From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 87F9CC0219B
	for <linux-mm@archiver.kernel.org>; Tue, 11 Feb 2025 16:10:04 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 00440280004; Tue, 11 Feb 2025 11:10:04 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id ECFA0280001; Tue, 11 Feb 2025 11:10:03 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id D2219280004; Tue, 11 Feb 2025 11:10:03 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12])
	by kanga.kvack.org (Postfix) with ESMTP id ADDD3280001
	for <linux-mm@kvack.org>; Tue, 11 Feb 2025 11:10:03 -0500 (EST)
Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay02.hostedemail.com (Postfix) with ESMTP id 9CF8512056B
	for <linux-mm@kvack.org>; Tue, 11 Feb 2025 16:10:02 +0000 (UTC)
X-FDA: 83108150244.13.48BBAB8
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by imf02.hostedemail.com (Postfix) with ESMTP id EE1C880006
	for <linux-mm@kvack.org>; Tue, 11 Feb 2025 16:09:59 +0000 (UTC)
Authentication-Results: imf02.hostedemail.com;
	dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=Vb5k2lYN;
	spf=pass (imf02.hostedemail.com: domain of vschneid@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=vschneid@redhat.com;
	dmarc=pass (policy=none) header.from=redhat.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1739290200;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=vlqDgCP2DAkslcpgDFYXdlhhng4EN6BqWt/KN1sHhDc=;
	b=cEhQcNk76aBxNpYa5h4z25/d90ifuQrNAc/WEGVVLkfxbeSj8Pou2SmAfVLguE8wr7YoD4
	zd4QHsmjS/ko1AoaeejIBdrq33vvtmQlxNaRbdESdfuUW07xnrC/LXiNt7ZOJoEZvLccEy
	iAEWrLfohqCZjhhElOaMJw37E5defZk=
ARC-Authentication-Results: i=1;
	imf02.hostedemail.com;
	dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=Vb5k2lYN;
	spf=pass (imf02.hostedemail.com: domain of vschneid@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=vschneid@redhat.com;
	dmarc=pass (policy=none) header.from=redhat.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739290200; a=rsa-sha256;
	cv=none;
	b=UvT7av41FhvxW8yw09cFca2XA77cl4tkLg9QHTgvo9Kk7zsuh31jAfXTp1/Bcs8nrYM7ao
	nvjYPz40L40nwV4Nkq/8QKU9w6seh65+rYDSaTCbtR2jhZHm9Ml8aBmJoiaub7GKU7KmUq
	Zt5OIftuBXz62rQ6AQsP/tz2LMAzsSU=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1739290199;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=vlqDgCP2DAkslcpgDFYXdlhhng4EN6BqWt/KN1sHhDc=;
	b=Vb5k2lYNxi641zOqZtjHVCwzEGsqt5fNgJw+NbWxbzNOokI+oJeyM9P6fWEXaqGoWx6xen
	z2hUd97MQhEeXbnoAY3h3Yug1NRur3rKJajCUKDZ+fISujuAgwPG6IZGwwVFpo6eAeBL1u
	+vxB2bFdvSCs40cl0INNYHOxQIJjDZs=
Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com
 [209.85.221.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-155-ncIO7G_1OEecL9Xf0v3INg-1; Tue, 11 Feb 2025 11:09:54 -0500
X-MC-Unique: ncIO7G_1OEecL9Xf0v3INg-1
X-Mimecast-MFC-AGG-ID: ncIO7G_1OEecL9Xf0v3INg
Received: by mail-wr1-f71.google.com with SMTP id ffacd0b85a97d-38dd1bdf360so1525303f8f.3
        for <linux-mm@kvack.org>; Tue, 11 Feb 2025 08:09:54 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1739290194; x=1739894994;
        h=content-transfer-encoding:mime-version:message-id:date:references
         :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=cqBw0fvuK6HvmV212DNXANVYi4ije8UDstIz77BqBKI=;
        b=uPms38aSO51cOR0DJKaDa3Ube1O++r4wzhTcnzWb4iVLGKVMRKkFSu2htXZhJWYTO/
         wbL2a0THnhqN7GAMnom3u5aUfhh9NeOdWrr1scjq6JwHkbKtsQSNiQg3nzS5zNSX6F1v
         UCRd2h9juJf5cldJ5SM4778JCyrhp3zrIeBmUOhvov+nXK5TuS4KCY7Q7CbGTXNAAoYw
         plbhX9FmSmgxq2zBNgtL7oz4F9UfW9u0TwK9OmnszyxX6Q673+0qwQE2R+N9XiQD0O0v
         w1GzycJWOPAbzadwH/5qTKsTU4LD9Qz5QDSlAr8M5nQdqKjaUDURKA6z5F78il1Xn6AP
         z16A==
X-Forwarded-Encrypted: i=1; AJvYcCXJtMRogIKcVnhbFHsGRq7svS3lcEX0OPX5B28vXDy5/iBxJCdSM6ip9dYIadXOpJ4zDt+N3fs/PQ==@kvack.org
X-Gm-Message-State: AOJu0Yzqxyz44bDIXutKKW01Gp30uYsLNSWyzgmJFgFXJK3kOQP4MtOg
	T8tu+7ZqW5HCScuXwGWuCrNTJK+xueeyfw0MBrORLDy54z1dEg2q0B4JmrZaHFfc/Ot6wU7uvtu
	lxICVaw7Skjv3XG/CWl2Y84egv2oPADuQlM/DE2GYXaeZP4GH
X-Gm-Gg: ASbGncsm4wIAikTjh1rVvnkbDk67WW/vlAmbBABBoHdoX3snxzJ2nJFBR5G9iwjv3Q4
	gCkfZjlUmg90nVqvjwMy/Ukv38UnMan34bPEtogk/VDyuo3vBjRKjd+7G7A+xCAAy3hpE5DG9rT
	mrlP2t+AkiDqeXt31+bccr3eqSpKZ74a7DYp7xSwf9teiVzpow7bEQbeP/+Wn2oLj3q1oGyWJpX
	pYFF+3fSXx9NSEsx9PdN5YUK2IS7BFQPGXi9CpH2aN/9SsaWqsfuQx9eQhIxPzwat3b9Hia81Sy
	ax9CuUkqmFJD5AKQi5tf2NfoU3TN8rIkdLWemoPZN/uT+5mJ7mM2ggKY+W8sbm3rog==
X-Received: by 2002:adf:b60f:0:b0:38d:b113:eb8 with SMTP id ffacd0b85a97d-38de918b920mr304814f8f.20.1739290193750;
        Tue, 11 Feb 2025 08:09:53 -0800 (PST)
X-Google-Smtp-Source: AGHT+IHK1ASMUo9/0VqOa8FhznHehFcHh+h1fB2eK6UH8SCGRKzMX4fpRgybDSM9A1NmLLMyPAzxtg==
X-Received: by 2002:adf:b60f:0:b0:38d:b113:eb8 with SMTP id ffacd0b85a97d-38de918b920mr304770f8f.20.1739290193306;
        Tue, 11 Feb 2025 08:09:53 -0800 (PST)
Received: from vschneid-thinkpadt14sgen2i.remote.csb (213-44-141-166.abo.bbox.fr. [213.44.141.166])
        by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-38dbde1dfaesm15387623f8f.90.2025.02.11.08.09.49
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 11 Feb 2025 08:09:52 -0800 (PST)
From: Valentin Schneider <vschneid@redhat.com>
To: Mark Rutland <mark.rutland@arm.com>
Cc: Jann Horn <jannh@google.com>, linux-kernel@vger.kernel.org,
 x86@kernel.org, virtualization@lists.linux.dev,
 linux-arm-kernel@lists.infradead.org, loongarch@lists.linux.dev,
 linux-riscv@lists.infradead.org, linux-perf-users@vger.kernel.org,
 xen-devel@lists.xenproject.org, kvm@vger.kernel.org,
 linux-arch@vger.kernel.org, rcu@vger.kernel.org,
 linux-hardening@vger.kernel.org, linux-mm@kvack.org,
 linux-kselftest@vger.kernel.org, bpf@vger.kernel.org,
 bcm-kernel-feedback-list@broadcom.com, Juergen Gross <jgross@suse.com>,
 Ajay Kaher <ajay.kaher@broadcom.com>, Alexey Makhalov
 <alexey.amakhalov@broadcom.com>, Russell King <linux@armlinux.org.uk>,
 Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>,
 Huacai Chen <chenhuacai@kernel.org>, WANG Xuerui <kernel@xen0n.name>, Paul
 Walmsley <paul.walmsley@sifive.com>, Palmer Dabbelt <palmer@dabbelt.com>,
 Albert Ou <aou@eecs.berkeley.edu>, Thomas Gleixner <tglx@linutronix.de>,
 Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, Dave
 Hansen <dave.hansen@linux.intel.com>, "H. Peter Anvin" <hpa@zytor.com>,
 Peter Zijlstra <peterz@infradead.org>, Arnaldo Carvalho de Melo
 <acme@kernel.org>, Namhyung Kim <namhyung@kernel.org>, Alexander Shishkin
 <alexander.shishkin@linux.intel.com>, Jiri Olsa <jolsa@kernel.org>, Ian
 Rogers <irogers@google.com>, Adrian Hunter <adrian.hunter@intel.com>,
 "Liang, Kan" <kan.liang@linux.intel.com>, Boris Ostrovsky
 <boris.ostrovsky@oracle.com>, Josh Poimboeuf <jpoimboe@kernel.org>, Pawan
 Gupta <pawan.kumar.gupta@linux.intel.com>, Sean Christopherson
 <seanjc@google.com>, Paolo Bonzini <pbonzini@redhat.com>, Andy Lutomirski
 <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>, Frederic Weisbecker
 <frederic@kernel.org>, "Paul E. McKenney" <paulmck@kernel.org>, Jason
 Baron <jbaron@akamai.com>, Steven Rostedt <rostedt@goodmis.org>, Ard
 Biesheuvel <ardb@kernel.org>, Neeraj Upadhyay
 <neeraj.upadhyay@kernel.org>, Joel Fernandes <joel@joelfernandes.org>,
 Josh Triplett <josh@joshtriplett.org>, Boqun Feng <boqun.feng@gmail.com>,
 Uladzislau Rezki <urezki@gmail.com>, Mathieu Desnoyers
 <mathieu.desnoyers@efficios.com>, Lai Jiangshan <jiangshanlai@gmail.com>,
 Zqiang <qiang.zhang1211@gmail.com>, Juri Lelli <juri.lelli@redhat.com>,
 Clark Williams <williams@redhat.com>, Yair Podemsky <ypodemsk@redhat.com>,
 Tomas Glozar <tglozar@redhat.com>, Vincent Guittot
 <vincent.guittot@linaro.org>, Dietmar Eggemann <dietmar.eggemann@arm.com>,
 Ben Segall <bsegall@google.com>, Mel Gorman <mgorman@suse.de>, Kees Cook
 <kees@kernel.org>, Andrew Morton <akpm@linux-foundation.org>, Christoph
 Hellwig <hch@infradead.org>, Shuah Khan <shuah@kernel.org>, Sami Tolvanen
 <samitolvanen@google.com>, Miguel Ojeda <ojeda@kernel.org>, Alice Ryhl
 <aliceryhl@google.com>, "Mike Rapoport (Microsoft)" <rppt@kernel.org>,
 Samuel Holland <samuel.holland@sifive.com>, Rong Xu <xur@google.com>,
 Nicolas Saenz Julienne <nsaenzju@redhat.com>, Geert Uytterhoeven
 <geert@linux-m68k.org>, Yosry Ahmed <yosryahmed@google.com>, "Kirill A.
 Shutemov" <kirill.shutemov@linux.intel.com>, "Masami Hiramatsu (Google)"
 <mhiramat@kernel.org>, Jinghao Jia <jinghao7@illinois.edu>, Luis
 Chamberlain <mcgrof@kernel.org>, Randy Dunlap <rdunlap@infradead.org>,
 Tiezhu Yang <yangtiezhu@loongson.cn>
Subject: Re: [PATCH v4 29/30] x86/mm, mm/vmalloc: Defer
 flush_tlb_kernel_range() targeting NOHZ_FULL CPUs
In-Reply-To: <Z6tYnOEBkOlT_ehp@J2N7QTR9R3>
References: <20250114175143.81438-1-vschneid@redhat.com>
 <20250114175143.81438-30-vschneid@redhat.com>
 <CAG48ez1Mh+DOy0ysOo7Qioxh1W7xWQyK9CLGNU9TGOsLXbg=gQ@mail.gmail.com>
 <xhsmh34hhh37q.mognet@vschneid-thinkpadt14sgen2i.remote.csb>
 <CAG48ez3H8OVP1GxBLdmFgusvT1gQhwu2SiXbgi8T9uuCYVK52w@mail.gmail.com>
 <xhsmh5xlhk5p2.mognet@vschneid-thinkpadt14sgen2i.remote.csb>
 <CAG48ez1EAATYcX520Nnw=P8XtUDSr5pe+qGH1YVNk3xN2LE05g@mail.gmail.com>
 <xhsmh34gkk3ls.mognet@vschneid-thinkpadt14sgen2i.remote.csb>
 <Z6tYnOEBkOlT_ehp@J2N7QTR9R3>
Date: Tue, 11 Feb 2025 17:09:49 +0100
Message-ID: <xhsmhwmdwihte.mognet@vschneid-thinkpadt14sgen2i.remote.csb>
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: PfTIlr9G2vwDSG-d1ki9DxIlz6xFWHkiZbO4tdSkHgQ_1739290194
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Rspam-User: 
X-Rspamd-Server: rspam09
X-Rspamd-Queue-Id: EE1C880006
X-Stat-Signature: aqa5itdqtqzzrbkjwfwcpku1463nuoxx
X-HE-Tag: 1739290199-635079
X-HE-Meta: U2FsdGVkX19k6iqZYY/ccp547YWA0Yk7lCBpOvVbhxKkPbdg8gdMXcn9hkbPU1vnWWmjjpYQKaTOpCFhq5og0o0bk1XibN9YjZKPV48SaTY1oWuq56rqFaOYM0Wl5cmhIkJygjP4LoIG9wO0KKbu2R3t17v30KMzwfiTqUV6fdXR1YLhKfyoH3H8Wg/OWUYOnEYDMbl+hu4YbOViI5qdhKq8RCdCU7ie0h80cFK6EOy4l4+Ypdt8xvOuhgWjuS5IRNifg1XEkZnC+Z8Ts3+qwxhhI1CXYGHYrBITJ0nYNJsu+c3tgjROwqum+Zsimc5vOV1Si3CHcYhuQ2wRk02+FyyJLhRJhHEmONx5x0MzSuJjm5wnrLJghldyZxAxlKynNP/GOMOGQyM72OnmWgNxA2O2XXLlDUniCfMDIv0gO9cGP03mP2VLTjYFxrhCxyIQQUzAmzDFbdLlYdI1bn108zlg5Y7IzsE3Wk98s4R7pzrYc80Y955vnOT9uqLxfGHu66mwixxP6TVLXZCr3IBDxHySvKbtzetXAND/z1Kq9De2LlVMHavE/e8gXG2HGUMbvICvnW+IS4zS2K/MDYPXk00MBsXNeodFXq5zlww1WgpKN0BnEzrSeJRD+5gJyYKF2hXEyJzRJztn7KBg8dbtThz7aEGx8D+U+pDzfFk0yDEvzKDVKv0qI4jo+l/VfTDMtj5BN7oSQvvw/k8kdIs9kVPIWOq3+lxOMzZicscVbxswf+V+RjYPoz2KxUbBPoBuqvLpwk3bsXLoebEXJLEXe6UPA9VmSC9qgNxDqeZ2j0YIruRKzSIvlemaEJYxOoOYzTPhH0xNE6/vP88g1lQqKltYx17KrzhA5eC6vK1sR4v5PYy7pA2mF9BNrDp7VzQyxdoXAaF/EvmazeyG3sIwlOqsbAhICGmLJFDFsC6tCcgsKBdLCM7EXj/1UHCImycMOd5ezyJ1BO00A70zJ8/
 gkN/bddw
 5byP91SY8/tfnfjTfG+2bm+u0jOZ/B7GLp+kGL/7wagFYmL4RFY4sXZt3+Q9ZQLeIKzHKbBwvMhlxFULw+Oi5AqNH/ZpNnqFgcRuKG7Eio4Gt0vuV7dRU04Cu9d7JnsVED+K3L2Gbe923J+ohkHJQWzat+xBgN/uDZrTmMeNJBZslOTifEnP5mDCzrzNK1pLSZWqr9sqVAk1iY7jUyEjUhJcTgRJQ+vmODvtZlDBqMuGHRCGvhp3Fb3MiCd1a4zwthvb9tmdyU31gygRstYugK3XzKuoCPpg1MbOl+qNTtLwTkHwuGAWOuEDnmiVRfYS0ua5I0NIpBb1h3HEk/31pxhBfiQOPq2LaGZ3VWNu+t0QSDw9k0yiOK+v/alqtbIAV0bRyR19uRhkAwefoHWXzxLoDPf17DysUPvE9dp/trSN6harLaBeHet5xfL9zscYBKCk5qo9GY+flJUM2htc/n0ZcHtP/5dh+Bv3CYWM9FYkZ4bZmBgE2Qm2JPQ0iYWGOyEILmMNGEfJYHtiTSgjIxL1SMQ==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

On 11/02/25 14:03, Mark Rutland wrote:
> On Tue, Feb 11, 2025 at 02:33:51PM +0100, Valentin Schneider wrote:
>> On 10/02/25 23:08, Jann Horn wrote:
>> > 2. It's wrong to assume that TLB entries are only populated for
>> > addresses you access - thanks to speculative execution, you have to
>> > assume that the CPU might be populating random TLB entries all over
>> > the place.
>>
>> Gotta love speculation. Now it is supposed to be limited to genuinely
>> accessible data & code, right? Say theoretically we have a full TLBi as
>> literally the last thing before doing the return-to-userspace, speculati=
on
>> should be limited to executing maybe bits of the return-from-userspace
>> code?
>
> I think it's easier to ignore speculation entirely, and just assume that
> the MMU can arbitrarily fill TLB entries from any page table entries
> which are valid/accessible in the active page tables. Hardware
> prefetchers can do that regardless of the specific path of speculative
> execution.
>
> Thus TLB fills are not limited to VAs which would be used on that
> return-to-userspace path.
>
>> Furthermore, I would hope that once a CPU is executing in userspace, it'=
s
>> not going to populate the TLB with kernel address translations - AIUI th=
e
>> whole vulnerability mitigation debacle was about preventing this sort of
>> thing.
>
> The CPU can definitely do that; the vulnerability mitigations are all
> about what userspace can observe rather than what the CPU can do in the
> background. Additionally, there are features like SPE and TRBE that use
> kernel addresses while the CPU is executing userspace instructions.
>
> The latest ARM Architecture Reference Manual (ARM DDI 0487 L.a) is fairly=
 clear
> about that in section D8.16 "Translation Lookaside Buff", where it says
> (among other things):
>
>   When address translation is enabled, if a translation table entry
>   meets all of the following requirements, then that translation table
>   entry is permitted to be cached in a TLB or intermediate TLB caching
>   structure at any time:
>   =E2=80=A2 The translation table entry itself does not generate a Transl=
ation
>     fault, an Address size fault, or an Access flag fault.
>   =E2=80=A2 The translation table entry is not from a translation regime
>     configured by an Exception level that is lower than the current
>     Exception level.
>
> Here "permitted to be cached in a TLB" also implies that the HW is
> allowed to fetch the translation tabl entry (which is what ARM call page
> table entries).
>

That's actually fairly clear all things considered, thanks for the
education and for fishing out the relevant DDI section!

> The PDF can be found at:
>
>   https://developer.arm.com/documentation/ddi0487/la/?lang=3Den
>
> Mark.