From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9C0A4E77188 for ; Tue, 14 Jan 2025 21:48:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 175146B008C; Tue, 14 Jan 2025 16:48:54 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 122B06B0092; Tue, 14 Jan 2025 16:48:54 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EB7F8280001; Tue, 14 Jan 2025 16:48:53 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id C43FE6B008C for ; Tue, 14 Jan 2025 16:48:53 -0500 (EST) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 3EBD91A0E25 for ; Tue, 14 Jan 2025 21:48:53 +0000 (UTC) X-FDA: 83007397746.28.30589D9 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) by imf22.hostedemail.com (Postfix) with ESMTP id 7AF15C0008 for ; Tue, 14 Jan 2025 21:48:51 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=nq8u3GSv; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf22.hostedemail.com: domain of 3wtuGZwYKCNcL73GC59HH9E7.5HFEBGNQ-FFDO35D.HK9@flex--seanjc.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=3wtuGZwYKCNcL73GC59HH9E7.5HFEBGNQ-FFDO35D.HK9@flex--seanjc.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736891331; a=rsa-sha256; cv=none; b=7rgm/ZSMIZGz/9JBraFE4gvTuHibHvyr6Yh1foK8hY663/2Mtl8JBbce7FwlD2ILSJyDaU 0OtCs0eaNIRyeyvgHpdEsL7S/j7zQKO7cuukK0ESyt7BcFSCY+D/OFcBMOGsmSTZuU92LC nlIQMWk+mEaJ051h0OfRlK+XkDpOSuA= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=nq8u3GSv; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf22.hostedemail.com: domain of 3wtuGZwYKCNcL73GC59HH9E7.5HFEBGNQ-FFDO35D.HK9@flex--seanjc.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=3wtuGZwYKCNcL73GC59HH9E7.5HFEBGNQ-FFDO35D.HK9@flex--seanjc.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736891331; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=SY5ohLi34L7dYoduVlaYy23kjKtiA3foJ9V2Q6nj8Ew=; b=tbutzw/BRRW5Wofo/FSr9GqXz2YNT6llbQ3YIRDsFGp6FLwEaMFyS30dhXLiUcitGcOEZf p68inEpLwnCxI5YtIbfZ0Bzpku8hBLXRjTkuG1WAz1F43YWtKs7+Lmpt3c7lfhj5XLbidw u9jIw8TwXAvr0N6oMym+0F4pwVp/3/s= Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ef80d30df1so10433567a91.1 for ; Tue, 14 Jan 2025 13:48:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1736891330; x=1737496130; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=SY5ohLi34L7dYoduVlaYy23kjKtiA3foJ9V2Q6nj8Ew=; b=nq8u3GSvwlJZb0lg3mbNDSqWoc0j0Q1uHOMehelAT6XaSMcUz6ucrgg/qbQn19IYzz r2G9AX3MDV1vm0nfHphDco6hlHqFlwAMI9ckgYvFKzbPv6JOa5PHbJJ0Yl38HruzxTE2 lD0ssha4XnsImbymH5shOeycyxkEJAJ+E0b8oBEhtQ29w8sakR4ilodwTVEqXoIfLp54 RFF3kjoGqKNf6/1mAtQwBbgnZUkfYi36P+L2135/iYEDMkKQYATSaR5buZmZADh38ZHp oMp2PGEcutQyRZho8Z7DCUuDQ5kTQrxfNgW9+pXWZiq2KqFOkt8uVyS6s91pRVO5tlQd YKSA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736891330; x=1737496130; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=SY5ohLi34L7dYoduVlaYy23kjKtiA3foJ9V2Q6nj8Ew=; b=JRXZSwuYXZ+EN2gWVSDkjRbU61Y33ZR4JHG+MyelFSRI8Eu+q1AKfBC5Z3WRvULMRQ 6adQl5uThUBkWkv0r0Ti/95QpfAGQUuatx1JtpoCeN3maQGneIx5C8L25G31upItl+o6 xkLs37TjSm3vOmeYoLryx6PTXmk5+VjvHHq5uHLQw1AQSDpQ29QzGDTTNatdXuqMWkji RROrDvPBjntWGjnimmLdhrWdpgLgSqxzDYVM3lwtB0Pn5rQV2W3KuxEidvrEC08+OUJW SVUt87a7Y4zpe6uhjZgSXSnMZYeJNhwYdXDFI0naenhF1tzOAikG0k/UkGXJ/PvCn5ta D6eg== X-Forwarded-Encrypted: i=1; AJvYcCUUzWAX8ogs5dvRqLSerrn52d7x3uxm5pzVRTcSKiDTyetkO6Ib/nuB2NArZXZdXbqkIifa8Y2v7w==@kvack.org X-Gm-Message-State: AOJu0Yzlt0cxcQgMVp0aOhDqDDJ1HfZ1M4navJo4aQQn1qtNx0sWTDYj Z6USPPgbOUcmKXVv763VmQPH/XqN6L3nWb0gE9CiIGiezir0B14VV+S0ZpQVhoa/S/3TIXogGTm 8AA== X-Google-Smtp-Source: AGHT+IGwfpH2TIl0yoCx6tHXuYKAWJYGIodcKzr2p0TmFaGwbmX4878qRqYpxqFQD7ygsze3Eu4GllOh0sY= X-Received: from pjbtc14.prod.google.com ([2002:a17:90b:540e:b0:2f2:ea3f:34c3]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90a:d00b:b0:2ee:d63f:d8f with SMTP id 98e67ed59e1d1-2f548ebf53cmr37053651a91.13.1736891330040; Tue, 14 Jan 2025 13:48:50 -0800 (PST) Date: Tue, 14 Jan 2025 13:48:48 -0800 In-Reply-To: Mime-Version: 1.0 References: <20250114175143.81438-1-vschneid@redhat.com> <20250114175143.81438-26-vschneid@redhat.com> Message-ID: Subject: Re: [PATCH v4 25/30] context_tracking,x86: Defer kernel text patching IPIs From: Sean Christopherson To: Valentin Schneider Cc: linux-kernel@vger.kernel.org, x86@kernel.org, virtualization@lists.linux.dev, linux-arm-kernel@lists.infradead.org, loongarch@lists.linux.dev, linux-riscv@lists.infradead.org, linux-perf-users@vger.kernel.org, xen-devel@lists.xenproject.org, kvm@vger.kernel.org, linux-arch@vger.kernel.org, rcu@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, bpf@vger.kernel.org, bcm-kernel-feedback-list@broadcom.com, Peter Zijlstra , Nicolas Saenz Julienne , Juergen Gross , Ajay Kaher , Alexey Makhalov , Russell King , Catalin Marinas , Will Deacon , Huacai Chen , WANG Xuerui , Paul Walmsley , Palmer Dabbelt , Albert Ou , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Arnaldo Carvalho de Melo , Namhyung Kim , Mark Rutland , Alexander Shishkin , Jiri Olsa , Ian Rogers , Adrian Hunter , Kan Liang , Boris Ostrovsky , Josh Poimboeuf , Pawan Gupta , Paolo Bonzini , Andy Lutomirski , Arnd Bergmann , Frederic Weisbecker , "Paul E. McKenney" , Jason Baron , Steven Rostedt , Ard Biesheuvel , Neeraj Upadhyay , Joel Fernandes , Josh Triplett , Boqun Feng , Uladzislau Rezki , Mathieu Desnoyers , Lai Jiangshan , Zqiang , Juri Lelli , Clark Williams , Yair Podemsky , Tomas Glozar , Vincent Guittot , Dietmar Eggemann , Ben Segall , Mel Gorman , Kees Cook , Andrew Morton , Christoph Hellwig , Shuah Khan , Sami Tolvanen , Miguel Ojeda , Alice Ryhl , "Mike Rapoport (Microsoft)" , Samuel Holland , Rong Xu , Geert Uytterhoeven , Yosry Ahmed , "Kirill A. Shutemov" , "Masami Hiramatsu (Google)" , Jinghao Jia , Luis Chamberlain , Randy Dunlap , Tiezhu Yang Content-Type: text/plain; charset="us-ascii" X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 7AF15C0008 X-Stat-Signature: s74a8j9o99ij3qyunbasd5ykdahqkp8i X-Rspam-User: X-HE-Tag: 1736891331-267491 X-HE-Meta: U2FsdGVkX1+XIXiRnruvVaXEkOH82Gb9lBlsA3iUhFHjoBWdwEuVLqmCMI0DV6fUVciZlUnQ3as+houQ/oMp8HZW8SIYYFT2dWg2sbr6/kWig+Jrz9ax+MuPaT3rAE/+gw6eH4lPx66Ubu0w2yMcIYkd2ltuO+iy1jI4JliDRK10h7Kjm1llSwqWvjdCMPYNbShjD4Fe6DWpKGcv5kxgwD6NNJDgGYdvUR4ChbfbApaZlmNuQmM1L8CDHVzr2YL8gqtqE+9Gmh2Bo5Jghd5zL4B2YPBSJkh5RK67lHutRs3WIo1GwNW4M3KK1r6pWi6hbpcfsl/4yyRsgoW706Wq8AAKY+XnAVAyfJK15Bj3zfwvcxfefsYBuu08niDuf3eYA1aSzglpNlEhNyEYwqYk/lL+JEjO/QZoPtMjmXgNhTLVAVrdpNMZAUfE7xC7JXwM9Po/uvTgkdvpfq3CnYVB9+Bp9Nxntf6pO7WMNF8yJBFFAeYkHd1fc7+w8zG0ReyDDwfhzs+JmfgJiGZ34fJk/I+eWfgpeGhJEN6Y4gSPsAPz7MMHpPzpIU+tOqEah05IINTCpoV39MLEoVudW9JHMxB9FBTdLWbv4znEds28HaCuU9k2ckRWQK/RJXZgX1uy8t4gTaXs0LxaUquW9vc2VjyhTVUofhqSaaB5AiQig3O1Sssey+zFnieM1amGmtHJKte8zvTjYsnxqdGB8e3OLrH6myvrOX7Qb02NQvBDkt+ySk3OmlvwgSpaQopQ5v0pHROOGguhzU3PSAeqm8uw0PVdxBjx1nz2WIsYU7nwPtUuJFzrkbBv1Kwux6X7pCgEVYMPLHKljA4vvuwcn8a+ab724hI7bB3BDGighr/KLo89YwirQdxgJTlQGSMUXrMwSAXcyvzpaRDNKFYenMD101o7FGDKYnOIw8ytR7VW6psLiZN5aKzYRdx5JZZyG+KsC3RtNx0UvxzzwMDLzzA oWpxcRaO RFAWN6HXOxsswf41Uh7Rcc5BDtfxBYg97Wb5IhZiXmvzk5Wy6CgLBaWJzYh1DAuYbMM11ozDB2d3YmYjib6ytQVpLCgGPuOLlawVSVMPIHWKR7dw57a+DUEVC0+CAGApI7huc/wyOZGwxBt8uGbeJ2ER3+qjVOkkvAGzSUQCNQWOvgHK98TjVtLse11+ez/tgltjqmXRkW/VZJnNgJQOBrgyitlf1OkTkZJBA0eGUl3Qc9GhiiVh3rNa4NU6tWSLlp9O2oULF44rYEkvplh/WBXGe+xKPf9IIlzJfHFzKTFT9wfgZ9xIx91+Z8KX8Ek6ZNFQJeKEhyJJ8PEP5d0MNNkpfwk0gcDdu615PZaIxUq138/+qzo8HxpUeQs9ydnvN3bOcuLr7Rtf0ZLWVDaHM6MFZBuHCRkmnx4ZK+Zha+AoGK45Z5BEblifoXJlQYvDoOoqY4uqHgF9cnUs+0/2cgMWPY+VCpmjMCTxqrjQ+nS9CVlWJYmIhs7mhscWHZIyI86SLdjfBl2UJIOC1/Zrk3Ibg+KxXYZspCFPti/R0Svznf5gpVJf8uTgmInsCn/dkfYHybV6Ty2+bzB9Z+aiVi8/rZDSFgyHJQCH7gvYyYdJ/mTtJXbjyj5CGzOFKhinQwpYgDzH7dcdKI2Js3XaOU2g2SYTf/wfK7DSTCedSR+iQyvk6CTFrAE6kdbV1MgrNEKV2DmcRbDrIigQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Jan 14, 2025, Sean Christopherson wrote: > On Tue, Jan 14, 2025, Valentin Schneider wrote: > > +/** > > + * is_kernel_noinstr_text - checks if the pointer address is located in the > > + * .noinstr section > > + * > > + * @addr: address to check > > + * > > + * Returns: true if the address is located in .noinstr, false otherwise. > > + */ > > +static inline bool is_kernel_noinstr_text(unsigned long addr) > > +{ > > + return addr >= (unsigned long)__noinstr_text_start && > > + addr < (unsigned long)__noinstr_text_end; > > +} > > This doesn't do the right thing for modules, which matters because KVM can be > built as a module on x86, and because context tracking understands transitions > to GUEST mode, i.e. CPUs that are running in a KVM guest will be treated as not > being in the kernel, and thus will have IPIs deferred. If KVM uses a static key > or branch between guest_state_enter_irqoff() and guest_state_exit_irqoff(), the > patching code won't wait for CPUs to exit guest mode, i.e. KVM could theoretically > use the wrong static path. > > I don't expect this to ever cause problems in practice, because patching code in > KVM's VM-Enter/VM-Exit path that has *functional* implications, while CPUs are > actively running guest code, would be all kinds of crazy. But I do think we > should plug the hole. > > If this issue is unique to KVM, i.e. is not a generic problem for all modules (I > assume module code generally isn't allowed in the entry path, even via NMI?), one > idea would be to let KVM register its noinstr section for text poking. Another idea would be to track which keys/branches are tagged noinstr, i.e. generate the information at compile time instead of doing lookups at runtime. The biggest downside I can think of is that it would require plumbing in the information to text_poke_bp_batch().