle.com, minchan@kernel.org, mingo@redhat.com,
mpe@ellerman.id.au, nitin.m.gupta@oracle.com,
pasha.tatashin@oracle.com, paul.gortmaker@windriver.com,
paulus@samba.org, peterz@infradead.org, rientjes@google.com,
ross.zwisler@linux.intel.com, shli@fb.com,
steven.sistare@oracle.com, tglx@linutronix.de,
thomas.tai@oracle.com, tklauser@distanz.ch,
tom.hromatka@oracle.com, vegard.nossum@oracle.com,
vijay.ac.kumar@oracle.com, viro@zeniv.linux.org.uk,
willy@infradead.org, x86@kernel.org, ying.huang@intel.com,
zhongjiang@huawei.com, sparclinux@vger.kernel.org,
linux-arch@vger.kernel.org, linux-doc@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
linuxppc-dev@lists.ozlabs.org
Subject: Re: [PATCH v9 00/10] Application Data Integrity feature introduced by SPARC M7
Date: Wed, 8 Nov 2017 12:44:45 -0800 [thread overview]
Message-ID: <CF004B9F-A3B6-4A44-AD9E-EC01D6B740BB@oracle.com> (raw)
In-Reply-To: <cover.1508364660.git.khalid.aziz@oracle.com>
> On Oct 20, 2017, at 9:57 AM, Khalid Aziz <khalid.aziz@oracle.com> wrote:
>
> Patch 9/10
> When a processor supports additional metadata on memory pages, that
> additional metadata needs to be copied to new memory pages when those
> pages are moved. This patch allows architecture specific code to
> replace the default copy_highpage() routine with arch specific
> version that copies the metadata as well besides the data on the page.
>
> Patch 10/10
> This patch adds support for a user space task to enable ADI and enable
> tag checking for subsets of its address space. As part of enabling
> this feature, this patch adds to support manipulation of precise
> exception for memory corruption detection, adds code to save and
> restore tags on page swap and migration, and adds code to handle ADI
> tagged addresses for DMA.
>
> Changelog v9:
>
> - Patch 1/10: No changes
> - Patch 2/10: No changes
> - Patch 3/10: No changes
> - Patch 4/10: No changes
> - Patch 5/10: No changes
> - Patch 6/10: No changes
> - Patch 7/10: No changes
> - Patch 8/10: No changes
> - Patch 9/10: New patch
> - Patch 10/10: Patch 9 from v8. Added code to copy ADI tags when
> pages are migrated. Updated code to detect overflow and underflow
> of addresses when allocating tag storage.
Patch 09/10 wasn't delivered to me, but I reviewed the copy on lkml.org.
The changes looks good, but there is one remaining functional issue
which I've pointed out twice now in previous comments that still has not
been addressed:
The code paths through rtrap that overwrite PSTATE need to also set
PSTATE.mcde=1 since additional kernel work done after PSTATE is
overwritten could access ADI-enabled user memory and depend on version
checking being enabled. For example, rtrap may call SCHEDULE_USER and
resume execution in another thread. Without a fix, the resumed thread
will run with PSTATE.mcde=0 until it completes a return to user mode or
is rescheduled on a CPU where PSTATE.mcde is set. If the thread
accesses ADI-enabled user memory with a versioned address (e.g. to
complete some I/O) in that timeframe then the access will fail.
Here is what you need to fix it:
diff --git a/arch/sparc/kernel/rtrap_64.S b/arch/sparc/kernel/rtrap_64.S
index dff86fa..07c82a7 100644
--- a/arch/sparc/kernel/rtrap_64.S
+++ b/arch/sparc/kernel/rtrap_64.S
@@ -24,13 +24,21 @@
.align 32
__handle_preemption:
call SCHEDULE_USER
- wrpr %g0, RTRAP_PSTATE, %pstate
+661: wrpr %g0, RTRAP_PSTATE, %pstate
+ .section .sun_m7_1insn_patch, "ax"
+ .word 661b
+ wrpr %g0, RTRAP_PSTATE | PSTATE_MCDE, %pstate
+ .previous
ba,pt %xcc, __handle_preemption_continue
wrpr %g0, RTRAP_PSTATE_IRQOFF, %pstate
__handle_user_windows:
call fault_in_user_windows
- wrpr %g0, RTRAP_PSTATE, %pstate
+661: wrpr %g0, RTRAP_PSTATE, %pstate
+ .section .sun_m7_1insn_patch, "ax"
+ .word 661b
+ wrpr %g0, RTRAP_PSTATE | PSTATE_MCDE, %pstate
+ .previous
ba,pt %xcc, __handle_preemption_continue
wrpr %g0, RTRAP_PSTATE_IRQOFF, %pstate
@@ -47,7 +55,11 @@ __handle_signal:
add %sp, PTREGS_OFF, %o0
mov %l0, %o2
call do_notify_resume
- wrpr %g0, RTRAP_PSTATE, %pstate
+661: wrpr %g0, RTRAP_PSTATE, %pstate
+ .section .sun_m7_1insn_patch, "ax"
+ .word 661b
+ wrpr %g0, RTRAP_PSTATE | PSTATE_MCDE, %pstate
+ .previous
wrpr %g0, RTRAP_PSTATE_IRQOFF, %pstate
/* Signal delivery can modify pt_regs tstate, so we must
diff --git a/arch/sparc/kernel/urtt_fill.S b/arch/sparc/kernel/urtt_fill.S
index 364af32..3a7f2d8 100644
--- a/arch/sparc/kernel/urtt_fill.S
+++ b/arch/sparc/kernel/urtt_fill.S
@@ -49,7 +49,11 @@ user_rtt_fill_fixup_common:
SET_GL(0)
.previous
- wrpr %g0, RTRAP_PSTATE, %pstate
+661: wrpr %g0, RTRAP_PSTATE, %pstate
+ .section .sun_m7_1insn_patch, "ax"
+ .word 661b
+ wrpr %g0, RTRAP_PSTATE | PSTATE_MCDE, %pstate
+ .previous
mov %l1, %g6
ldx [%g6 + TI_TASK], %g4
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
prev parent reply other threads:[~2017-11-08 20:46 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-20 16:57 Khalid Aziz
2017-10-20 16:57 ` [PATCH v9 02/10] mm, swap: Add infrastructure for saving page metadata as well on swap Khalid Aziz
2017-10-20 16:58 ` [PATCH v9 07/10] mm: Add address parameter to arch_validate_prot() Khalid Aziz
2017-10-20 16:58 ` [PATCH v8 08/10] mm: Clear arch specific VM flags on protection change Khalid Aziz
2017-10-20 16:58 ` [PATCH v9 10/10] sparc64: Add support for ADI (Application Data Integrity) Khalid Aziz
2017-11-08 20:44 ` Anthony Yznaga [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CF004B9F-A3B6-4A44-AD9E-EC01D6B740BB@oracle.com \
--to=anthony.yznaga@oracle.com \
--cc=0x7f454c46@gmail.com \
--cc=Liam.Howlett@oracle.com \
--cc=aarcange@redhat.com \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=allen.pais@oracle.com \
--cc=aneesh.kumar@linux.vnet.ibm.com \
--cc=arnd@arndb.de \
--cc=atish.patra@oracle.com \
--cc=benh@kernel.crashing.org \
--cc=bob.picco@oracle.com \
--cc=bsingharora@gmail.com \
--cc=chris.hyser@oracle.com \
--cc=cmetcalf@mellanox.com \
--cc=corbet@lwn.net \
--cc=dan.carpenter@oracle.com \
--cc=dave.hansen@linux.intel.com \
--cc=dave.jiang@intel.com \
--cc=davem@davemloft.net \
--cc=dja@axtens.net \
--cc=eric.saint.etienne@oracle.com \
--cc=geert@linux-m68k.org \
--cc=hannes@cmpxchg.org \
--cc=heiko.carstens@de.ibm.com \
--cc=hpa@zytor.com \
--cc=hughd@google.com \
--cc=imbrenda@linux.vnet.ibm.com \
--cc=jack@suse.cz \
--cc=jmarchan@redhat.com \
--cc=jroedel@suse.de \
--cc=khalid.aziz@oracle.com \
--cc=khalid@gonehiking.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=lstoakes@gmail.com \
--cc=mgorman@suse.de \
--cc=mhocko@suse.com \
--cc=mike.kravetz@oracle.com \
--cc=minchan@kernel.org \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=nitin.m.gupta@oracle.com \
--cc=pasha.tatashin@oracle.com \
--cc=paul.gortmaker@windriver.com \
--cc=paulus@samba.org \
--cc=peterz@infradead.org \
--cc=rientjes@google.com \
--cc=ross.zwisler@linux.intel.com \
--cc=shli@fb.com \
--cc=sparclinux@vger.kernel.org \
--cc=steven.sistare@oracle.com \
--cc=tglx@linutronix.de \
--cc=thomas.tai@oracle.com \
--cc=tklauser@distanz.ch \
--cc=tom.hromatka@oracle.com \
--cc=vegard.nossum@oracle.com \
--cc=vijay.ac.kumar@oracle.com \
--cc=viro@zeniv.linux.org.uk \
--cc=willy@infradead.org \
--cc=x86@kernel.org \
--cc=ying.huang@intel.com \
--cc=zhongjiang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox