2008-01-30 19:33:41 +07:00
|
|
|
/*
|
|
|
|
* Copyright 2002 Andi Kleen, SuSE Labs.
|
2005-04-17 05:20:36 +07:00
|
|
|
* Thanks to Ben LaHaise for precious feedback.
|
2008-01-30 19:33:41 +07:00
|
|
|
*/
|
2005-04-17 05:20:36 +07:00
|
|
|
#include <linux/highmem.h>
|
2008-01-30 19:34:04 +07:00
|
|
|
#include <linux/bootmem.h>
|
2008-01-30 19:33:41 +07:00
|
|
|
#include <linux/sched.h>
|
|
|
|
#include <linux/mm.h>
|
2008-02-10 05:24:09 +07:00
|
|
|
#include <linux/interrupt.h>
|
2008-04-17 22:40:45 +07:00
|
|
|
#include <linux/seq_file.h>
|
|
|
|
#include <linux/debugfs.h>
|
2009-06-22 09:56:24 +07:00
|
|
|
#include <linux/pfn.h>
|
2009-07-04 06:10:59 +07:00
|
|
|
#include <linux/percpu.h>
|
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.
percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.
http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.
* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.
* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.
The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.
2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.
3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.
4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.
5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.
6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).
* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig
8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.
Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.
Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-24 15:04:11 +07:00
|
|
|
#include <linux/gfp.h>
|
2010-11-17 04:31:26 +07:00
|
|
|
#include <linux/pci.h>
|
2015-06-02 16:01:38 +07:00
|
|
|
#include <linux/vmalloc.h>
|
2008-01-30 19:33:41 +07:00
|
|
|
|
2017-01-27 16:27:10 +07:00
|
|
|
#include <asm/e820/api.h>
|
2005-04-17 05:20:36 +07:00
|
|
|
#include <asm/processor.h>
|
|
|
|
#include <asm/tlbflush.h>
|
2006-01-06 15:12:10 +07:00
|
|
|
#include <asm/sections.h>
|
x86: add brk allocation for very, very early allocations
Impact: new interface
Add a brk()-like allocator which effectively extends the bss in order
to allow very early code to do dynamic allocations. This is better than
using statically allocated arrays for data in subsystems which may never
get used.
The space for brk allocations is in the bss ELF segment, so that the
space is mapped properly by the code which maps the kernel, and so
that bootloaders keep the space free rather than putting a ramdisk or
something into it.
The bss itself, delimited by __bss_stop, ends before the brk area
(__brk_base to __brk_limit). The kernel text, data and bss is reserved
up to __bss_stop.
Any brk-allocated data is reserved separately just before the kernel
pagetable is built, as that code allocates from unreserved spaces
in the e820 map, potentially allocating from any unused brk memory.
Ultimately any unused memory in the brk area is used in the general
kernel memory pool.
Initially the brk space is set to 1MB, which is probably much larger
than any user needs (the largest current user is i386 head_32.S's code
to build the pagetables to map the kernel, which can get fairly large
with a big kernel image and no PSE support). So long as the system
has sufficient memory for the bootloader to reserve the kernel+1MB brk,
there are no bad effects resulting from an over-large brk.
Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2009-02-27 08:35:44 +07:00
|
|
|
#include <asm/setup.h>
|
2016-12-25 02:46:01 +07:00
|
|
|
#include <linux/uaccess.h>
|
2008-01-30 19:33:41 +07:00
|
|
|
#include <asm/pgalloc.h>
|
2008-02-19 02:54:14 +07:00
|
|
|
#include <asm/proto.h>
|
2008-03-19 07:00:18 +07:00
|
|
|
#include <asm/pat.h>
|
2017-05-09 05:58:11 +07:00
|
|
|
#include <asm/set_memory.h>
|
2005-04-17 05:20:36 +07:00
|
|
|
|
2008-02-04 22:48:09 +07:00
|
|
|
/*
|
|
|
|
* The current flushing context - we pass it instead of 5 arguments:
|
|
|
|
*/
|
2008-02-04 22:48:07 +07:00
|
|
|
struct cpa_data {
|
2008-08-21 09:46:06 +07:00
|
|
|
unsigned long *vaddr;
|
2013-10-31 23:25:00 +07:00
|
|
|
pgd_t *pgd;
|
2008-02-04 22:48:07 +07:00
|
|
|
pgprot_t mask_set;
|
|
|
|
pgprot_t mask_clr;
|
x86/mm/pat: Avoid truncation when converting cpa->numpages to address
There are a couple of nasty truncation bugs lurking in the pageattr
code that can be triggered when mapping EFI regions, e.g. when we pass
a cpa->pgd pointer. Because cpa->numpages is a 32-bit value, shifting
left by PAGE_SHIFT will truncate the resultant address to 32-bits.
Viorel-Cătălin managed to trigger this bug on his Dell machine that
provides a ~5GB EFI region which requires 1236992 pages to be mapped.
When calling populate_pud() the end of the region gets calculated
incorrectly in the following buggy expression,
end = start + (cpa->numpages << PAGE_SHIFT);
And only 188416 pages are mapped. Next, populate_pud() gets invoked
for a second time because of the loop in __change_page_attr_set_clr(),
only this time no pages get mapped because shifting the remaining
number of pages (1048576) by PAGE_SHIFT is zero. At which point the
loop in __change_page_attr_set_clr() spins forever because we fail to
map progress.
Hitting this bug depends very much on the virtual address we pick to
map the large region at and how many pages we map on the initial run
through the loop. This explains why this issue was only recently hit
with the introduction of commit
a5caa209ba9c ("x86/efi: Fix boot crash by mapping EFI memmap
entries bottom-up at runtime, instead of top-down")
It's interesting to note that safe uses of cpa->numpages do exist in
the pageattr code. If instead of shifting ->numpages we multiply by
PAGE_SIZE, no truncation occurs because PAGE_SIZE is a UL value, and
so the result is unsigned long.
To avoid surprises when users try to convert very large cpa->numpages
values to addresses, change the data type from 'int' to 'unsigned
long', thereby making it suitable for shifting by PAGE_SHIFT without
any type casting.
The alternative would be to make liberal use of casting, but that is
far more likely to cause problems in the future when someone adds more
code and fails to cast properly; this bug was difficult enough to
track down in the first place.
Reported-and-tested-by: Viorel-Cătălin Răpițeanu <rapiteanu.catalin@gmail.com>
Acked-by: Borislav Petkov <bp@alien8.de>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Link: https://bugzilla.kernel.org/show_bug.cgi?id=110131
Link: http://lkml.kernel.org/r/1454067370-10374-1-git-send-email-matt@codeblueprint.co.uk
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2016-01-29 18:36:10 +07:00
|
|
|
unsigned long numpages;
|
2008-08-21 09:46:06 +07:00
|
|
|
int flags;
|
2008-02-19 02:54:14 +07:00
|
|
|
unsigned long pfn;
|
2018-09-17 21:29:14 +07:00
|
|
|
unsigned force_split : 1,
|
|
|
|
force_static_prot : 1;
|
2008-08-21 09:46:06 +07:00
|
|
|
int curpage;
|
2009-03-20 04:51:14 +07:00
|
|
|
struct page **pages;
|
2008-02-04 22:48:07 +07:00
|
|
|
};
|
|
|
|
|
2018-09-17 21:29:11 +07:00
|
|
|
enum cpa_warn {
|
2018-09-17 21:29:14 +07:00
|
|
|
CPA_CONFLICT,
|
2018-09-17 21:29:11 +07:00
|
|
|
CPA_PROTECT,
|
|
|
|
CPA_DETECT,
|
|
|
|
};
|
|
|
|
|
|
|
|
static const int cpa_warn_level = CPA_PROTECT;
|
|
|
|
|
2008-09-24 04:00:42 +07:00
|
|
|
/*
|
|
|
|
* Serialize cpa() (for !DEBUG_PAGEALLOC which uses large identity mappings)
|
|
|
|
* using cpa_lock. So that we don't allow any other cpu, with stale large tlb
|
|
|
|
* entries change the page attribute in parallel to some other cpu
|
|
|
|
* splitting a large page entry along with changing the attribute.
|
|
|
|
*/
|
|
|
|
static DEFINE_SPINLOCK(cpa_lock);
|
|
|
|
|
2008-08-21 09:46:06 +07:00
|
|
|
#define CPA_FLUSHTLB 1
|
|
|
|
#define CPA_ARRAY 2
|
2009-03-20 04:51:14 +07:00
|
|
|
#define CPA_PAGES_ARRAY 4
|
x86/mm/init: Remove freed kernel image areas from alias mapping
The kernel image is mapped into two places in the virtual address space
(addresses without KASLR, of course):
1. The kernel direct map (0xffff880000000000)
2. The "high kernel map" (0xffffffff81000000)
We actually execute out of #2. If we get the address of a kernel symbol,
it points to #2, but almost all physical-to-virtual translations point to
Parts of the "high kernel map" alias are mapped in the userspace page
tables with the Global bit for performance reasons. The parts that we map
to userspace do not (er, should not) have secrets. When PTI is enabled then
the global bit is usually not set in the high mapping and just used to
compensate for poor performance on systems which lack PCID.
This is fine, except that some areas in the kernel image that are adjacent
to the non-secret-containing areas are unused holes. We free these holes
back into the normal page allocator and reuse them as normal kernel memory.
The memory will, of course, get *used* via the normal map, but the alias
mapping is kept.
This otherwise unused alias mapping of the holes will, by default keep the
Global bit, be mapped out to userspace, and be vulnerable to Meltdown.
Remove the alias mapping of these pages entirely. This is likely to
fracture the 2M page mapping the kernel image near these areas, but this
should affect a minority of the area.
The pageattr code changes *all* aliases mapping the physical pages that it
operates on (by default). We only want to modify a single alias, so we
need to tweak its behavior.
This unmapping behavior is currently dependent on PTI being in place.
Going forward, we should at least consider doing this for all
configurations. Having an extra read-write alias for memory is not exactly
ideal for debugging things like random memory corruption and this does
undercut features like DEBUG_PAGEALLOC or future work like eXclusive Page
Frame Ownership (XPFO).
Before this patch:
current_kernel:---[ High Kernel Mapping ]---
current_kernel-0xffffffff80000000-0xffffffff81000000 16M pmd
current_kernel-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_kernel-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_kernel-0xffffffff81e11000-0xffffffff82000000 1980K RW NX pte
current_kernel-0xffffffff82000000-0xffffffff82600000 6M ro PSE GLB NX pmd
current_kernel-0xffffffff82600000-0xffffffff82c00000 6M RW PSE NX pmd
current_kernel-0xffffffff82c00000-0xffffffff82e00000 2M RW NX pte
current_kernel-0xffffffff82e00000-0xffffffff83200000 4M RW PSE NX pmd
current_kernel-0xffffffff83200000-0xffffffffa0000000 462M pmd
current_user:---[ High Kernel Mapping ]---
current_user-0xffffffff80000000-0xffffffff81000000 16M pmd
current_user-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_user-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_user-0xffffffff81e11000-0xffffffff82000000 1980K RW NX pte
current_user-0xffffffff82000000-0xffffffff82600000 6M ro PSE GLB NX pmd
current_user-0xffffffff82600000-0xffffffffa0000000 474M pmd
After this patch:
current_kernel:---[ High Kernel Mapping ]---
current_kernel-0xffffffff80000000-0xffffffff81000000 16M pmd
current_kernel-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_kernel-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_kernel-0xffffffff81e11000-0xffffffff82000000 1980K pte
current_kernel-0xffffffff82000000-0xffffffff82400000 4M ro PSE GLB NX pmd
current_kernel-0xffffffff82400000-0xffffffff82488000 544K ro NX pte
current_kernel-0xffffffff82488000-0xffffffff82600000 1504K pte
current_kernel-0xffffffff82600000-0xffffffff82c00000 6M RW PSE NX pmd
current_kernel-0xffffffff82c00000-0xffffffff82c0d000 52K RW NX pte
current_kernel-0xffffffff82c0d000-0xffffffff82dc0000 1740K pte
current_user:---[ High Kernel Mapping ]---
current_user-0xffffffff80000000-0xffffffff81000000 16M pmd
current_user-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_user-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_user-0xffffffff81e11000-0xffffffff82000000 1980K pte
current_user-0xffffffff82000000-0xffffffff82400000 4M ro PSE GLB NX pmd
current_user-0xffffffff82400000-0xffffffff82488000 544K ro NX pte
current_user-0xffffffff82488000-0xffffffff82600000 1504K pte
current_user-0xffffffff82600000-0xffffffffa0000000 474M pmd
[ tglx: Do not unmap on 32bit as there is only one mapping ]
Fixes: 0f561fce4d69 ("x86/pti: Enable global pages for shared areas")
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Kees Cook <keescook@google.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Joerg Roedel <jroedel@suse.de>
Link: https://lkml.kernel.org/r/20180802225831.5F6A2BFC@viggo.jf.intel.com
2018-08-03 05:58:31 +07:00
|
|
|
#define CPA_NO_CHECK_ALIAS 8 /* Do not search for aliases */
|
2008-08-21 09:46:06 +07:00
|
|
|
|
2008-05-05 21:35:21 +07:00
|
|
|
#ifdef CONFIG_PROC_FS
|
2008-05-02 16:46:49 +07:00
|
|
|
static unsigned long direct_pages_count[PG_LEVEL_NUM];
|
|
|
|
|
2008-05-05 21:35:21 +07:00
|
|
|
void update_page_count(int level, unsigned long pages)
|
2008-05-02 16:46:49 +07:00
|
|
|
{
|
|
|
|
/* Protect against CPA */
|
2011-02-17 06:45:22 +07:00
|
|
|
spin_lock(&pgd_lock);
|
2008-05-02 16:46:49 +07:00
|
|
|
direct_pages_count[level] += pages;
|
2011-02-17 06:45:22 +07:00
|
|
|
spin_unlock(&pgd_lock);
|
2008-05-05 21:35:21 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
static void split_page_count(int level)
|
|
|
|
{
|
2016-01-12 00:04:28 +07:00
|
|
|
if (direct_pages_count[level] == 0)
|
|
|
|
return;
|
|
|
|
|
2008-05-05 21:35:21 +07:00
|
|
|
direct_pages_count[level]--;
|
|
|
|
direct_pages_count[level - 1] += PTRS_PER_PTE;
|
|
|
|
}
|
|
|
|
|
2008-10-16 02:50:22 +07:00
|
|
|
void arch_report_meminfo(struct seq_file *m)
|
2008-05-05 21:35:21 +07:00
|
|
|
{
|
2008-11-06 19:05:40 +07:00
|
|
|
seq_printf(m, "DirectMap4k: %8lu kB\n",
|
2008-08-15 19:58:32 +07:00
|
|
|
direct_pages_count[PG_LEVEL_4K] << 2);
|
|
|
|
#if defined(CONFIG_X86_64) || defined(CONFIG_X86_PAE)
|
2008-11-06 19:05:40 +07:00
|
|
|
seq_printf(m, "DirectMap2M: %8lu kB\n",
|
2008-08-15 19:58:32 +07:00
|
|
|
direct_pages_count[PG_LEVEL_2M] << 11);
|
|
|
|
#else
|
2008-11-06 19:05:40 +07:00
|
|
|
seq_printf(m, "DirectMap4M: %8lu kB\n",
|
2008-08-15 19:58:32 +07:00
|
|
|
direct_pages_count[PG_LEVEL_2M] << 12);
|
|
|
|
#endif
|
|
|
|
if (direct_gbpages)
|
2008-11-06 19:05:40 +07:00
|
|
|
seq_printf(m, "DirectMap1G: %8lu kB\n",
|
2008-08-15 19:58:32 +07:00
|
|
|
direct_pages_count[PG_LEVEL_1G] << 20);
|
2008-05-02 16:46:49 +07:00
|
|
|
}
|
2008-05-05 21:35:21 +07:00
|
|
|
#else
|
|
|
|
static inline void split_page_count(int level) { }
|
|
|
|
#endif
|
2008-05-02 16:46:49 +07:00
|
|
|
|
2018-09-17 21:29:12 +07:00
|
|
|
#ifdef CONFIG_X86_CPA_STATISTICS
|
|
|
|
|
|
|
|
static unsigned long cpa_1g_checked;
|
|
|
|
static unsigned long cpa_1g_sameprot;
|
|
|
|
static unsigned long cpa_1g_preserved;
|
|
|
|
static unsigned long cpa_2m_checked;
|
|
|
|
static unsigned long cpa_2m_sameprot;
|
|
|
|
static unsigned long cpa_2m_preserved;
|
|
|
|
static unsigned long cpa_4k_install;
|
|
|
|
|
|
|
|
static inline void cpa_inc_1g_checked(void)
|
|
|
|
{
|
|
|
|
cpa_1g_checked++;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void cpa_inc_2m_checked(void)
|
|
|
|
{
|
|
|
|
cpa_2m_checked++;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void cpa_inc_4k_install(void)
|
|
|
|
{
|
|
|
|
cpa_4k_install++;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void cpa_inc_lp_sameprot(int level)
|
|
|
|
{
|
|
|
|
if (level == PG_LEVEL_1G)
|
|
|
|
cpa_1g_sameprot++;
|
|
|
|
else
|
|
|
|
cpa_2m_sameprot++;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void cpa_inc_lp_preserved(int level)
|
|
|
|
{
|
|
|
|
if (level == PG_LEVEL_1G)
|
|
|
|
cpa_1g_preserved++;
|
|
|
|
else
|
|
|
|
cpa_2m_preserved++;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int cpastats_show(struct seq_file *m, void *p)
|
|
|
|
{
|
|
|
|
seq_printf(m, "1G pages checked: %16lu\n", cpa_1g_checked);
|
|
|
|
seq_printf(m, "1G pages sameprot: %16lu\n", cpa_1g_sameprot);
|
|
|
|
seq_printf(m, "1G pages preserved: %16lu\n", cpa_1g_preserved);
|
|
|
|
seq_printf(m, "2M pages checked: %16lu\n", cpa_2m_checked);
|
|
|
|
seq_printf(m, "2M pages sameprot: %16lu\n", cpa_2m_sameprot);
|
|
|
|
seq_printf(m, "2M pages preserved: %16lu\n", cpa_2m_preserved);
|
|
|
|
seq_printf(m, "4K pages set-checked: %16lu\n", cpa_4k_install);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int cpastats_open(struct inode *inode, struct file *file)
|
|
|
|
{
|
|
|
|
return single_open(file, cpastats_show, NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
static const struct file_operations cpastats_fops = {
|
|
|
|
.open = cpastats_open,
|
|
|
|
.read = seq_read,
|
|
|
|
.llseek = seq_lseek,
|
|
|
|
.release = single_release,
|
|
|
|
};
|
|
|
|
|
|
|
|
static int __init cpa_stats_init(void)
|
|
|
|
{
|
|
|
|
debugfs_create_file("cpa_stats", S_IRUSR, arch_debugfs_dir, NULL,
|
|
|
|
&cpastats_fops);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
late_initcall(cpa_stats_init);
|
|
|
|
#else
|
|
|
|
static inline void cpa_inc_1g_checked(void) { }
|
|
|
|
static inline void cpa_inc_2m_checked(void) { }
|
|
|
|
static inline void cpa_inc_4k_install(void) { }
|
|
|
|
static inline void cpa_inc_lp_sameprot(int level) { }
|
|
|
|
static inline void cpa_inc_lp_preserved(int level) { }
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
2018-04-21 05:20:21 +07:00
|
|
|
static inline int
|
|
|
|
within(unsigned long addr, unsigned long start, unsigned long end)
|
|
|
|
{
|
|
|
|
return addr >= start && addr < end;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int
|
|
|
|
within_inclusive(unsigned long addr, unsigned long start, unsigned long end)
|
|
|
|
{
|
|
|
|
return addr >= start && addr <= end;
|
|
|
|
}
|
|
|
|
|
2008-02-19 02:54:14 +07:00
|
|
|
#ifdef CONFIG_X86_64
|
|
|
|
|
|
|
|
static inline unsigned long highmap_start_pfn(void)
|
|
|
|
{
|
2012-11-17 04:57:13 +07:00
|
|
|
return __pa_symbol(_text) >> PAGE_SHIFT;
|
2008-02-19 02:54:14 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
static inline unsigned long highmap_end_pfn(void)
|
|
|
|
{
|
2016-06-16 02:05:45 +07:00
|
|
|
/* Do not reference physical address outside the kernel. */
|
|
|
|
return __pa_symbol(roundup(_brk_end, PMD_SIZE) - 1) >> PAGE_SHIFT;
|
2008-02-19 02:54:14 +07:00
|
|
|
}
|
|
|
|
|
2018-04-21 05:20:21 +07:00
|
|
|
static bool __cpa_pfn_in_highmap(unsigned long pfn)
|
2008-01-30 19:34:04 +07:00
|
|
|
{
|
2018-04-21 05:20:21 +07:00
|
|
|
/*
|
|
|
|
* Kernel text has an alias mapping at a high address, known
|
|
|
|
* here as "highmap".
|
|
|
|
*/
|
|
|
|
return within_inclusive(pfn, highmap_start_pfn(), highmap_end_pfn());
|
2008-01-30 19:34:04 +07:00
|
|
|
}
|
|
|
|
|
2018-04-21 05:20:21 +07:00
|
|
|
#else
|
|
|
|
|
|
|
|
static bool __cpa_pfn_in_highmap(unsigned long pfn)
|
2016-06-16 02:05:45 +07:00
|
|
|
{
|
2018-04-21 05:20:21 +07:00
|
|
|
/* There is no highmap on 32-bit */
|
|
|
|
return false;
|
2016-06-16 02:05:45 +07:00
|
|
|
}
|
|
|
|
|
2018-04-21 05:20:21 +07:00
|
|
|
#endif
|
|
|
|
|
2008-01-30 19:34:07 +07:00
|
|
|
/*
|
|
|
|
* Flushing functions
|
|
|
|
*/
|
2008-01-30 19:34:08 +07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* clflush_cache_range - flush a cache range with clflush
|
2012-06-10 09:50:52 +07:00
|
|
|
* @vaddr: virtual start address
|
2008-01-30 19:34:08 +07:00
|
|
|
* @size: number of bytes to flush
|
|
|
|
*
|
2014-02-27 02:06:50 +07:00
|
|
|
* clflushopt is an unordered instruction which needs fencing with mfence or
|
|
|
|
* sfence to avoid ordering issues.
|
2008-01-30 19:34:08 +07:00
|
|
|
*/
|
2008-01-30 19:34:09 +07:00
|
|
|
void clflush_cache_range(void *vaddr, unsigned int size)
|
2008-01-30 19:34:07 +07:00
|
|
|
{
|
2016-01-08 16:55:33 +07:00
|
|
|
const unsigned long clflush_size = boot_cpu_data.x86_clflush_size;
|
|
|
|
void *p = (void *)((unsigned long)vaddr & ~(clflush_size - 1));
|
2015-05-11 15:15:49 +07:00
|
|
|
void *vend = vaddr + size;
|
2016-01-08 16:55:33 +07:00
|
|
|
|
|
|
|
if (p >= vend)
|
|
|
|
return;
|
2008-01-30 19:34:07 +07:00
|
|
|
|
2008-01-30 19:34:08 +07:00
|
|
|
mb();
|
2008-01-30 19:34:09 +07:00
|
|
|
|
2016-01-08 16:55:33 +07:00
|
|
|
for (; p < vend; p += clflush_size)
|
2015-05-11 15:15:49 +07:00
|
|
|
clflushopt(p);
|
2008-01-30 19:34:09 +07:00
|
|
|
|
2008-01-30 19:34:08 +07:00
|
|
|
mb();
|
2008-01-30 19:34:07 +07:00
|
|
|
}
|
2009-09-11 07:48:48 +07:00
|
|
|
EXPORT_SYMBOL_GPL(clflush_cache_range);
|
2008-01-30 19:34:07 +07:00
|
|
|
|
2017-05-30 13:00:34 +07:00
|
|
|
void arch_invalidate_pmem(void *addr, size_t size)
|
|
|
|
{
|
|
|
|
clflush_cache_range(addr, size);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(arch_invalidate_pmem);
|
|
|
|
|
2008-01-30 19:34:08 +07:00
|
|
|
static void __cpa_flush_all(void *arg)
|
2008-01-30 19:34:07 +07:00
|
|
|
{
|
2008-02-04 22:48:06 +07:00
|
|
|
unsigned long cache = (unsigned long)arg;
|
|
|
|
|
2008-01-30 19:34:07 +07:00
|
|
|
/*
|
|
|
|
* Flush all to work around Errata in early athlons regarding
|
|
|
|
* large page flushing.
|
|
|
|
*/
|
|
|
|
__flush_tlb_all();
|
|
|
|
|
2009-05-23 03:23:37 +07:00
|
|
|
if (cache && boot_cpu_data.x86 >= 4)
|
2008-01-30 19:34:07 +07:00
|
|
|
wbinvd();
|
|
|
|
}
|
|
|
|
|
2008-02-04 22:48:06 +07:00
|
|
|
static void cpa_flush_all(unsigned long cache)
|
2008-01-30 19:34:07 +07:00
|
|
|
{
|
2018-04-21 05:20:19 +07:00
|
|
|
BUG_ON(irqs_disabled() && !early_boot_irqs_disabled);
|
2008-01-30 19:34:07 +07:00
|
|
|
|
2008-05-09 14:39:44 +07:00
|
|
|
on_each_cpu(__cpa_flush_all, (void *) cache, 1);
|
2008-01-30 19:34:07 +07:00
|
|
|
}
|
|
|
|
|
2008-02-04 22:48:06 +07:00
|
|
|
static void cpa_flush_range(unsigned long start, int numpages, int cache)
|
2008-01-30 19:34:08 +07:00
|
|
|
{
|
2008-01-30 19:34:09 +07:00
|
|
|
unsigned int i, level;
|
|
|
|
unsigned long addr;
|
|
|
|
|
2017-05-26 21:14:11 +07:00
|
|
|
BUG_ON(irqs_disabled() && !early_boot_irqs_disabled);
|
2008-01-30 19:34:09 +07:00
|
|
|
WARN_ON(PAGE_ALIGN(start) != start);
|
2008-01-30 19:34:08 +07:00
|
|
|
|
2018-09-19 15:50:17 +07:00
|
|
|
flush_tlb_all();
|
2008-01-30 19:34:08 +07:00
|
|
|
|
2008-02-04 22:48:06 +07:00
|
|
|
if (!cache)
|
|
|
|
return;
|
|
|
|
|
2008-01-30 19:34:08 +07:00
|
|
|
/*
|
|
|
|
* We only need to flush on one CPU,
|
|
|
|
* clflush is a MESI-coherent instruction that
|
|
|
|
* will cause all other CPUs to flush the same
|
|
|
|
* cachelines:
|
|
|
|
*/
|
2008-01-30 19:34:09 +07:00
|
|
|
for (i = 0, addr = start; i < numpages; i++, addr += PAGE_SIZE) {
|
|
|
|
pte_t *pte = lookup_address(addr, &level);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Only flush present addresses:
|
|
|
|
*/
|
2008-02-04 22:48:08 +07:00
|
|
|
if (pte && (pte_val(*pte) & _PAGE_PRESENT))
|
2008-01-30 19:34:09 +07:00
|
|
|
clflush_cache_range((void *) addr, PAGE_SIZE);
|
|
|
|
}
|
2008-01-30 19:34:08 +07:00
|
|
|
}
|
|
|
|
|
2009-03-20 04:51:14 +07:00
|
|
|
static void cpa_flush_array(unsigned long *start, int numpages, int cache,
|
|
|
|
int in_flags, struct page **pages)
|
2008-08-21 09:46:06 +07:00
|
|
|
{
|
|
|
|
unsigned int i, level;
|
|
|
|
|
2018-04-21 05:20:19 +07:00
|
|
|
BUG_ON(irqs_disabled() && !early_boot_irqs_disabled);
|
2008-08-21 09:46:06 +07:00
|
|
|
|
2018-09-19 15:50:19 +07:00
|
|
|
flush_tlb_all();
|
2008-08-21 09:46:06 +07:00
|
|
|
|
2018-09-19 15:50:19 +07:00
|
|
|
if (!cache)
|
2008-08-21 09:46:06 +07:00
|
|
|
return;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We only need to flush on one CPU,
|
|
|
|
* clflush is a MESI-coherent instruction that
|
|
|
|
* will cause all other CPUs to flush the same
|
|
|
|
* cachelines:
|
|
|
|
*/
|
2009-03-20 04:51:14 +07:00
|
|
|
for (i = 0; i < numpages; i++) {
|
|
|
|
unsigned long addr;
|
|
|
|
pte_t *pte;
|
|
|
|
|
|
|
|
if (in_flags & CPA_PAGES_ARRAY)
|
|
|
|
addr = (unsigned long)page_address(pages[i]);
|
|
|
|
else
|
|
|
|
addr = start[i];
|
|
|
|
|
|
|
|
pte = lookup_address(addr, &level);
|
2008-08-21 09:46:06 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Only flush present addresses:
|
|
|
|
*/
|
|
|
|
if (pte && (pte_val(*pte) & _PAGE_PRESENT))
|
2009-03-20 04:51:14 +07:00
|
|
|
clflush_cache_range((void *)addr, PAGE_SIZE);
|
2008-08-21 09:46:06 +07:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-09-17 21:29:10 +07:00
|
|
|
static bool overlaps(unsigned long r1_start, unsigned long r1_end,
|
|
|
|
unsigned long r2_start, unsigned long r2_end)
|
|
|
|
{
|
|
|
|
return (r1_start <= r2_end && r1_end >= r2_start) ||
|
|
|
|
(r2_start <= r1_end && r2_end >= r1_start);
|
|
|
|
}
|
|
|
|
|
2018-09-17 21:29:09 +07:00
|
|
|
#ifdef CONFIG_PCI_BIOS
|
2008-01-30 19:34:04 +07:00
|
|
|
/*
|
2018-09-17 21:29:09 +07:00
|
|
|
* The BIOS area between 640k and 1Mb needs to be executable for PCI BIOS
|
|
|
|
* based config access (CONFIG_PCI_GOBIOS) support.
|
2008-01-30 19:34:04 +07:00
|
|
|
*/
|
2018-09-17 21:29:09 +07:00
|
|
|
#define BIOS_PFN PFN_DOWN(BIOS_BEGIN)
|
2018-09-17 21:29:10 +07:00
|
|
|
#define BIOS_PFN_END PFN_DOWN(BIOS_END - 1)
|
2008-01-30 19:34:04 +07:00
|
|
|
|
2018-09-17 21:29:10 +07:00
|
|
|
static pgprotval_t protect_pci_bios(unsigned long spfn, unsigned long epfn)
|
2018-09-17 21:29:09 +07:00
|
|
|
{
|
2018-09-17 21:29:10 +07:00
|
|
|
if (pcibios_enabled && overlaps(spfn, epfn, BIOS_PFN, BIOS_PFN_END))
|
2018-09-17 21:29:09 +07:00
|
|
|
return _PAGE_NX;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
#else
|
2018-09-17 21:29:10 +07:00
|
|
|
static pgprotval_t protect_pci_bios(unsigned long spfn, unsigned long epfn)
|
2018-09-17 21:29:09 +07:00
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
2010-11-17 04:31:26 +07:00
|
|
|
#endif
|
2008-01-30 19:34:04 +07:00
|
|
|
|
2018-09-17 21:29:09 +07:00
|
|
|
/*
|
|
|
|
* The .rodata section needs to be read-only. Using the pfn catches all
|
|
|
|
* aliases. This also includes __ro_after_init, so do not enforce until
|
|
|
|
* kernel_set_to_readonly is true.
|
|
|
|
*/
|
2018-09-17 21:29:10 +07:00
|
|
|
static pgprotval_t protect_rodata(unsigned long spfn, unsigned long epfn)
|
2018-09-17 21:29:09 +07:00
|
|
|
{
|
2018-09-17 21:29:10 +07:00
|
|
|
unsigned long epfn_ro, spfn_ro = PFN_DOWN(__pa_symbol(__start_rodata));
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Note: __end_rodata is at page aligned and not inclusive, so
|
|
|
|
* subtract 1 to get the last enforced PFN in the rodata area.
|
|
|
|
*/
|
|
|
|
epfn_ro = PFN_DOWN(__pa_symbol(__end_rodata)) - 1;
|
2008-02-04 22:48:05 +07:00
|
|
|
|
2018-09-17 21:29:10 +07:00
|
|
|
if (kernel_set_to_readonly && overlaps(spfn, epfn, spfn_ro, epfn_ro))
|
2018-09-17 21:29:09 +07:00
|
|
|
return _PAGE_RW;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Protect kernel text against becoming non executable by forbidding
|
|
|
|
* _PAGE_NX. This protects only the high kernel mapping (_text -> _etext)
|
|
|
|
* out of which the kernel actually executes. Do not protect the low
|
|
|
|
* mapping.
|
|
|
|
*
|
|
|
|
* This does not cover __inittext since that is gone after boot.
|
|
|
|
*/
|
2018-09-17 21:29:10 +07:00
|
|
|
static pgprotval_t protect_kernel_text(unsigned long start, unsigned long end)
|
2018-09-17 21:29:09 +07:00
|
|
|
{
|
2018-09-17 21:29:10 +07:00
|
|
|
unsigned long t_end = (unsigned long)_etext - 1;
|
|
|
|
unsigned long t_start = (unsigned long)_text;
|
|
|
|
|
|
|
|
if (overlaps(start, end, t_start, t_end))
|
2018-09-17 21:29:09 +07:00
|
|
|
return _PAGE_NX;
|
|
|
|
return 0;
|
|
|
|
}
|
2008-01-30 19:34:04 +07:00
|
|
|
|
2016-02-18 05:41:14 +07:00
|
|
|
#if defined(CONFIG_X86_64)
|
2018-09-17 21:29:09 +07:00
|
|
|
/*
|
|
|
|
* Once the kernel maps the text as RO (kernel_set_to_readonly is set),
|
|
|
|
* kernel text mappings for the large page aligned text, rodata sections
|
|
|
|
* will be always read-only. For the kernel identity mappings covering the
|
|
|
|
* holes caused by this alignment can be anything that user asks.
|
|
|
|
*
|
|
|
|
* This will preserve the large page mappings for kernel text/data at no
|
|
|
|
* extra cost.
|
|
|
|
*/
|
2018-09-17 21:29:10 +07:00
|
|
|
static pgprotval_t protect_kernel_text_ro(unsigned long start,
|
|
|
|
unsigned long end)
|
2018-09-17 21:29:09 +07:00
|
|
|
{
|
2018-09-17 21:29:10 +07:00
|
|
|
unsigned long t_end = (unsigned long)__end_rodata_hpage_align - 1;
|
|
|
|
unsigned long t_start = (unsigned long)_text;
|
2018-09-17 21:29:09 +07:00
|
|
|
unsigned int level;
|
|
|
|
|
2018-09-17 21:29:10 +07:00
|
|
|
if (!kernel_set_to_readonly || !overlaps(start, end, t_start, t_end))
|
2018-09-17 21:29:09 +07:00
|
|
|
return 0;
|
2009-10-15 04:46:56 +07:00
|
|
|
/*
|
2018-09-17 21:29:09 +07:00
|
|
|
* Don't enforce the !RW mapping for the kernel text mapping, if
|
|
|
|
* the current mapping is already using small page mapping. No
|
|
|
|
* need to work hard to preserve large page mappings in this case.
|
2009-10-15 04:46:56 +07:00
|
|
|
*
|
2018-09-17 21:29:09 +07:00
|
|
|
* This also fixes the Linux Xen paravirt guest boot failure caused
|
|
|
|
* by unexpected read-only mappings for kernel identity
|
|
|
|
* mappings. In this paravirt guest case, the kernel text mapping
|
|
|
|
* and the kernel identity mapping share the same page-table pages,
|
|
|
|
* so the protections for kernel text and identity mappings have to
|
|
|
|
* be the same.
|
2009-10-15 04:46:56 +07:00
|
|
|
*/
|
2018-09-17 21:29:10 +07:00
|
|
|
if (lookup_address(start, &level) && (level != PG_LEVEL_4K))
|
2018-09-17 21:29:09 +07:00
|
|
|
return _PAGE_RW;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
#else
|
2018-09-17 21:29:10 +07:00
|
|
|
static pgprotval_t protect_kernel_text_ro(unsigned long start,
|
|
|
|
unsigned long end)
|
2018-09-17 21:29:09 +07:00
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
2009-10-15 04:46:56 +07:00
|
|
|
#endif
|
|
|
|
|
2018-09-17 21:29:11 +07:00
|
|
|
static inline bool conflicts(pgprot_t prot, pgprotval_t val)
|
|
|
|
{
|
|
|
|
return (pgprot_val(prot) & ~val) != pgprot_val(prot);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void check_conflict(int warnlvl, pgprot_t prot, pgprotval_t val,
|
|
|
|
unsigned long start, unsigned long end,
|
|
|
|
unsigned long pfn, const char *txt)
|
|
|
|
{
|
|
|
|
static const char *lvltxt[] = {
|
2018-09-17 21:29:14 +07:00
|
|
|
[CPA_CONFLICT] = "conflict",
|
2018-09-17 21:29:11 +07:00
|
|
|
[CPA_PROTECT] = "protect",
|
|
|
|
[CPA_DETECT] = "detect",
|
|
|
|
};
|
|
|
|
|
|
|
|
if (warnlvl > cpa_warn_level || !conflicts(prot, val))
|
|
|
|
return;
|
|
|
|
|
|
|
|
pr_warn("CPA %8s %10s: 0x%016lx - 0x%016lx PFN %lx req %016llx prevent %016llx\n",
|
|
|
|
lvltxt[warnlvl], txt, start, end, pfn, (unsigned long long)pgprot_val(prot),
|
|
|
|
(unsigned long long)val);
|
|
|
|
}
|
|
|
|
|
2018-09-17 21:29:09 +07:00
|
|
|
/*
|
|
|
|
* Certain areas of memory on x86 require very specific protection flags,
|
|
|
|
* for example the BIOS area or kernel text. Callers don't always get this
|
|
|
|
* right (again, ioremap() on BIOS memory is not uncommon) so this function
|
|
|
|
* checks and fixes these known static required protection bits.
|
|
|
|
*/
|
2018-09-17 21:29:10 +07:00
|
|
|
static inline pgprot_t static_protections(pgprot_t prot, unsigned long start,
|
2018-09-17 21:29:11 +07:00
|
|
|
unsigned long pfn, unsigned long npg,
|
|
|
|
int warnlvl)
|
2018-09-17 21:29:09 +07:00
|
|
|
{
|
2018-09-17 21:29:11 +07:00
|
|
|
pgprotval_t forbidden, res;
|
2018-09-17 21:29:10 +07:00
|
|
|
unsigned long end;
|
2018-09-17 21:29:09 +07:00
|
|
|
|
2018-09-17 21:29:13 +07:00
|
|
|
/*
|
|
|
|
* There is no point in checking RW/NX conflicts when the requested
|
|
|
|
* mapping is setting the page !PRESENT.
|
|
|
|
*/
|
|
|
|
if (!(pgprot_val(prot) & _PAGE_PRESENT))
|
|
|
|
return prot;
|
|
|
|
|
2018-09-17 21:29:09 +07:00
|
|
|
/* Operate on the virtual address */
|
2018-09-17 21:29:10 +07:00
|
|
|
end = start + npg * PAGE_SIZE - 1;
|
2018-09-17 21:29:11 +07:00
|
|
|
|
|
|
|
res = protect_kernel_text(start, end);
|
|
|
|
check_conflict(warnlvl, prot, res, start, end, pfn, "Text NX");
|
|
|
|
forbidden = res;
|
|
|
|
|
|
|
|
res = protect_kernel_text_ro(start, end);
|
|
|
|
check_conflict(warnlvl, prot, res, start, end, pfn, "Text RO");
|
|
|
|
forbidden |= res;
|
2018-09-17 21:29:09 +07:00
|
|
|
|
|
|
|
/* Check the PFN directly */
|
2018-09-17 21:29:11 +07:00
|
|
|
res = protect_pci_bios(pfn, pfn + npg - 1);
|
|
|
|
check_conflict(warnlvl, prot, res, start, end, pfn, "PCIBIOS NX");
|
|
|
|
forbidden |= res;
|
|
|
|
|
|
|
|
res = protect_rodata(pfn, pfn + npg - 1);
|
|
|
|
check_conflict(warnlvl, prot, res, start, end, pfn, "Rodata RO");
|
|
|
|
forbidden |= res;
|
2008-01-30 19:34:04 +07:00
|
|
|
|
2018-09-17 21:29:09 +07:00
|
|
|
return __pgprot(pgprot_val(prot) & ~forbidden);
|
2008-01-30 19:34:04 +07:00
|
|
|
}
|
|
|
|
|
2013-12-07 04:13:04 +07:00
|
|
|
/*
|
|
|
|
* Lookup the page table entry for a virtual address in a specific pgd.
|
|
|
|
* Return a pointer to the entry and the level of the mapping.
|
|
|
|
*/
|
|
|
|
pte_t *lookup_address_in_pgd(pgd_t *pgd, unsigned long address,
|
|
|
|
unsigned int *level)
|
2008-01-30 19:33:41 +07:00
|
|
|
{
|
2017-03-18 01:55:12 +07:00
|
|
|
p4d_t *p4d;
|
2005-04-17 05:20:36 +07:00
|
|
|
pud_t *pud;
|
|
|
|
pmd_t *pmd;
|
2008-01-30 19:33:41 +07:00
|
|
|
|
2008-01-30 19:34:04 +07:00
|
|
|
*level = PG_LEVEL_NONE;
|
|
|
|
|
2005-04-17 05:20:36 +07:00
|
|
|
if (pgd_none(*pgd))
|
|
|
|
return NULL;
|
2008-02-04 22:48:09 +07:00
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
p4d = p4d_offset(pgd, address);
|
|
|
|
if (p4d_none(*p4d))
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
*level = PG_LEVEL_512G;
|
|
|
|
if (p4d_large(*p4d) || !p4d_present(*p4d))
|
|
|
|
return (pte_t *)p4d;
|
|
|
|
|
|
|
|
pud = pud_offset(p4d, address);
|
2005-04-17 05:20:36 +07:00
|
|
|
if (pud_none(*pud))
|
|
|
|
return NULL;
|
2008-02-04 22:48:09 +07:00
|
|
|
|
|
|
|
*level = PG_LEVEL_1G;
|
|
|
|
if (pud_large(*pud) || !pud_present(*pud))
|
|
|
|
return (pte_t *)pud;
|
|
|
|
|
2005-04-17 05:20:36 +07:00
|
|
|
pmd = pmd_offset(pud, address);
|
|
|
|
if (pmd_none(*pmd))
|
|
|
|
return NULL;
|
2008-01-30 19:34:04 +07:00
|
|
|
|
|
|
|
*level = PG_LEVEL_2M;
|
2008-02-04 22:48:07 +07:00
|
|
|
if (pmd_large(*pmd) || !pmd_present(*pmd))
|
2005-04-17 05:20:36 +07:00
|
|
|
return (pte_t *)pmd;
|
|
|
|
|
2008-01-30 19:34:04 +07:00
|
|
|
*level = PG_LEVEL_4K;
|
2008-02-04 22:48:09 +07:00
|
|
|
|
2008-01-30 19:33:41 +07:00
|
|
|
return pte_offset_kernel(pmd, address);
|
|
|
|
}
|
2013-10-31 23:25:00 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Lookup the page table entry for a virtual address. Return a pointer
|
|
|
|
* to the entry and the level of the mapping.
|
|
|
|
*
|
|
|
|
* Note: We return pud and pmd either when the entry is marked large
|
|
|
|
* or when the present bit is not set. Otherwise we would return a
|
|
|
|
* pointer to a nonexisting mapping.
|
|
|
|
*/
|
|
|
|
pte_t *lookup_address(unsigned long address, unsigned int *level)
|
|
|
|
{
|
2018-09-17 21:29:08 +07:00
|
|
|
return lookup_address_in_pgd(pgd_offset_k(address), address, level);
|
2013-10-31 23:25:00 +07:00
|
|
|
}
|
2008-05-13 02:20:56 +07:00
|
|
|
EXPORT_SYMBOL_GPL(lookup_address);
|
2008-01-30 19:33:41 +07:00
|
|
|
|
2013-10-31 23:25:00 +07:00
|
|
|
static pte_t *_lookup_address_cpa(struct cpa_data *cpa, unsigned long address,
|
|
|
|
unsigned int *level)
|
|
|
|
{
|
2018-09-17 21:29:08 +07:00
|
|
|
if (cpa->pgd)
|
2013-12-07 04:13:04 +07:00
|
|
|
return lookup_address_in_pgd(cpa->pgd + pgd_index(address),
|
2013-10-31 23:25:00 +07:00
|
|
|
address, level);
|
|
|
|
|
2018-09-17 21:29:08 +07:00
|
|
|
return lookup_address(address, level);
|
2013-10-31 23:25:00 +07:00
|
|
|
}
|
|
|
|
|
2014-11-28 17:53:56 +07:00
|
|
|
/*
|
|
|
|
* Lookup the PMD entry for a virtual address. Return a pointer to the entry
|
|
|
|
* or NULL if not present.
|
|
|
|
*/
|
|
|
|
pmd_t *lookup_pmd_address(unsigned long address)
|
|
|
|
{
|
|
|
|
pgd_t *pgd;
|
2017-03-18 01:55:12 +07:00
|
|
|
p4d_t *p4d;
|
2014-11-28 17:53:56 +07:00
|
|
|
pud_t *pud;
|
|
|
|
|
|
|
|
pgd = pgd_offset_k(address);
|
|
|
|
if (pgd_none(*pgd))
|
|
|
|
return NULL;
|
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
p4d = p4d_offset(pgd, address);
|
|
|
|
if (p4d_none(*p4d) || p4d_large(*p4d) || !p4d_present(*p4d))
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
pud = pud_offset(p4d, address);
|
2014-11-28 17:53:56 +07:00
|
|
|
if (pud_none(*pud) || pud_large(*pud) || !pud_present(*pud))
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
return pmd_offset(pud, address);
|
|
|
|
}
|
|
|
|
|
x86, mm: Create slow_virt_to_phys()
This is necessary because __pa() does not work on some kinds of
memory, like vmalloc() or the alloc_remap() areas on 32-bit
NUMA systems. We have some functions to do conversions _like_
this in the vmalloc() code (like vmalloc_to_page()), but they
do not work on sizes other than 4k pages. We would potentially
need to be able to handle all the page sizes that we use for
the kernel linear mapping (4k, 2M, 1G).
In practice, on 32-bit NUMA systems, the percpu areas get stuck
in the alloc_remap() area. Any __pa() call on them will break
and basically return garbage.
This patch introduces a new function slow_virt_to_phys(), which
walks the kernel page tables on x86 and should do precisely
the same logical thing as __pa(), but actually work on a wider
range of memory. It should work on the normal linear mapping,
vmalloc(), kmap(), etc...
Signed-off-by: Dave Hansen <dave@linux.vnet.ibm.com>
Link: http://lkml.kernel.org/r/20130122212433.4D1FCA62@kernel.stglabs.ibm.com
Acked-by: Rik van Riel <riel@redhat.com>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-01-23 04:24:33 +07:00
|
|
|
/*
|
|
|
|
* This is necessary because __pa() does not work on some
|
|
|
|
* kinds of memory, like vmalloc() or the alloc_remap()
|
|
|
|
* areas on 32-bit NUMA systems. The percpu areas can
|
|
|
|
* end up in this kind of memory, for instance.
|
|
|
|
*
|
|
|
|
* This could be optimized, but it is only intended to be
|
|
|
|
* used at inititalization time, and keeping it
|
|
|
|
* unoptimized should increase the testing coverage for
|
|
|
|
* the more obscure platforms.
|
|
|
|
*/
|
|
|
|
phys_addr_t slow_virt_to_phys(void *__virt_addr)
|
|
|
|
{
|
|
|
|
unsigned long virt_addr = (unsigned long)__virt_addr;
|
2016-02-25 16:58:12 +07:00
|
|
|
phys_addr_t phys_addr;
|
|
|
|
unsigned long offset;
|
x86, mm: Create slow_virt_to_phys()
This is necessary because __pa() does not work on some kinds of
memory, like vmalloc() or the alloc_remap() areas on 32-bit
NUMA systems. We have some functions to do conversions _like_
this in the vmalloc() code (like vmalloc_to_page()), but they
do not work on sizes other than 4k pages. We would potentially
need to be able to handle all the page sizes that we use for
the kernel linear mapping (4k, 2M, 1G).
In practice, on 32-bit NUMA systems, the percpu areas get stuck
in the alloc_remap() area. Any __pa() call on them will break
and basically return garbage.
This patch introduces a new function slow_virt_to_phys(), which
walks the kernel page tables on x86 and should do precisely
the same logical thing as __pa(), but actually work on a wider
range of memory. It should work on the normal linear mapping,
vmalloc(), kmap(), etc...
Signed-off-by: Dave Hansen <dave@linux.vnet.ibm.com>
Link: http://lkml.kernel.org/r/20130122212433.4D1FCA62@kernel.stglabs.ibm.com
Acked-by: Rik van Riel <riel@redhat.com>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-01-23 04:24:33 +07:00
|
|
|
enum pg_level level;
|
|
|
|
pte_t *pte;
|
|
|
|
|
|
|
|
pte = lookup_address(virt_addr, &level);
|
|
|
|
BUG_ON(!pte);
|
2015-09-18 01:24:20 +07:00
|
|
|
|
2016-02-25 16:58:12 +07:00
|
|
|
/*
|
|
|
|
* pXX_pfn() returns unsigned long, which must be cast to phys_addr_t
|
|
|
|
* before being left-shifted PAGE_SHIFT bits -- this trick is to
|
|
|
|
* make 32-PAE kernel work correctly.
|
|
|
|
*/
|
2015-09-18 01:24:20 +07:00
|
|
|
switch (level) {
|
|
|
|
case PG_LEVEL_1G:
|
2016-02-25 16:58:12 +07:00
|
|
|
phys_addr = (phys_addr_t)pud_pfn(*(pud_t *)pte) << PAGE_SHIFT;
|
2015-09-18 01:24:20 +07:00
|
|
|
offset = virt_addr & ~PUD_PAGE_MASK;
|
|
|
|
break;
|
|
|
|
case PG_LEVEL_2M:
|
2016-02-25 16:58:12 +07:00
|
|
|
phys_addr = (phys_addr_t)pmd_pfn(*(pmd_t *)pte) << PAGE_SHIFT;
|
2015-09-18 01:24:20 +07:00
|
|
|
offset = virt_addr & ~PMD_PAGE_MASK;
|
|
|
|
break;
|
|
|
|
default:
|
2016-02-25 16:58:12 +07:00
|
|
|
phys_addr = (phys_addr_t)pte_pfn(*pte) << PAGE_SHIFT;
|
2015-09-18 01:24:20 +07:00
|
|
|
offset = virt_addr & ~PAGE_MASK;
|
|
|
|
}
|
|
|
|
|
|
|
|
return (phys_addr_t)(phys_addr | offset);
|
x86, mm: Create slow_virt_to_phys()
This is necessary because __pa() does not work on some kinds of
memory, like vmalloc() or the alloc_remap() areas on 32-bit
NUMA systems. We have some functions to do conversions _like_
this in the vmalloc() code (like vmalloc_to_page()), but they
do not work on sizes other than 4k pages. We would potentially
need to be able to handle all the page sizes that we use for
the kernel linear mapping (4k, 2M, 1G).
In practice, on 32-bit NUMA systems, the percpu areas get stuck
in the alloc_remap() area. Any __pa() call on them will break
and basically return garbage.
This patch introduces a new function slow_virt_to_phys(), which
walks the kernel page tables on x86 and should do precisely
the same logical thing as __pa(), but actually work on a wider
range of memory. It should work on the normal linear mapping,
vmalloc(), kmap(), etc...
Signed-off-by: Dave Hansen <dave@linux.vnet.ibm.com>
Link: http://lkml.kernel.org/r/20130122212433.4D1FCA62@kernel.stglabs.ibm.com
Acked-by: Rik van Riel <riel@redhat.com>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-01-23 04:24:33 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(slow_virt_to_phys);
|
|
|
|
|
2008-02-04 22:48:09 +07:00
|
|
|
/*
|
|
|
|
* Set the new pmd in all the pgds we know about:
|
|
|
|
*/
|
2008-01-30 19:33:57 +07:00
|
|
|
static void __set_pmd_pte(pte_t *kpte, unsigned long address, pte_t pte)
|
2008-01-30 19:33:41 +07:00
|
|
|
{
|
|
|
|
/* change init_mm */
|
|
|
|
set_pte_atomic(kpte, pte);
|
2008-01-30 19:34:03 +07:00
|
|
|
#ifdef CONFIG_X86_32
|
2008-01-30 19:34:04 +07:00
|
|
|
if (!SHARED_KERNEL_PMD) {
|
2008-01-30 19:34:03 +07:00
|
|
|
struct page *page;
|
|
|
|
|
2008-01-30 19:34:11 +07:00
|
|
|
list_for_each_entry(page, &pgd_list, lru) {
|
2008-01-30 19:34:03 +07:00
|
|
|
pgd_t *pgd;
|
2017-03-18 01:55:12 +07:00
|
|
|
p4d_t *p4d;
|
2008-01-30 19:34:03 +07:00
|
|
|
pud_t *pud;
|
|
|
|
pmd_t *pmd;
|
|
|
|
|
|
|
|
pgd = (pgd_t *)page_address(page) + pgd_index(address);
|
2017-03-18 01:55:12 +07:00
|
|
|
p4d = p4d_offset(pgd, address);
|
|
|
|
pud = pud_offset(p4d, address);
|
2008-01-30 19:34:03 +07:00
|
|
|
pmd = pmd_offset(pud, address);
|
|
|
|
set_pte_atomic((pte_t *)pmd, pte);
|
|
|
|
}
|
2005-04-17 05:20:36 +07:00
|
|
|
}
|
2008-01-30 19:34:03 +07:00
|
|
|
#endif
|
2005-04-17 05:20:36 +07:00
|
|
|
}
|
|
|
|
|
2018-04-07 03:55:02 +07:00
|
|
|
static pgprot_t pgprot_clear_protnone_bits(pgprot_t prot)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* _PAGE_GLOBAL means "global page" for present PTEs.
|
|
|
|
* But, it is also used to indicate _PAGE_PROTNONE
|
|
|
|
* for non-present PTEs.
|
|
|
|
*
|
|
|
|
* This ensures that a _PAGE_GLOBAL PTE going from
|
|
|
|
* present to non-present is not confused as
|
|
|
|
* _PAGE_PROTNONE.
|
|
|
|
*/
|
|
|
|
if (!(pgprot_val(prot) & _PAGE_PRESENT))
|
|
|
|
pgprot_val(prot) &= ~_PAGE_GLOBAL;
|
|
|
|
|
|
|
|
return prot;
|
|
|
|
}
|
|
|
|
|
2018-09-17 21:29:08 +07:00
|
|
|
static int __should_split_large_page(pte_t *kpte, unsigned long address,
|
|
|
|
struct cpa_data *cpa)
|
2008-02-04 22:48:07 +07:00
|
|
|
{
|
2018-09-17 21:29:17 +07:00
|
|
|
unsigned long numpages, pmask, psize, lpaddr, pfn, old_pfn;
|
2018-09-17 21:29:14 +07:00
|
|
|
pgprot_t old_prot, new_prot, req_prot, chk_prot;
|
2018-09-17 21:29:08 +07:00
|
|
|
pte_t new_pte, old_pte, *tmp;
|
2013-01-23 04:24:32 +07:00
|
|
|
enum pg_level level;
|
2008-02-04 22:48:07 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Check for races, another CPU might have split this page
|
|
|
|
* up already:
|
|
|
|
*/
|
2013-10-31 23:25:07 +07:00
|
|
|
tmp = _lookup_address_cpa(cpa, address, &level);
|
2008-02-04 22:48:07 +07:00
|
|
|
if (tmp != kpte)
|
2018-09-17 21:29:08 +07:00
|
|
|
return 1;
|
2008-02-04 22:48:07 +07:00
|
|
|
|
|
|
|
switch (level) {
|
|
|
|
case PG_LEVEL_2M:
|
2015-09-18 01:24:22 +07:00
|
|
|
old_prot = pmd_pgprot(*(pmd_t *)kpte);
|
|
|
|
old_pfn = pmd_pfn(*(pmd_t *)kpte);
|
2018-09-17 21:29:12 +07:00
|
|
|
cpa_inc_2m_checked();
|
2015-09-18 01:24:22 +07:00
|
|
|
break;
|
2008-02-04 22:48:07 +07:00
|
|
|
case PG_LEVEL_1G:
|
2015-09-18 01:24:22 +07:00
|
|
|
old_prot = pud_pgprot(*(pud_t *)kpte);
|
|
|
|
old_pfn = pud_pfn(*(pud_t *)kpte);
|
2018-09-17 21:29:12 +07:00
|
|
|
cpa_inc_1g_checked();
|
2013-01-23 04:24:32 +07:00
|
|
|
break;
|
2008-02-04 22:48:07 +07:00
|
|
|
default:
|
2018-09-17 21:29:08 +07:00
|
|
|
return -EINVAL;
|
2008-02-04 22:48:07 +07:00
|
|
|
}
|
|
|
|
|
2015-09-18 01:24:22 +07:00
|
|
|
psize = page_level_size(level);
|
|
|
|
pmask = page_level_mask(level);
|
|
|
|
|
2008-02-04 22:48:07 +07:00
|
|
|
/*
|
|
|
|
* Calculate the number of pages, which fit into this large
|
|
|
|
* page starting at address:
|
|
|
|
*/
|
2018-09-17 21:29:08 +07:00
|
|
|
lpaddr = (address + psize) & pmask;
|
|
|
|
numpages = (lpaddr - address) >> PAGE_SHIFT;
|
2008-03-03 07:17:37 +07:00
|
|
|
if (numpages < cpa->numpages)
|
|
|
|
cpa->numpages = numpages;
|
2008-02-04 22:48:07 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* We are safe now. Check whether the new pgprot is the same:
|
2014-11-03 20:02:02 +07:00
|
|
|
* Convert protection attributes to 4k-format, as cpa->mask* are set
|
|
|
|
* up accordingly.
|
2008-02-04 22:48:07 +07:00
|
|
|
*/
|
|
|
|
old_pte = *kpte;
|
2018-04-07 03:55:04 +07:00
|
|
|
/* Clear PSE (aka _PAGE_PAT) and move PAT bit to correct position */
|
2015-09-18 01:24:24 +07:00
|
|
|
req_prot = pgprot_large_2_4k(old_prot);
|
2008-02-04 22:48:07 +07:00
|
|
|
|
2010-11-17 04:30:27 +07:00
|
|
|
pgprot_val(req_prot) &= ~pgprot_val(cpa->mask_clr);
|
|
|
|
pgprot_val(req_prot) |= pgprot_val(cpa->mask_set);
|
2008-02-19 02:54:14 +07:00
|
|
|
|
2014-11-03 20:02:02 +07:00
|
|
|
/*
|
|
|
|
* req_prot is in format of 4k pages. It must be converted to large
|
|
|
|
* page format: the caching mode includes the PAT bit located at
|
|
|
|
* different bit positions in the two formats.
|
|
|
|
*/
|
|
|
|
req_prot = pgprot_4k_2_large(req_prot);
|
2018-04-07 03:55:02 +07:00
|
|
|
req_prot = pgprot_clear_protnone_bits(req_prot);
|
2013-04-10 20:28:25 +07:00
|
|
|
if (pgprot_val(req_prot) & _PAGE_PRESENT)
|
2018-04-07 03:55:02 +07:00
|
|
|
pgprot_val(req_prot) |= _PAGE_PSE;
|
2013-02-23 06:11:51 +07:00
|
|
|
|
2008-02-19 02:54:14 +07:00
|
|
|
/*
|
2018-09-17 21:29:08 +07:00
|
|
|
* old_pfn points to the large page base pfn. So we need to add the
|
|
|
|
* offset of the virtual address:
|
2008-02-19 02:54:14 +07:00
|
|
|
*/
|
2015-09-18 01:24:22 +07:00
|
|
|
pfn = old_pfn + ((address & (psize - 1)) >> PAGE_SHIFT);
|
2008-02-19 02:54:14 +07:00
|
|
|
cpa->pfn = pfn;
|
|
|
|
|
2018-09-17 21:29:08 +07:00
|
|
|
/*
|
|
|
|
* Calculate the large page base address and the number of 4K pages
|
|
|
|
* in the large page
|
|
|
|
*/
|
|
|
|
lpaddr = address & pmask;
|
|
|
|
numpages = psize >> PAGE_SHIFT;
|
2008-02-04 22:48:07 +07:00
|
|
|
|
2018-09-17 21:29:14 +07:00
|
|
|
/*
|
|
|
|
* Sanity check that the existing mapping is correct versus the static
|
|
|
|
* protections. static_protections() guards against !PRESENT, so no
|
|
|
|
* extra conditional required here.
|
|
|
|
*/
|
|
|
|
chk_prot = static_protections(old_prot, lpaddr, old_pfn, numpages,
|
|
|
|
CPA_CONFLICT);
|
|
|
|
|
|
|
|
if (WARN_ON_ONCE(pgprot_val(chk_prot) != pgprot_val(old_prot))) {
|
|
|
|
/*
|
|
|
|
* Split the large page and tell the split code to
|
|
|
|
* enforce static protections.
|
|
|
|
*/
|
|
|
|
cpa->force_static_prot = 1;
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2018-09-17 21:29:15 +07:00
|
|
|
/*
|
|
|
|
* Optimization: If the requested pgprot is the same as the current
|
|
|
|
* pgprot, then the large page can be preserved and no updates are
|
|
|
|
* required independent of alignment and length of the requested
|
|
|
|
* range. The above already established that the current pgprot is
|
|
|
|
* correct, which in consequence makes the requested pgprot correct
|
|
|
|
* as well if it is the same. The static protection scan below will
|
|
|
|
* not come to a different conclusion.
|
|
|
|
*/
|
|
|
|
if (pgprot_val(req_prot) == pgprot_val(old_prot)) {
|
|
|
|
cpa_inc_lp_sameprot(level);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2008-02-10 05:24:09 +07:00
|
|
|
/*
|
2018-09-17 21:29:17 +07:00
|
|
|
* If the requested range does not cover the full page, split it up
|
2018-09-17 21:29:16 +07:00
|
|
|
*/
|
2018-09-17 21:29:17 +07:00
|
|
|
if (address != lpaddr || cpa->numpages != numpages)
|
|
|
|
return 1;
|
2018-09-17 21:29:16 +07:00
|
|
|
|
|
|
|
/*
|
2018-09-17 21:29:17 +07:00
|
|
|
* Check whether the requested pgprot is conflicting with a static
|
|
|
|
* protection requirement in the large page.
|
2008-02-10 05:24:09 +07:00
|
|
|
*/
|
2018-09-17 21:29:17 +07:00
|
|
|
new_prot = static_protections(req_prot, lpaddr, old_pfn, numpages,
|
|
|
|
CPA_DETECT);
|
2008-02-04 22:48:07 +07:00
|
|
|
|
|
|
|
/*
|
2018-09-17 21:29:17 +07:00
|
|
|
* If there is a conflict, split the large page.
|
|
|
|
*
|
|
|
|
* There used to be a 4k wise evaluation trying really hard to
|
|
|
|
* preserve the large pages, but experimentation has shown, that this
|
|
|
|
* does not help at all. There might be corner cases which would
|
|
|
|
* preserve one large page occasionally, but it's really not worth the
|
|
|
|
* extra code and cycles for the common case.
|
2008-02-04 22:48:07 +07:00
|
|
|
*/
|
2018-09-17 21:29:17 +07:00
|
|
|
if (pgprot_val(req_prot) != pgprot_val(new_prot))
|
2018-09-17 21:29:08 +07:00
|
|
|
return 1;
|
|
|
|
|
|
|
|
/* All checks passed. Update the large page mapping. */
|
|
|
|
new_pte = pfn_pte(old_pfn, new_prot);
|
|
|
|
__set_pmd_pte(kpte, address, new_pte);
|
|
|
|
cpa->flags |= CPA_FLUSHTLB;
|
2018-09-17 21:29:12 +07:00
|
|
|
cpa_inc_lp_preserved(level);
|
2018-09-17 21:29:08 +07:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int should_split_large_page(pte_t *kpte, unsigned long address,
|
|
|
|
struct cpa_data *cpa)
|
|
|
|
{
|
|
|
|
int do_split;
|
|
|
|
|
|
|
|
if (cpa->force_split)
|
|
|
|
return 1;
|
2008-02-04 22:48:07 +07:00
|
|
|
|
2018-09-17 21:29:08 +07:00
|
|
|
spin_lock(&pgd_lock);
|
|
|
|
do_split = __should_split_large_page(kpte, address, cpa);
|
2011-02-17 06:45:22 +07:00
|
|
|
spin_unlock(&pgd_lock);
|
2008-02-04 22:48:09 +07:00
|
|
|
|
2008-02-04 22:48:09 +07:00
|
|
|
return do_split;
|
2008-02-04 22:48:07 +07:00
|
|
|
}
|
|
|
|
|
2018-09-17 21:29:14 +07:00
|
|
|
static void split_set_pte(struct cpa_data *cpa, pte_t *pte, unsigned long pfn,
|
|
|
|
pgprot_t ref_prot, unsigned long address,
|
|
|
|
unsigned long size)
|
|
|
|
{
|
|
|
|
unsigned int npg = PFN_DOWN(size);
|
|
|
|
pgprot_t prot;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If should_split_large_page() discovered an inconsistent mapping,
|
|
|
|
* remove the invalid protection in the split mapping.
|
|
|
|
*/
|
|
|
|
if (!cpa->force_static_prot)
|
|
|
|
goto set;
|
|
|
|
|
|
|
|
prot = static_protections(ref_prot, address, pfn, npg, CPA_PROTECT);
|
|
|
|
|
|
|
|
if (pgprot_val(prot) == pgprot_val(ref_prot))
|
|
|
|
goto set;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If this is splitting a PMD, fix it up. PUD splits cannot be
|
|
|
|
* fixed trivially as that would require to rescan the newly
|
|
|
|
* installed PMD mappings after returning from split_large_page()
|
|
|
|
* so an eventual further split can allocate the necessary PTE
|
|
|
|
* pages. Warn for now and revisit it in case this actually
|
|
|
|
* happens.
|
|
|
|
*/
|
|
|
|
if (size == PAGE_SIZE)
|
|
|
|
ref_prot = prot;
|
|
|
|
else
|
|
|
|
pr_warn_once("CPA: Cannot fixup static protections for PUD split\n");
|
|
|
|
set:
|
|
|
|
set_pte(pte, pfn_pte(pfn, ref_prot));
|
|
|
|
}
|
|
|
|
|
2013-03-22 00:16:57 +07:00
|
|
|
static int
|
2013-10-31 23:25:07 +07:00
|
|
|
__split_large_page(struct cpa_data *cpa, pte_t *kpte, unsigned long address,
|
|
|
|
struct page *base)
|
2008-01-30 19:33:56 +07:00
|
|
|
{
|
2018-09-17 21:29:14 +07:00
|
|
|
unsigned long lpaddr, lpinc, ref_pfn, pfn, pfninc = 1;
|
2013-03-22 00:16:57 +07:00
|
|
|
pte_t *pbase = (pte_t *)page_address(base);
|
2008-02-04 22:48:09 +07:00
|
|
|
unsigned int i, level;
|
|
|
|
pgprot_t ref_prot;
|
2018-09-17 21:29:14 +07:00
|
|
|
pte_t *tmp;
|
2008-01-30 19:33:56 +07:00
|
|
|
|
2011-02-17 06:45:22 +07:00
|
|
|
spin_lock(&pgd_lock);
|
2008-01-30 19:33:56 +07:00
|
|
|
/*
|
|
|
|
* Check for races, another CPU might have split this page
|
|
|
|
* up for us already:
|
|
|
|
*/
|
2013-10-31 23:25:07 +07:00
|
|
|
tmp = _lookup_address_cpa(cpa, address, &level);
|
memory-hotplug: common APIs to support page tables hot-remove
When memory is removed, the corresponding pagetables should alse be
removed. This patch introduces some common APIs to support vmemmap
pagetable and x86_64 architecture direct mapping pagetable removing.
All pages of virtual mapping in removed memory cannot be freed if some
pages used as PGD/PUD include not only removed memory but also other
memory. So this patch uses the following way to check whether a page
can be freed or not.
1) When removing memory, the page structs of the removed memory are
filled with 0FD.
2) All page structs are filled with 0xFD on PT/PMD, PT/PMD can be
cleared. In this case, the page used as PT/PMD can be freed.
For direct mapping pages, update direct_pages_count[level] when we freed
their pagetables. And do not free the pages again because they were
freed when offlining.
For vmemmap pages, free the pages and their pagetables.
For larger pages, do not split them into smaller ones because there is
no way to know if the larger page has been split. As a result, there is
no way to decide when to split. We deal the larger pages in the
following way:
1) For direct mapped pages, all the pages were freed when they were
offlined. And since menmory offline is done section by section, all
the memory ranges being removed are aligned to PAGE_SIZE. So only need
to deal with unaligned pages when freeing vmemmap pages.
2) For vmemmap pages being used to store page_struct, if part of the
larger page is still in use, just fill the unused part with 0xFD. And
when the whole page is fulfilled with 0xFD, then free the larger page.
[akpm@linux-foundation.org: fix typo in comment]
[tangchen@cn.fujitsu.com: do not calculate direct mapping pages when freeing vmemmap pagetables]
[tangchen@cn.fujitsu.com: do not free direct mapping pages twice]
[tangchen@cn.fujitsu.com: do not free page split from hugepage one by one]
[tangchen@cn.fujitsu.com: do not split pages when freeing pagetable pages]
[akpm@linux-foundation.org: use pmd_page_vaddr()]
[akpm@linux-foundation.org: fix used-uninitialised bug]
Signed-off-by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Signed-off-by: Jianguo Wu <wujianguo@huawei.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Jiang Liu <jiang.liu@huawei.com>
Cc: Kamezawa Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Wu Jianguo <wujianguo@huawei.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-23 07:33:04 +07:00
|
|
|
if (tmp != kpte) {
|
|
|
|
spin_unlock(&pgd_lock);
|
|
|
|
return 1;
|
|
|
|
}
|
2008-01-30 19:33:56 +07:00
|
|
|
|
2008-03-18 06:37:01 +07:00
|
|
|
paravirt_alloc_pte(&init_mm, page_to_pfn(base));
|
2014-11-03 20:02:02 +07:00
|
|
|
|
2015-09-18 01:24:23 +07:00
|
|
|
switch (level) {
|
|
|
|
case PG_LEVEL_2M:
|
|
|
|
ref_prot = pmd_pgprot(*(pmd_t *)kpte);
|
2018-04-07 03:55:04 +07:00
|
|
|
/*
|
|
|
|
* Clear PSE (aka _PAGE_PAT) and move
|
|
|
|
* PAT bit to correct position.
|
|
|
|
*/
|
2014-11-03 20:02:02 +07:00
|
|
|
ref_prot = pgprot_large_2_4k(ref_prot);
|
2015-09-18 01:24:23 +07:00
|
|
|
ref_pfn = pmd_pfn(*(pmd_t *)kpte);
|
2018-09-17 21:29:14 +07:00
|
|
|
lpaddr = address & PMD_MASK;
|
|
|
|
lpinc = PAGE_SIZE;
|
2015-09-18 01:24:23 +07:00
|
|
|
break;
|
2008-01-30 19:33:56 +07:00
|
|
|
|
2015-09-18 01:24:23 +07:00
|
|
|
case PG_LEVEL_1G:
|
|
|
|
ref_prot = pud_pgprot(*(pud_t *)kpte);
|
|
|
|
ref_pfn = pud_pfn(*(pud_t *)kpte);
|
2008-02-04 22:48:09 +07:00
|
|
|
pfninc = PMD_PAGE_SIZE >> PAGE_SHIFT;
|
2018-09-17 21:29:14 +07:00
|
|
|
lpaddr = address & PUD_MASK;
|
|
|
|
lpinc = PMD_SIZE;
|
2013-02-23 06:11:51 +07:00
|
|
|
/*
|
2015-09-18 01:24:23 +07:00
|
|
|
* Clear the PSE flags if the PRESENT flag is not set
|
2013-02-23 06:11:51 +07:00
|
|
|
* otherwise pmd_present/pmd_huge will return true
|
|
|
|
* even on a non present pmd.
|
|
|
|
*/
|
2015-09-18 01:24:23 +07:00
|
|
|
if (!(pgprot_val(ref_prot) & _PAGE_PRESENT))
|
2013-02-23 06:11:51 +07:00
|
|
|
pgprot_val(ref_prot) &= ~_PAGE_PSE;
|
2015-09-18 01:24:23 +07:00
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
spin_unlock(&pgd_lock);
|
|
|
|
return 1;
|
2008-02-04 22:48:09 +07:00
|
|
|
}
|
|
|
|
|
2018-04-07 03:55:02 +07:00
|
|
|
ref_prot = pgprot_clear_protnone_bits(ref_prot);
|
2013-02-23 06:11:51 +07:00
|
|
|
|
2008-02-04 22:48:05 +07:00
|
|
|
/*
|
|
|
|
* Get the target pfn from the original entry:
|
|
|
|
*/
|
2015-09-18 01:24:23 +07:00
|
|
|
pfn = ref_pfn;
|
2018-09-17 21:29:14 +07:00
|
|
|
for (i = 0; i < PTRS_PER_PTE; i++, pfn += pfninc, lpaddr += lpinc)
|
|
|
|
split_set_pte(cpa, pbase + i, pfn, ref_prot, lpaddr, lpinc);
|
2008-01-30 19:33:56 +07:00
|
|
|
|
2015-10-17 06:20:27 +07:00
|
|
|
if (virt_addr_valid(address)) {
|
|
|
|
unsigned long pfn = PFN_DOWN(__pa(address));
|
|
|
|
|
|
|
|
if (pfn_range_is_mapped(pfn, pfn + 1))
|
|
|
|
split_page_count(level);
|
|
|
|
}
|
2008-07-11 10:38:26 +07:00
|
|
|
|
2008-01-30 19:33:56 +07:00
|
|
|
/*
|
2009-02-20 14:04:13 +07:00
|
|
|
* Install the new, split up pagetable.
|
2008-01-30 19:34:04 +07:00
|
|
|
*
|
2009-02-20 14:04:13 +07:00
|
|
|
* We use the standard kernel pagetable protections for the new
|
|
|
|
* pagetable protections, the actual ptes set above control the
|
|
|
|
* primary protection behavior:
|
2008-01-30 19:33:56 +07:00
|
|
|
*/
|
2009-02-20 14:04:13 +07:00
|
|
|
__set_pmd_pte(kpte, address, mk_pte(base, __pgprot(_KERNPG_TABLE)));
|
2009-03-11 04:31:03 +07:00
|
|
|
|
|
|
|
/*
|
2018-09-19 15:50:18 +07:00
|
|
|
* Do a global flush tlb after splitting the large page
|
|
|
|
* and before we do the actual change page attribute in the PTE.
|
2009-03-11 04:31:03 +07:00
|
|
|
*
|
2018-09-19 15:50:18 +07:00
|
|
|
* Without this, we violate the TLB application note, that says:
|
|
|
|
* "The TLBs may contain both ordinary and large-page
|
|
|
|
* translations for a 4-KByte range of linear addresses. This
|
|
|
|
* may occur if software modifies the paging structures so that
|
|
|
|
* the page size used for the address range changes. If the two
|
|
|
|
* translations differ with respect to page frame or attributes
|
|
|
|
* (e.g., permissions), processor behavior is undefined and may
|
|
|
|
* be implementation-specific."
|
|
|
|
*
|
|
|
|
* We do this global tlb flush inside the cpa_lock, so that we
|
|
|
|
* don't allow any other cpu, with stale tlb entries change the
|
|
|
|
* page attribute in parallel, that also falls into the
|
|
|
|
* just split large page entry.
|
2009-03-11 04:31:03 +07:00
|
|
|
*/
|
2018-09-19 15:50:18 +07:00
|
|
|
flush_tlb_all();
|
memory-hotplug: common APIs to support page tables hot-remove
When memory is removed, the corresponding pagetables should alse be
removed. This patch introduces some common APIs to support vmemmap
pagetable and x86_64 architecture direct mapping pagetable removing.
All pages of virtual mapping in removed memory cannot be freed if some
pages used as PGD/PUD include not only removed memory but also other
memory. So this patch uses the following way to check whether a page
can be freed or not.
1) When removing memory, the page structs of the removed memory are
filled with 0FD.
2) All page structs are filled with 0xFD on PT/PMD, PT/PMD can be
cleared. In this case, the page used as PT/PMD can be freed.
For direct mapping pages, update direct_pages_count[level] when we freed
their pagetables. And do not free the pages again because they were
freed when offlining.
For vmemmap pages, free the pages and their pagetables.
For larger pages, do not split them into smaller ones because there is
no way to know if the larger page has been split. As a result, there is
no way to decide when to split. We deal the larger pages in the
following way:
1) For direct mapped pages, all the pages were freed when they were
offlined. And since menmory offline is done section by section, all
the memory ranges being removed are aligned to PAGE_SIZE. So only need
to deal with unaligned pages when freeing vmemmap pages.
2) For vmemmap pages being used to store page_struct, if part of the
larger page is still in use, just fill the unused part with 0xFD. And
when the whole page is fulfilled with 0xFD, then free the larger page.
[akpm@linux-foundation.org: fix typo in comment]
[tangchen@cn.fujitsu.com: do not calculate direct mapping pages when freeing vmemmap pagetables]
[tangchen@cn.fujitsu.com: do not free direct mapping pages twice]
[tangchen@cn.fujitsu.com: do not free page split from hugepage one by one]
[tangchen@cn.fujitsu.com: do not split pages when freeing pagetable pages]
[akpm@linux-foundation.org: use pmd_page_vaddr()]
[akpm@linux-foundation.org: fix used-uninitialised bug]
Signed-off-by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Signed-off-by: Jianguo Wu <wujianguo@huawei.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Jiang Liu <jiang.liu@huawei.com>
Cc: Kamezawa Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Wu Jianguo <wujianguo@huawei.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-23 07:33:04 +07:00
|
|
|
spin_unlock(&pgd_lock);
|
2009-03-11 04:31:03 +07:00
|
|
|
|
memory-hotplug: common APIs to support page tables hot-remove
When memory is removed, the corresponding pagetables should alse be
removed. This patch introduces some common APIs to support vmemmap
pagetable and x86_64 architecture direct mapping pagetable removing.
All pages of virtual mapping in removed memory cannot be freed if some
pages used as PGD/PUD include not only removed memory but also other
memory. So this patch uses the following way to check whether a page
can be freed or not.
1) When removing memory, the page structs of the removed memory are
filled with 0FD.
2) All page structs are filled with 0xFD on PT/PMD, PT/PMD can be
cleared. In this case, the page used as PT/PMD can be freed.
For direct mapping pages, update direct_pages_count[level] when we freed
their pagetables. And do not free the pages again because they were
freed when offlining.
For vmemmap pages, free the pages and their pagetables.
For larger pages, do not split them into smaller ones because there is
no way to know if the larger page has been split. As a result, there is
no way to decide when to split. We deal the larger pages in the
following way:
1) For direct mapped pages, all the pages were freed when they were
offlined. And since menmory offline is done section by section, all
the memory ranges being removed are aligned to PAGE_SIZE. So only need
to deal with unaligned pages when freeing vmemmap pages.
2) For vmemmap pages being used to store page_struct, if part of the
larger page is still in use, just fill the unused part with 0xFD. And
when the whole page is fulfilled with 0xFD, then free the larger page.
[akpm@linux-foundation.org: fix typo in comment]
[tangchen@cn.fujitsu.com: do not calculate direct mapping pages when freeing vmemmap pagetables]
[tangchen@cn.fujitsu.com: do not free direct mapping pages twice]
[tangchen@cn.fujitsu.com: do not free page split from hugepage one by one]
[tangchen@cn.fujitsu.com: do not split pages when freeing pagetable pages]
[akpm@linux-foundation.org: use pmd_page_vaddr()]
[akpm@linux-foundation.org: fix used-uninitialised bug]
Signed-off-by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Signed-off-by: Jianguo Wu <wujianguo@huawei.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Jiang Liu <jiang.liu@huawei.com>
Cc: Kamezawa Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Wu Jianguo <wujianguo@huawei.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-23 07:33:04 +07:00
|
|
|
return 0;
|
|
|
|
}
|
2008-01-30 19:33:56 +07:00
|
|
|
|
2013-10-31 23:25:07 +07:00
|
|
|
static int split_large_page(struct cpa_data *cpa, pte_t *kpte,
|
|
|
|
unsigned long address)
|
memory-hotplug: common APIs to support page tables hot-remove
When memory is removed, the corresponding pagetables should alse be
removed. This patch introduces some common APIs to support vmemmap
pagetable and x86_64 architecture direct mapping pagetable removing.
All pages of virtual mapping in removed memory cannot be freed if some
pages used as PGD/PUD include not only removed memory but also other
memory. So this patch uses the following way to check whether a page
can be freed or not.
1) When removing memory, the page structs of the removed memory are
filled with 0FD.
2) All page structs are filled with 0xFD on PT/PMD, PT/PMD can be
cleared. In this case, the page used as PT/PMD can be freed.
For direct mapping pages, update direct_pages_count[level] when we freed
their pagetables. And do not free the pages again because they were
freed when offlining.
For vmemmap pages, free the pages and their pagetables.
For larger pages, do not split them into smaller ones because there is
no way to know if the larger page has been split. As a result, there is
no way to decide when to split. We deal the larger pages in the
following way:
1) For direct mapped pages, all the pages were freed when they were
offlined. And since menmory offline is done section by section, all
the memory ranges being removed are aligned to PAGE_SIZE. So only need
to deal with unaligned pages when freeing vmemmap pages.
2) For vmemmap pages being used to store page_struct, if part of the
larger page is still in use, just fill the unused part with 0xFD. And
when the whole page is fulfilled with 0xFD, then free the larger page.
[akpm@linux-foundation.org: fix typo in comment]
[tangchen@cn.fujitsu.com: do not calculate direct mapping pages when freeing vmemmap pagetables]
[tangchen@cn.fujitsu.com: do not free direct mapping pages twice]
[tangchen@cn.fujitsu.com: do not free page split from hugepage one by one]
[tangchen@cn.fujitsu.com: do not split pages when freeing pagetable pages]
[akpm@linux-foundation.org: use pmd_page_vaddr()]
[akpm@linux-foundation.org: fix used-uninitialised bug]
Signed-off-by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Signed-off-by: Jianguo Wu <wujianguo@huawei.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Jiang Liu <jiang.liu@huawei.com>
Cc: Kamezawa Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Wu Jianguo <wujianguo@huawei.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-23 07:33:04 +07:00
|
|
|
{
|
|
|
|
struct page *base;
|
|
|
|
|
2016-03-16 04:57:33 +07:00
|
|
|
if (!debug_pagealloc_enabled())
|
memory-hotplug: common APIs to support page tables hot-remove
When memory is removed, the corresponding pagetables should alse be
removed. This patch introduces some common APIs to support vmemmap
pagetable and x86_64 architecture direct mapping pagetable removing.
All pages of virtual mapping in removed memory cannot be freed if some
pages used as PGD/PUD include not only removed memory but also other
memory. So this patch uses the following way to check whether a page
can be freed or not.
1) When removing memory, the page structs of the removed memory are
filled with 0FD.
2) All page structs are filled with 0xFD on PT/PMD, PT/PMD can be
cleared. In this case, the page used as PT/PMD can be freed.
For direct mapping pages, update direct_pages_count[level] when we freed
their pagetables. And do not free the pages again because they were
freed when offlining.
For vmemmap pages, free the pages and their pagetables.
For larger pages, do not split them into smaller ones because there is
no way to know if the larger page has been split. As a result, there is
no way to decide when to split. We deal the larger pages in the
following way:
1) For direct mapped pages, all the pages were freed when they were
offlined. And since menmory offline is done section by section, all
the memory ranges being removed are aligned to PAGE_SIZE. So only need
to deal with unaligned pages when freeing vmemmap pages.
2) For vmemmap pages being used to store page_struct, if part of the
larger page is still in use, just fill the unused part with 0xFD. And
when the whole page is fulfilled with 0xFD, then free the larger page.
[akpm@linux-foundation.org: fix typo in comment]
[tangchen@cn.fujitsu.com: do not calculate direct mapping pages when freeing vmemmap pagetables]
[tangchen@cn.fujitsu.com: do not free direct mapping pages twice]
[tangchen@cn.fujitsu.com: do not free page split from hugepage one by one]
[tangchen@cn.fujitsu.com: do not split pages when freeing pagetable pages]
[akpm@linux-foundation.org: use pmd_page_vaddr()]
[akpm@linux-foundation.org: fix used-uninitialised bug]
Signed-off-by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Signed-off-by: Jianguo Wu <wujianguo@huawei.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Jiang Liu <jiang.liu@huawei.com>
Cc: Kamezawa Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Wu Jianguo <wujianguo@huawei.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-23 07:33:04 +07:00
|
|
|
spin_unlock(&cpa_lock);
|
2017-11-16 08:35:54 +07:00
|
|
|
base = alloc_pages(GFP_KERNEL, 0);
|
2016-03-16 04:57:33 +07:00
|
|
|
if (!debug_pagealloc_enabled())
|
memory-hotplug: common APIs to support page tables hot-remove
When memory is removed, the corresponding pagetables should alse be
removed. This patch introduces some common APIs to support vmemmap
pagetable and x86_64 architecture direct mapping pagetable removing.
All pages of virtual mapping in removed memory cannot be freed if some
pages used as PGD/PUD include not only removed memory but also other
memory. So this patch uses the following way to check whether a page
can be freed or not.
1) When removing memory, the page structs of the removed memory are
filled with 0FD.
2) All page structs are filled with 0xFD on PT/PMD, PT/PMD can be
cleared. In this case, the page used as PT/PMD can be freed.
For direct mapping pages, update direct_pages_count[level] when we freed
their pagetables. And do not free the pages again because they were
freed when offlining.
For vmemmap pages, free the pages and their pagetables.
For larger pages, do not split them into smaller ones because there is
no way to know if the larger page has been split. As a result, there is
no way to decide when to split. We deal the larger pages in the
following way:
1) For direct mapped pages, all the pages were freed when they were
offlined. And since menmory offline is done section by section, all
the memory ranges being removed are aligned to PAGE_SIZE. So only need
to deal with unaligned pages when freeing vmemmap pages.
2) For vmemmap pages being used to store page_struct, if part of the
larger page is still in use, just fill the unused part with 0xFD. And
when the whole page is fulfilled with 0xFD, then free the larger page.
[akpm@linux-foundation.org: fix typo in comment]
[tangchen@cn.fujitsu.com: do not calculate direct mapping pages when freeing vmemmap pagetables]
[tangchen@cn.fujitsu.com: do not free direct mapping pages twice]
[tangchen@cn.fujitsu.com: do not free page split from hugepage one by one]
[tangchen@cn.fujitsu.com: do not split pages when freeing pagetable pages]
[akpm@linux-foundation.org: use pmd_page_vaddr()]
[akpm@linux-foundation.org: fix used-uninitialised bug]
Signed-off-by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Signed-off-by: Jianguo Wu <wujianguo@huawei.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Jiang Liu <jiang.liu@huawei.com>
Cc: Kamezawa Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Wu Jianguo <wujianguo@huawei.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-23 07:33:04 +07:00
|
|
|
spin_lock(&cpa_lock);
|
|
|
|
if (!base)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
2013-10-31 23:25:07 +07:00
|
|
|
if (__split_large_page(cpa, kpte, address, base))
|
2008-09-24 04:00:41 +07:00
|
|
|
__free_page(base);
|
2008-01-30 19:33:56 +07:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2013-10-31 23:25:06 +07:00
|
|
|
static bool try_to_free_pte_page(pte_t *pte)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < PTRS_PER_PTE; i++)
|
|
|
|
if (!pte_none(pte[i]))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
free_page((unsigned long)pte);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool try_to_free_pmd_page(pmd_t *pmd)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < PTRS_PER_PMD; i++)
|
|
|
|
if (!pmd_none(pmd[i]))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
free_page((unsigned long)pmd);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool unmap_pte_range(pmd_t *pmd, unsigned long start, unsigned long end)
|
|
|
|
{
|
|
|
|
pte_t *pte = pte_offset_kernel(pmd, start);
|
|
|
|
|
|
|
|
while (start < end) {
|
|
|
|
set_pte(pte, __pte(0));
|
|
|
|
|
|
|
|
start += PAGE_SIZE;
|
|
|
|
pte++;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (try_to_free_pte_page((pte_t *)pmd_page_vaddr(*pmd))) {
|
|
|
|
pmd_clear(pmd);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void __unmap_pmd_range(pud_t *pud, pmd_t *pmd,
|
|
|
|
unsigned long start, unsigned long end)
|
|
|
|
{
|
|
|
|
if (unmap_pte_range(pmd, start, end))
|
|
|
|
if (try_to_free_pmd_page((pmd_t *)pud_page_vaddr(*pud)))
|
|
|
|
pud_clear(pud);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void unmap_pmd_range(pud_t *pud, unsigned long start, unsigned long end)
|
|
|
|
{
|
|
|
|
pmd_t *pmd = pmd_offset(pud, start);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Not on a 2MB page boundary?
|
|
|
|
*/
|
|
|
|
if (start & (PMD_SIZE - 1)) {
|
|
|
|
unsigned long next_page = (start + PMD_SIZE) & PMD_MASK;
|
|
|
|
unsigned long pre_end = min_t(unsigned long, end, next_page);
|
|
|
|
|
|
|
|
__unmap_pmd_range(pud, pmd, start, pre_end);
|
|
|
|
|
|
|
|
start = pre_end;
|
|
|
|
pmd++;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Try to unmap in 2M chunks.
|
|
|
|
*/
|
|
|
|
while (end - start >= PMD_SIZE) {
|
|
|
|
if (pmd_large(*pmd))
|
|
|
|
pmd_clear(pmd);
|
|
|
|
else
|
|
|
|
__unmap_pmd_range(pud, pmd, start, start + PMD_SIZE);
|
|
|
|
|
|
|
|
start += PMD_SIZE;
|
|
|
|
pmd++;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* 4K leftovers?
|
|
|
|
*/
|
|
|
|
if (start < end)
|
|
|
|
return __unmap_pmd_range(pud, pmd, start, end);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Try again to free the PMD page if haven't succeeded above.
|
|
|
|
*/
|
|
|
|
if (!pud_none(*pud))
|
|
|
|
if (try_to_free_pmd_page((pmd_t *)pud_page_vaddr(*pud)))
|
|
|
|
pud_clear(pud);
|
|
|
|
}
|
2013-10-31 23:25:05 +07:00
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
static void unmap_pud_range(p4d_t *p4d, unsigned long start, unsigned long end)
|
2013-10-31 23:25:05 +07:00
|
|
|
{
|
2017-03-18 01:55:12 +07:00
|
|
|
pud_t *pud = pud_offset(p4d, start);
|
2013-10-31 23:25:05 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Not on a GB page boundary?
|
|
|
|
*/
|
|
|
|
if (start & (PUD_SIZE - 1)) {
|
|
|
|
unsigned long next_page = (start + PUD_SIZE) & PUD_MASK;
|
|
|
|
unsigned long pre_end = min_t(unsigned long, end, next_page);
|
|
|
|
|
|
|
|
unmap_pmd_range(pud, start, pre_end);
|
|
|
|
|
|
|
|
start = pre_end;
|
|
|
|
pud++;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Try to unmap in 1G chunks?
|
|
|
|
*/
|
|
|
|
while (end - start >= PUD_SIZE) {
|
|
|
|
|
|
|
|
if (pud_large(*pud))
|
|
|
|
pud_clear(pud);
|
|
|
|
else
|
|
|
|
unmap_pmd_range(pud, start, start + PUD_SIZE);
|
|
|
|
|
|
|
|
start += PUD_SIZE;
|
|
|
|
pud++;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* 2M leftovers?
|
|
|
|
*/
|
|
|
|
if (start < end)
|
|
|
|
unmap_pmd_range(pud, start, end);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* No need to try to free the PUD page because we'll free it in
|
|
|
|
* populate_pgd's error path
|
|
|
|
*/
|
|
|
|
}
|
|
|
|
|
2013-10-31 23:25:03 +07:00
|
|
|
static int alloc_pte_page(pmd_t *pmd)
|
|
|
|
{
|
2017-11-16 08:35:54 +07:00
|
|
|
pte_t *pte = (pte_t *)get_zeroed_page(GFP_KERNEL);
|
2013-10-31 23:25:03 +07:00
|
|
|
if (!pte)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
set_pmd(pmd, __pmd(__pa(pte) | _KERNPG_TABLE));
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2013-10-31 23:25:02 +07:00
|
|
|
static int alloc_pmd_page(pud_t *pud)
|
|
|
|
{
|
2017-11-16 08:35:54 +07:00
|
|
|
pmd_t *pmd = (pmd_t *)get_zeroed_page(GFP_KERNEL);
|
2013-10-31 23:25:02 +07:00
|
|
|
if (!pmd)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
set_pud(pud, __pud(__pa(pmd) | _KERNPG_TABLE));
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2013-10-31 23:25:04 +07:00
|
|
|
static void populate_pte(struct cpa_data *cpa,
|
|
|
|
unsigned long start, unsigned long end,
|
|
|
|
unsigned num_pages, pmd_t *pmd, pgprot_t pgprot)
|
|
|
|
{
|
|
|
|
pte_t *pte;
|
|
|
|
|
|
|
|
pte = pte_offset_kernel(pmd, start);
|
|
|
|
|
2018-04-07 03:55:02 +07:00
|
|
|
pgprot = pgprot_clear_protnone_bits(pgprot);
|
2013-10-31 23:25:04 +07:00
|
|
|
|
|
|
|
while (num_pages-- && start < end) {
|
2015-11-28 04:09:31 +07:00
|
|
|
set_pte(pte, pfn_pte(cpa->pfn, pgprot));
|
2013-10-31 23:25:04 +07:00
|
|
|
|
|
|
|
start += PAGE_SIZE;
|
2015-11-28 04:09:31 +07:00
|
|
|
cpa->pfn++;
|
2013-10-31 23:25:04 +07:00
|
|
|
pte++;
|
|
|
|
}
|
|
|
|
}
|
2013-10-31 23:25:03 +07:00
|
|
|
|
2016-09-20 20:26:21 +07:00
|
|
|
static long populate_pmd(struct cpa_data *cpa,
|
|
|
|
unsigned long start, unsigned long end,
|
|
|
|
unsigned num_pages, pud_t *pud, pgprot_t pgprot)
|
2013-10-31 23:25:03 +07:00
|
|
|
{
|
2016-09-20 20:26:21 +07:00
|
|
|
long cur_pages = 0;
|
2013-10-31 23:25:03 +07:00
|
|
|
pmd_t *pmd;
|
2014-11-03 20:02:02 +07:00
|
|
|
pgprot_t pmd_pgprot;
|
2013-10-31 23:25:03 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Not on a 2M boundary?
|
|
|
|
*/
|
|
|
|
if (start & (PMD_SIZE - 1)) {
|
|
|
|
unsigned long pre_end = start + (num_pages << PAGE_SHIFT);
|
|
|
|
unsigned long next_page = (start + PMD_SIZE) & PMD_MASK;
|
|
|
|
|
|
|
|
pre_end = min_t(unsigned long, pre_end, next_page);
|
|
|
|
cur_pages = (pre_end - start) >> PAGE_SHIFT;
|
|
|
|
cur_pages = min_t(unsigned int, num_pages, cur_pages);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Need a PTE page?
|
|
|
|
*/
|
|
|
|
pmd = pmd_offset(pud, start);
|
|
|
|
if (pmd_none(*pmd))
|
|
|
|
if (alloc_pte_page(pmd))
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
populate_pte(cpa, start, pre_end, cur_pages, pmd, pgprot);
|
|
|
|
|
|
|
|
start = pre_end;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We mapped them all?
|
|
|
|
*/
|
|
|
|
if (num_pages == cur_pages)
|
|
|
|
return cur_pages;
|
|
|
|
|
2014-11-03 20:02:02 +07:00
|
|
|
pmd_pgprot = pgprot_4k_2_large(pgprot);
|
|
|
|
|
2013-10-31 23:25:03 +07:00
|
|
|
while (end - start >= PMD_SIZE) {
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We cannot use a 1G page so allocate a PMD page if needed.
|
|
|
|
*/
|
|
|
|
if (pud_none(*pud))
|
|
|
|
if (alloc_pmd_page(pud))
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
pmd = pmd_offset(pud, start);
|
|
|
|
|
2018-08-08 05:09:39 +07:00
|
|
|
set_pmd(pmd, pmd_mkhuge(pfn_pmd(cpa->pfn,
|
|
|
|
canon_pgprot(pmd_pgprot))));
|
2013-10-31 23:25:03 +07:00
|
|
|
|
|
|
|
start += PMD_SIZE;
|
2015-11-28 04:09:31 +07:00
|
|
|
cpa->pfn += PMD_SIZE >> PAGE_SHIFT;
|
2013-10-31 23:25:03 +07:00
|
|
|
cur_pages += PMD_SIZE >> PAGE_SHIFT;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Map trailing 4K pages.
|
|
|
|
*/
|
|
|
|
if (start < end) {
|
|
|
|
pmd = pmd_offset(pud, start);
|
|
|
|
if (pmd_none(*pmd))
|
|
|
|
if (alloc_pte_page(pmd))
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
populate_pte(cpa, start, end, num_pages - cur_pages,
|
|
|
|
pmd, pgprot);
|
|
|
|
}
|
|
|
|
return num_pages;
|
|
|
|
}
|
2013-10-31 23:25:02 +07:00
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
static int populate_pud(struct cpa_data *cpa, unsigned long start, p4d_t *p4d,
|
|
|
|
pgprot_t pgprot)
|
2013-10-31 23:25:02 +07:00
|
|
|
{
|
|
|
|
pud_t *pud;
|
|
|
|
unsigned long end;
|
2016-09-20 20:26:21 +07:00
|
|
|
long cur_pages = 0;
|
2014-11-03 20:02:02 +07:00
|
|
|
pgprot_t pud_pgprot;
|
2013-10-31 23:25:02 +07:00
|
|
|
|
|
|
|
end = start + (cpa->numpages << PAGE_SHIFT);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Not on a Gb page boundary? => map everything up to it with
|
|
|
|
* smaller pages.
|
|
|
|
*/
|
|
|
|
if (start & (PUD_SIZE - 1)) {
|
|
|
|
unsigned long pre_end;
|
|
|
|
unsigned long next_page = (start + PUD_SIZE) & PUD_MASK;
|
|
|
|
|
|
|
|
pre_end = min_t(unsigned long, end, next_page);
|
|
|
|
cur_pages = (pre_end - start) >> PAGE_SHIFT;
|
|
|
|
cur_pages = min_t(int, (int)cpa->numpages, cur_pages);
|
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
pud = pud_offset(p4d, start);
|
2013-10-31 23:25:02 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Need a PMD page?
|
|
|
|
*/
|
|
|
|
if (pud_none(*pud))
|
|
|
|
if (alloc_pmd_page(pud))
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
cur_pages = populate_pmd(cpa, start, pre_end, cur_pages,
|
|
|
|
pud, pgprot);
|
|
|
|
if (cur_pages < 0)
|
|
|
|
return cur_pages;
|
|
|
|
|
|
|
|
start = pre_end;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* We mapped them all? */
|
|
|
|
if (cpa->numpages == cur_pages)
|
|
|
|
return cur_pages;
|
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
pud = pud_offset(p4d, start);
|
2014-11-03 20:02:02 +07:00
|
|
|
pud_pgprot = pgprot_4k_2_large(pgprot);
|
2013-10-31 23:25:02 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Map everything starting from the Gb boundary, possibly with 1G pages
|
|
|
|
*/
|
2016-03-29 22:41:58 +07:00
|
|
|
while (boot_cpu_has(X86_FEATURE_GBPAGES) && end - start >= PUD_SIZE) {
|
2018-08-08 05:09:39 +07:00
|
|
|
set_pud(pud, pud_mkhuge(pfn_pud(cpa->pfn,
|
|
|
|
canon_pgprot(pud_pgprot))));
|
2013-10-31 23:25:02 +07:00
|
|
|
|
|
|
|
start += PUD_SIZE;
|
2015-11-28 04:09:31 +07:00
|
|
|
cpa->pfn += PUD_SIZE >> PAGE_SHIFT;
|
2013-10-31 23:25:02 +07:00
|
|
|
cur_pages += PUD_SIZE >> PAGE_SHIFT;
|
|
|
|
pud++;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Map trailing leftover */
|
|
|
|
if (start < end) {
|
2016-09-20 20:26:21 +07:00
|
|
|
long tmp;
|
2013-10-31 23:25:02 +07:00
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
pud = pud_offset(p4d, start);
|
2013-10-31 23:25:02 +07:00
|
|
|
if (pud_none(*pud))
|
|
|
|
if (alloc_pmd_page(pud))
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
tmp = populate_pmd(cpa, start, end, cpa->numpages - cur_pages,
|
|
|
|
pud, pgprot);
|
|
|
|
if (tmp < 0)
|
|
|
|
return cur_pages;
|
|
|
|
|
|
|
|
cur_pages += tmp;
|
|
|
|
}
|
|
|
|
return cur_pages;
|
|
|
|
}
|
2013-10-31 23:25:01 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Restrictions for kernel page table do not necessarily apply when mapping in
|
|
|
|
* an alternate PGD.
|
|
|
|
*/
|
|
|
|
static int populate_pgd(struct cpa_data *cpa, unsigned long addr)
|
|
|
|
{
|
|
|
|
pgprot_t pgprot = __pgprot(_KERNPG_TABLE);
|
|
|
|
pud_t *pud = NULL; /* shut up gcc */
|
2017-03-18 01:55:12 +07:00
|
|
|
p4d_t *p4d;
|
2014-01-18 18:48:16 +07:00
|
|
|
pgd_t *pgd_entry;
|
2016-09-20 20:26:21 +07:00
|
|
|
long ret;
|
2013-10-31 23:25:01 +07:00
|
|
|
|
|
|
|
pgd_entry = cpa->pgd + pgd_index(addr);
|
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
if (pgd_none(*pgd_entry)) {
|
2017-11-16 08:35:54 +07:00
|
|
|
p4d = (p4d_t *)get_zeroed_page(GFP_KERNEL);
|
2017-03-18 01:55:12 +07:00
|
|
|
if (!p4d)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
set_pgd(pgd_entry, __pgd(__pa(p4d) | _KERNPG_TABLE));
|
|
|
|
}
|
|
|
|
|
2013-10-31 23:25:01 +07:00
|
|
|
/*
|
|
|
|
* Allocate a PUD page and hand it down for mapping.
|
|
|
|
*/
|
2017-03-18 01:55:12 +07:00
|
|
|
p4d = p4d_offset(pgd_entry, addr);
|
|
|
|
if (p4d_none(*p4d)) {
|
2017-11-16 08:35:54 +07:00
|
|
|
pud = (pud_t *)get_zeroed_page(GFP_KERNEL);
|
2013-10-31 23:25:01 +07:00
|
|
|
if (!pud)
|
|
|
|
return -1;
|
x86/mm/cpa: Fix populate_pgd(): Stop trying to deallocate failed PUDs
Valdis Kletnieks bisected a boot failure back to this recent commit:
360cb4d15567 ("x86/mm/cpa: In populate_pgd(), don't set the PGD entry until it's populated")
I broke the case where a PUD table got allocated -- populate_pud()
would wander off a pgd_none entry and get lost. I'm not sure how
this survived my testing.
Fix the original issue in a much simpler way. The problem
was that, if we allocated a PUD table, failed to populate it, and
freed it, another CPU could potentially keep using the PGD entry we
installed (either by copying it via vmalloc_fault or by speculatively
caching it). There's a straightforward fix: simply leave the
top-level entry in place if this happens. This can't waste any
significant amount of memory -- there are at most 256 entries like
this systemwide and, as a practical matter, if we hit this failure
path repeatedly, we're likely to reuse the same page anyway.
For context, this is a reversion with this hunk added in:
if (ret < 0) {
+ /*
+ * Leave the PUD page in place in case some other CPU or thread
+ * already found it, but remove any useless entries we just
+ * added to it.
+ */
- unmap_pgd_range(cpa->pgd, addr,
+ unmap_pud_range(pgd_entry, addr,
addr + (cpa->numpages << PAGE_SHIFT));
return ret;
}
This effectively open-codes what the now-deleted unmap_pgd_range()
function used to do except that unmap_pgd_range() used to try to
free the page as well.
Reported-by: Valdis Kletnieks <Valdis.Kletnieks@vt.edu>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Luis R. Rodriguez <mcgrof@suse.com>
Cc: Mike Krinkin <krinkin.m.u@gmail.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hp.com>
Link: http://lkml.kernel.org/r/21cbc2822aa18aa812c0215f4231dbf5f65afa7f.1469249789.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-07-23 11:58:08 +07:00
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
set_p4d(p4d, __p4d(__pa(pud) | _KERNPG_TABLE));
|
2013-10-31 23:25:01 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
pgprot_val(pgprot) &= ~pgprot_val(cpa->mask_clr);
|
|
|
|
pgprot_val(pgprot) |= pgprot_val(cpa->mask_set);
|
|
|
|
|
2017-03-18 01:55:12 +07:00
|
|
|
ret = populate_pud(cpa, addr, p4d, pgprot);
|
2013-10-31 23:25:05 +07:00
|
|
|
if (ret < 0) {
|
2016-07-23 23:59:28 +07:00
|
|
|
/*
|
|
|
|
* Leave the PUD page in place in case some other CPU or thread
|
|
|
|
* already found it, but remove any useless entries we just
|
|
|
|
* added to it.
|
|
|
|
*/
|
2017-03-18 01:55:12 +07:00
|
|
|
unmap_pud_range(p4d, addr,
|
2013-10-31 23:25:05 +07:00
|
|
|
addr + (cpa->numpages << PAGE_SHIFT));
|
2013-10-31 23:25:01 +07:00
|
|
|
return ret;
|
2013-10-31 23:25:05 +07:00
|
|
|
}
|
2014-01-18 18:48:16 +07:00
|
|
|
|
2013-10-31 23:25:01 +07:00
|
|
|
cpa->numpages = ret;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2009-01-21 05:20:21 +07:00
|
|
|
static int __cpa_process_fault(struct cpa_data *cpa, unsigned long vaddr,
|
|
|
|
int primary)
|
|
|
|
{
|
2016-04-26 03:06:35 +07:00
|
|
|
if (cpa->pgd) {
|
|
|
|
/*
|
|
|
|
* Right now, we only execute this code path when mapping
|
|
|
|
* the EFI virtual memory map regions, no other users
|
|
|
|
* provide a ->pgd value. This may change in the future.
|
|
|
|
*/
|
2013-10-31 23:25:07 +07:00
|
|
|
return populate_pgd(cpa, vaddr);
|
2016-04-26 03:06:35 +07:00
|
|
|
}
|
2013-10-31 23:25:07 +07:00
|
|
|
|
2009-01-21 05:20:21 +07:00
|
|
|
/*
|
|
|
|
* Ignore all non primary paths.
|
|
|
|
*/
|
x86/mm: Avoid premature success when changing page attributes
set_memory_nx() (and set_memory_x()) currently differ in behavior from
all other set_memory_*() functions when encountering a virtual address
space hole within the kernel address range: They stop processing at the
hole, but nevertheless report success (making the caller believe the
operation was carried out on the entire range). While observed to be a
problem - triggering the CONFIG_DEBUG_WX warning - only with out of
tree code, I suspect (but didn't check) that on x86-64 the
CONFIG_DEBUG_PAGEALLOC logic in free_init_pages() would, when called
from free_initmem(), have the same effect on the set_memory_nx() called
from mark_rodata_ro().
This unexpected behavior is a result of change_page_attr_set_clr()
special casing changes to only the NX bit, in that it passes "false" as
the "checkalias" argument to __change_page_attr_set_clr(). Since this
flag becomes the "primary" argument of both __change_page_attr() and
__cpa_process_fault(), the latter would so far return success without
adjusting cpa->numpages. Success to the higher level callers, however,
means that whatever cpa->numpages currently holds is the count of
successfully processed pages. The cases when __change_page_attr() calls
__cpa_process_fault(), otoh, don't generally mean the entire range got
processed (as can be seen from one of the two success return paths in
__cpa_process_fault() already adjusting ->numpages).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Link: http://lkml.kernel.org/r/56BB0AD402000078000D05BF@prv-mh.provo.novell.com
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2016-02-10 16:03:00 +07:00
|
|
|
if (!primary) {
|
|
|
|
cpa->numpages = 1;
|
2009-01-21 05:20:21 +07:00
|
|
|
return 0;
|
x86/mm: Avoid premature success when changing page attributes
set_memory_nx() (and set_memory_x()) currently differ in behavior from
all other set_memory_*() functions when encountering a virtual address
space hole within the kernel address range: They stop processing at the
hole, but nevertheless report success (making the caller believe the
operation was carried out on the entire range). While observed to be a
problem - triggering the CONFIG_DEBUG_WX warning - only with out of
tree code, I suspect (but didn't check) that on x86-64 the
CONFIG_DEBUG_PAGEALLOC logic in free_init_pages() would, when called
from free_initmem(), have the same effect on the set_memory_nx() called
from mark_rodata_ro().
This unexpected behavior is a result of change_page_attr_set_clr()
special casing changes to only the NX bit, in that it passes "false" as
the "checkalias" argument to __change_page_attr_set_clr(). Since this
flag becomes the "primary" argument of both __change_page_attr() and
__cpa_process_fault(), the latter would so far return success without
adjusting cpa->numpages. Success to the higher level callers, however,
means that whatever cpa->numpages currently holds is the count of
successfully processed pages. The cases when __change_page_attr() calls
__cpa_process_fault(), otoh, don't generally mean the entire range got
processed (as can be seen from one of the two success return paths in
__cpa_process_fault() already adjusting ->numpages).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Link: http://lkml.kernel.org/r/56BB0AD402000078000D05BF@prv-mh.provo.novell.com
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2016-02-10 16:03:00 +07:00
|
|
|
}
|
2009-01-21 05:20:21 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Ignore the NULL PTE for kernel identity mapping, as it is expected
|
|
|
|
* to have holes.
|
|
|
|
* Also set numpages to '1' indicating that we processed cpa req for
|
|
|
|
* one virtual address page and its pfn. TBD: numpages can be set based
|
|
|
|
* on the initial value and the level returned by lookup_address().
|
|
|
|
*/
|
|
|
|
if (within(vaddr, PAGE_OFFSET,
|
|
|
|
PAGE_OFFSET + (max_pfn_mapped << PAGE_SHIFT))) {
|
|
|
|
cpa->numpages = 1;
|
|
|
|
cpa->pfn = __pa(vaddr) >> PAGE_SHIFT;
|
|
|
|
return 0;
|
2018-04-21 05:20:21 +07:00
|
|
|
|
|
|
|
} else if (__cpa_pfn_in_highmap(cpa->pfn)) {
|
|
|
|
/* Faults in the highmap are OK, so do not warn: */
|
|
|
|
return -EFAULT;
|
2009-01-21 05:20:21 +07:00
|
|
|
} else {
|
|
|
|
WARN(1, KERN_WARNING "CPA: called for zero pte. "
|
|
|
|
"vaddr = %lx cpa->vaddr = %lx\n", vaddr,
|
|
|
|
*cpa->vaddr);
|
|
|
|
|
|
|
|
return -EFAULT;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2008-02-19 02:54:14 +07:00
|
|
|
static int __change_page_attr(struct cpa_data *cpa, int primary)
|
2008-01-30 19:33:41 +07:00
|
|
|
{
|
2008-08-21 09:46:06 +07:00
|
|
|
unsigned long address;
|
2008-02-10 05:24:08 +07:00
|
|
|
int do_split, err;
|
|
|
|
unsigned int level;
|
2008-02-19 02:54:14 +07:00
|
|
|
pte_t *kpte, old_pte;
|
2005-04-17 05:20:36 +07:00
|
|
|
|
2009-08-03 14:25:45 +07:00
|
|
|
if (cpa->flags & CPA_PAGES_ARRAY) {
|
|
|
|
struct page *page = cpa->pages[cpa->curpage];
|
|
|
|
if (unlikely(PageHighMem(page)))
|
|
|
|
return 0;
|
|
|
|
address = (unsigned long)page_address(page);
|
|
|
|
} else if (cpa->flags & CPA_ARRAY)
|
2008-08-21 09:46:06 +07:00
|
|
|
address = cpa->vaddr[cpa->curpage];
|
|
|
|
else
|
|
|
|
address = *cpa->vaddr;
|
2008-01-30 19:33:55 +07:00
|
|
|
repeat:
|
2013-10-31 23:25:07 +07:00
|
|
|
kpte = _lookup_address_cpa(cpa, address, &level);
|
2005-04-17 05:20:36 +07:00
|
|
|
if (!kpte)
|
2009-01-21 05:20:21 +07:00
|
|
|
return __cpa_process_fault(cpa, address, primary);
|
2008-02-19 02:54:14 +07:00
|
|
|
|
|
|
|
old_pte = *kpte;
|
2016-07-08 07:19:15 +07:00
|
|
|
if (pte_none(old_pte))
|
2009-01-21 05:20:21 +07:00
|
|
|
return __cpa_process_fault(cpa, address, primary);
|
2008-01-30 19:33:41 +07:00
|
|
|
|
2008-01-30 19:34:04 +07:00
|
|
|
if (level == PG_LEVEL_4K) {
|
2008-02-19 02:54:14 +07:00
|
|
|
pte_t new_pte;
|
2008-02-04 22:48:05 +07:00
|
|
|
pgprot_t new_prot = pte_pgprot(old_pte);
|
2008-02-19 02:54:14 +07:00
|
|
|
unsigned long pfn = pte_pfn(old_pte);
|
2008-01-30 19:34:09 +07:00
|
|
|
|
2008-02-04 22:48:07 +07:00
|
|
|
pgprot_val(new_prot) &= ~pgprot_val(cpa->mask_clr);
|
|
|
|
pgprot_val(new_prot) |= pgprot_val(cpa->mask_set);
|
2008-01-30 19:34:09 +07:00
|
|
|
|
2018-09-17 21:29:12 +07:00
|
|
|
cpa_inc_4k_install();
|
2018-09-17 21:29:11 +07:00
|
|
|
new_prot = static_protections(new_prot, address, pfn, 1,
|
|
|
|
CPA_PROTECT);
|
2008-01-30 19:34:09 +07:00
|
|
|
|
2018-04-07 03:55:02 +07:00
|
|
|
new_prot = pgprot_clear_protnone_bits(new_prot);
|
2013-02-23 06:11:51 +07:00
|
|
|
|
2008-02-04 22:48:05 +07:00
|
|
|
/*
|
|
|
|
* We need to keep the pfn from the existing PTE,
|
|
|
|
* after all we're only going to change it's attributes
|
|
|
|
* not the memory it points to
|
|
|
|
*/
|
2018-04-07 03:55:11 +07:00
|
|
|
new_pte = pfn_pte(pfn, new_prot);
|
2008-02-19 02:54:14 +07:00
|
|
|
cpa->pfn = pfn;
|
2008-02-04 22:48:07 +07:00
|
|
|
/*
|
|
|
|
* Do we really change anything ?
|
|
|
|
*/
|
|
|
|
if (pte_val(old_pte) != pte_val(new_pte)) {
|
|
|
|
set_pte_atomic(kpte, new_pte);
|
2008-08-21 09:46:06 +07:00
|
|
|
cpa->flags |= CPA_FLUSHTLB;
|
2008-02-04 22:48:07 +07:00
|
|
|
}
|
2008-03-03 07:17:37 +07:00
|
|
|
cpa->numpages = 1;
|
2008-02-04 22:48:07 +07:00
|
|
|
return 0;
|
2005-04-17 05:20:36 +07:00
|
|
|
}
|
2008-02-04 22:48:07 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Check, whether we can keep the large page intact
|
|
|
|
* and just change the pte:
|
|
|
|
*/
|
2018-09-17 21:29:08 +07:00
|
|
|
do_split = should_split_large_page(kpte, address, cpa);
|
2008-02-04 22:48:07 +07:00
|
|
|
/*
|
|
|
|
* When the range fits into the existing large page,
|
2008-03-03 07:17:37 +07:00
|
|
|
* return. cp->numpages and cpa->tlbflush have been updated in
|
2008-02-04 22:48:07 +07:00
|
|
|
* try_large_page:
|
|
|
|
*/
|
2008-02-04 22:48:10 +07:00
|
|
|
if (do_split <= 0)
|
|
|
|
return do_split;
|
2008-02-04 22:48:07 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* We have to split the large page:
|
|
|
|
*/
|
2013-10-31 23:25:07 +07:00
|
|
|
err = split_large_page(cpa, kpte, address);
|
2018-09-19 15:50:18 +07:00
|
|
|
if (!err)
|
2008-02-04 22:48:10 +07:00
|
|
|
goto repeat;
|
2008-02-04 22:48:09 +07:00
|
|
|
|
2008-02-04 22:48:10 +07:00
|
|
|
return err;
|
2008-01-30 19:33:41 +07:00
|
|
|
}
|
2005-04-17 05:20:36 +07:00
|
|
|
|
2008-02-19 02:54:14 +07:00
|
|
|
static int __change_page_attr_set_clr(struct cpa_data *cpa, int checkalias);
|
|
|
|
|
|
|
|
static int cpa_process_alias(struct cpa_data *cpa)
|
2005-04-17 05:20:36 +07:00
|
|
|
{
|
2008-02-19 02:54:14 +07:00
|
|
|
struct cpa_data alias_cpa;
|
2009-06-22 09:56:24 +07:00
|
|
|
unsigned long laddr = (unsigned long)__va(cpa->pfn << PAGE_SHIFT);
|
2009-08-14 13:00:53 +07:00
|
|
|
unsigned long vaddr;
|
2009-06-22 09:56:24 +07:00
|
|
|
int ret;
|
2008-01-30 19:34:03 +07:00
|
|
|
|
2012-11-17 10:38:49 +07:00
|
|
|
if (!pfn_range_is_mapped(cpa->pfn, cpa->pfn + 1))
|
2008-02-19 02:54:14 +07:00
|
|
|
return 0;
|
2008-02-04 22:48:05 +07:00
|
|
|
|
2008-02-16 04:17:57 +07:00
|
|
|
/*
|
|
|
|
* No need to redo, when the primary call touched the direct
|
|
|
|
* mapping already:
|
|
|
|
*/
|
2009-08-03 14:25:45 +07:00
|
|
|
if (cpa->flags & CPA_PAGES_ARRAY) {
|
|
|
|
struct page *page = cpa->pages[cpa->curpage];
|
|
|
|
if (unlikely(PageHighMem(page)))
|
|
|
|
return 0;
|
|
|
|
vaddr = (unsigned long)page_address(page);
|
|
|
|
} else if (cpa->flags & CPA_ARRAY)
|
2008-08-21 09:46:06 +07:00
|
|
|
vaddr = cpa->vaddr[cpa->curpage];
|
|
|
|
else
|
|
|
|
vaddr = *cpa->vaddr;
|
|
|
|
|
|
|
|
if (!(within(vaddr, PAGE_OFFSET,
|
2009-01-21 05:20:21 +07:00
|
|
|
PAGE_OFFSET + (max_pfn_mapped << PAGE_SHIFT)))) {
|
2008-01-30 19:34:03 +07:00
|
|
|
|
2008-02-16 04:17:57 +07:00
|
|
|
alias_cpa = *cpa;
|
2009-06-22 09:56:24 +07:00
|
|
|
alias_cpa.vaddr = &laddr;
|
2009-03-20 04:51:14 +07:00
|
|
|
alias_cpa.flags &= ~(CPA_PAGES_ARRAY | CPA_ARRAY);
|
2008-08-21 09:46:06 +07:00
|
|
|
|
2008-02-16 04:17:57 +07:00
|
|
|
ret = __change_page_attr_set_clr(&alias_cpa, 0);
|
2009-06-22 09:56:24 +07:00
|
|
|
if (ret)
|
|
|
|
return ret;
|
2008-02-16 04:17:57 +07:00
|
|
|
}
|
2008-01-30 19:34:03 +07:00
|
|
|
|
|
|
|
#ifdef CONFIG_X86_64
|
2008-01-30 19:34:07 +07:00
|
|
|
/*
|
2009-06-22 09:56:24 +07:00
|
|
|
* If the primary call didn't touch the high mapping already
|
|
|
|
* and the physical address is inside the kernel map, we need
|
2008-01-30 19:34:09 +07:00
|
|
|
* to touch the high mapped kernel as well:
|
2008-01-30 19:34:07 +07:00
|
|
|
*/
|
2009-06-22 09:56:24 +07:00
|
|
|
if (!within(vaddr, (unsigned long)_text, _brk_end) &&
|
2018-04-21 05:20:21 +07:00
|
|
|
__cpa_pfn_in_highmap(cpa->pfn)) {
|
2009-06-22 09:56:24 +07:00
|
|
|
unsigned long temp_cpa_vaddr = (cpa->pfn << PAGE_SHIFT) +
|
|
|
|
__START_KERNEL_map - phys_base;
|
|
|
|
alias_cpa = *cpa;
|
|
|
|
alias_cpa.vaddr = &temp_cpa_vaddr;
|
|
|
|
alias_cpa.flags &= ~(CPA_PAGES_ARRAY | CPA_ARRAY);
|
2008-02-19 02:54:14 +07:00
|
|
|
|
2009-06-22 09:56:24 +07:00
|
|
|
/*
|
|
|
|
* The high mapping range is imprecise, so ignore the
|
|
|
|
* return value.
|
|
|
|
*/
|
|
|
|
__change_page_attr_set_clr(&alias_cpa, 0);
|
|
|
|
}
|
2008-01-30 19:34:07 +07:00
|
|
|
#endif
|
2009-06-22 09:56:24 +07:00
|
|
|
|
|
|
|
return 0;
|
2005-04-17 05:20:36 +07:00
|
|
|
}
|
|
|
|
|
2008-02-19 02:54:14 +07:00
|
|
|
static int __change_page_attr_set_clr(struct cpa_data *cpa, int checkalias)
|
2008-01-30 19:34:08 +07:00
|
|
|
{
|
2016-09-20 20:26:21 +07:00
|
|
|
unsigned long numpages = cpa->numpages;
|
|
|
|
int ret;
|
2008-01-30 19:34:08 +07:00
|
|
|
|
2008-02-04 22:48:07 +07:00
|
|
|
while (numpages) {
|
|
|
|
/*
|
|
|
|
* Store the remaining nr of pages for the large page
|
|
|
|
* preservation check.
|
|
|
|
*/
|
2008-03-03 07:17:37 +07:00
|
|
|
cpa->numpages = numpages;
|
2008-08-21 09:46:06 +07:00
|
|
|
/* for array changes, we can't use large page */
|
2009-03-20 04:51:14 +07:00
|
|
|
if (cpa->flags & (CPA_ARRAY | CPA_PAGES_ARRAY))
|
2008-08-21 09:46:06 +07:00
|
|
|
cpa->numpages = 1;
|
2008-02-19 02:54:14 +07:00
|
|
|
|
2016-03-16 04:57:33 +07:00
|
|
|
if (!debug_pagealloc_enabled())
|
2008-09-24 04:00:42 +07:00
|
|
|
spin_lock(&cpa_lock);
|
2008-02-19 02:54:14 +07:00
|
|
|
ret = __change_page_attr(cpa, checkalias);
|
2016-03-16 04:57:33 +07:00
|
|
|
if (!debug_pagealloc_enabled())
|
2008-09-24 04:00:42 +07:00
|
|
|
spin_unlock(&cpa_lock);
|
2008-01-30 19:34:08 +07:00
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
2008-02-19 02:54:14 +07:00
|
|
|
if (checkalias) {
|
|
|
|
ret = cpa_process_alias(cpa);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2008-02-04 22:48:07 +07:00
|
|
|
/*
|
|
|
|
* Adjust the number of pages with the result of the
|
|
|
|
* CPA operation. Either a large page has been
|
|
|
|
* preserved or a single page update happened.
|
|
|
|
*/
|
x86/mm/pat: Avoid truncation when converting cpa->numpages to address
There are a couple of nasty truncation bugs lurking in the pageattr
code that can be triggered when mapping EFI regions, e.g. when we pass
a cpa->pgd pointer. Because cpa->numpages is a 32-bit value, shifting
left by PAGE_SHIFT will truncate the resultant address to 32-bits.
Viorel-Cătălin managed to trigger this bug on his Dell machine that
provides a ~5GB EFI region which requires 1236992 pages to be mapped.
When calling populate_pud() the end of the region gets calculated
incorrectly in the following buggy expression,
end = start + (cpa->numpages << PAGE_SHIFT);
And only 188416 pages are mapped. Next, populate_pud() gets invoked
for a second time because of the loop in __change_page_attr_set_clr(),
only this time no pages get mapped because shifting the remaining
number of pages (1048576) by PAGE_SHIFT is zero. At which point the
loop in __change_page_attr_set_clr() spins forever because we fail to
map progress.
Hitting this bug depends very much on the virtual address we pick to
map the large region at and how many pages we map on the initial run
through the loop. This explains why this issue was only recently hit
with the introduction of commit
a5caa209ba9c ("x86/efi: Fix boot crash by mapping EFI memmap
entries bottom-up at runtime, instead of top-down")
It's interesting to note that safe uses of cpa->numpages do exist in
the pageattr code. If instead of shifting ->numpages we multiply by
PAGE_SIZE, no truncation occurs because PAGE_SIZE is a UL value, and
so the result is unsigned long.
To avoid surprises when users try to convert very large cpa->numpages
values to addresses, change the data type from 'int' to 'unsigned
long', thereby making it suitable for shifting by PAGE_SHIFT without
any type casting.
The alternative would be to make liberal use of casting, but that is
far more likely to cause problems in the future when someone adds more
code and fails to cast properly; this bug was difficult enough to
track down in the first place.
Reported-and-tested-by: Viorel-Cătălin Răpițeanu <rapiteanu.catalin@gmail.com>
Acked-by: Borislav Petkov <bp@alien8.de>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Link: https://bugzilla.kernel.org/show_bug.cgi?id=110131
Link: http://lkml.kernel.org/r/1454067370-10374-1-git-send-email-matt@codeblueprint.co.uk
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2016-01-29 18:36:10 +07:00
|
|
|
BUG_ON(cpa->numpages > numpages || !cpa->numpages);
|
2008-03-03 07:17:37 +07:00
|
|
|
numpages -= cpa->numpages;
|
2009-03-20 04:51:14 +07:00
|
|
|
if (cpa->flags & (CPA_PAGES_ARRAY | CPA_ARRAY))
|
2008-08-21 09:46:06 +07:00
|
|
|
cpa->curpage++;
|
|
|
|
else
|
|
|
|
*cpa->vaddr += cpa->numpages * PAGE_SIZE;
|
|
|
|
|
2008-02-04 22:48:07 +07:00
|
|
|
}
|
2008-01-30 19:34:08 +07:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2018-08-31 23:55:06 +07:00
|
|
|
/*
|
|
|
|
* Machine check recovery code needs to change cache mode of poisoned
|
|
|
|
* pages to UC to avoid speculative access logging another error. But
|
|
|
|
* passing the address of the 1:1 mapping to set_memory_uc() is a fine
|
|
|
|
* way to encourage a speculative access. So we cheat and flip the top
|
|
|
|
* bit of the address. This works fine for the code that updates the
|
|
|
|
* page tables. But at the end of the process we need to flush the cache
|
|
|
|
* and the non-canonical address causes a #GP fault when used by the
|
|
|
|
* CLFLUSH instruction.
|
|
|
|
*
|
|
|
|
* But in the common case we already have a canonical address. This code
|
|
|
|
* will fix the top bit if needed and is a no-op otherwise.
|
|
|
|
*/
|
|
|
|
static inline unsigned long make_addr_canonical_again(unsigned long addr)
|
|
|
|
{
|
|
|
|
#ifdef CONFIG_X86_64
|
|
|
|
return (long)(addr << 1) >> 1;
|
|
|
|
#else
|
|
|
|
return addr;
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2008-08-21 09:46:06 +07:00
|
|
|
static int change_page_attr_set_clr(unsigned long *addr, int numpages,
|
2008-03-12 09:53:29 +07:00
|
|
|
pgprot_t mask_set, pgprot_t mask_clr,
|
2009-03-20 04:51:14 +07:00
|
|
|
int force_split, int in_flag,
|
|
|
|
struct page **pages)
|
2008-01-30 19:34:08 +07:00
|
|
|
{
|
2008-02-04 22:48:07 +07:00
|
|
|
struct cpa_data cpa;
|
2008-08-21 18:46:33 +07:00
|
|
|
int ret, cache, checkalias;
|
2009-09-04 00:56:02 +07:00
|
|
|
unsigned long baddr = 0;
|
2008-02-04 22:48:06 +07:00
|
|
|
|
2013-10-31 23:25:07 +07:00
|
|
|
memset(&cpa, 0, sizeof(cpa));
|
|
|
|
|
2008-02-04 22:48:06 +07:00
|
|
|
/*
|
x86/pti: Never implicitly clear _PAGE_GLOBAL for kernel image
Summary:
In current kernels, with PTI enabled, no pages are marked Global. This
potentially increases TLB misses. But, the mechanism by which the Global
bit is set and cleared is rather haphazard. This patch makes the process
more explicit. In the end, it leaves us with Global entries in the page
tables for the areas truly shared by userspace and kernel and increases
TLB hit rates.
The place this patch really shines in on systems without PCIDs. In this
case, we are using an lseek microbenchmark[1] to see how a reasonably
non-trivial syscall behaves. Higher is better:
No Global pages (baseline): 6077741 lseeks/sec
88 Global Pages (this set): 7528609 lseeks/sec (+23.9%)
On a modern Skylake desktop with PCIDs, the benefits are tangible, but not
huge for a kernel compile (lower is better):
No Global pages (baseline): 186.951 seconds time elapsed ( +- 0.35% )
28 Global pages (this set): 185.756 seconds time elapsed ( +- 0.09% )
-1.195 seconds (-0.64%)
I also re-checked everything using the lseek1 test[1]:
No Global pages (baseline): 15783951 lseeks/sec
28 Global pages (this set): 16054688 lseeks/sec
+270737 lseeks/sec (+1.71%)
The effect is more visible, but still modest.
Details:
The kernel page tables are inherited from head_64.S which rudely marks
them as _PAGE_GLOBAL. For PTI, we have been relying on the grace of
$DEITY and some insane behavior in pageattr.c to clear _PAGE_GLOBAL.
This patch tries to do better.
First, stop filtering out "unsupported" bits from being cleared in the
pageattr code. It's fine to filter out *setting* these bits but it
is insane to keep us from clearing them.
Then, *explicitly* go clear _PAGE_GLOBAL from the kernel identity map.
Do not rely on pageattr to do it magically.
After this patch, we can see that "GLB" shows up in each copy of the
page tables, that we have the same number of global entries in each
and that they are the *same* entries.
/sys/kernel/debug/page_tables/current_kernel:11
/sys/kernel/debug/page_tables/current_user:11
/sys/kernel/debug/page_tables/kernel:11
9caae8ad6a1fb53aca2407ec037f612d current_kernel.GLB
9caae8ad6a1fb53aca2407ec037f612d current_user.GLB
9caae8ad6a1fb53aca2407ec037f612d kernel.GLB
A quick visual audit also shows that all the entries make sense.
0xfffffe0000000000 is the cpu_entry_area and 0xffffffff81c00000
is the entry/exit text:
0xfffffe0000000000-0xfffffe0000002000 8K ro GLB NX pte
0xfffffe0000002000-0xfffffe0000003000 4K RW GLB NX pte
0xfffffe0000003000-0xfffffe0000006000 12K ro GLB NX pte
0xfffffe0000006000-0xfffffe0000007000 4K ro GLB x pte
0xfffffe0000007000-0xfffffe000000d000 24K RW GLB NX pte
0xfffffe000002d000-0xfffffe000002e000 4K ro GLB NX pte
0xfffffe000002e000-0xfffffe000002f000 4K RW GLB NX pte
0xfffffe000002f000-0xfffffe0000032000 12K ro GLB NX pte
0xfffffe0000032000-0xfffffe0000033000 4K ro GLB x pte
0xfffffe0000033000-0xfffffe0000039000 24K RW GLB NX pte
0xffffffff81c00000-0xffffffff81e00000 2M ro PSE GLB x pmd
[1.] https://github.com/antonblanchard/will-it-scale/blob/master/tests/lseek1.c
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kees Cook <keescook@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Nadav Amit <namit@vmware.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/20180406205517.C80FBE05@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2018-04-07 03:55:17 +07:00
|
|
|
* Check, if we are requested to set a not supported
|
|
|
|
* feature. Clearing non-supported features is OK.
|
2008-02-04 22:48:06 +07:00
|
|
|
*/
|
|
|
|
mask_set = canon_pgprot(mask_set);
|
x86/pti: Never implicitly clear _PAGE_GLOBAL for kernel image
Summary:
In current kernels, with PTI enabled, no pages are marked Global. This
potentially increases TLB misses. But, the mechanism by which the Global
bit is set and cleared is rather haphazard. This patch makes the process
more explicit. In the end, it leaves us with Global entries in the page
tables for the areas truly shared by userspace and kernel and increases
TLB hit rates.
The place this patch really shines in on systems without PCIDs. In this
case, we are using an lseek microbenchmark[1] to see how a reasonably
non-trivial syscall behaves. Higher is better:
No Global pages (baseline): 6077741 lseeks/sec
88 Global Pages (this set): 7528609 lseeks/sec (+23.9%)
On a modern Skylake desktop with PCIDs, the benefits are tangible, but not
huge for a kernel compile (lower is better):
No Global pages (baseline): 186.951 seconds time elapsed ( +- 0.35% )
28 Global pages (this set): 185.756 seconds time elapsed ( +- 0.09% )
-1.195 seconds (-0.64%)
I also re-checked everything using the lseek1 test[1]:
No Global pages (baseline): 15783951 lseeks/sec
28 Global pages (this set): 16054688 lseeks/sec
+270737 lseeks/sec (+1.71%)
The effect is more visible, but still modest.
Details:
The kernel page tables are inherited from head_64.S which rudely marks
them as _PAGE_GLOBAL. For PTI, we have been relying on the grace of
$DEITY and some insane behavior in pageattr.c to clear _PAGE_GLOBAL.
This patch tries to do better.
First, stop filtering out "unsupported" bits from being cleared in the
pageattr code. It's fine to filter out *setting* these bits but it
is insane to keep us from clearing them.
Then, *explicitly* go clear _PAGE_GLOBAL from the kernel identity map.
Do not rely on pageattr to do it magically.
After this patch, we can see that "GLB" shows up in each copy of the
page tables, that we have the same number of global entries in each
and that they are the *same* entries.
/sys/kernel/debug/page_tables/current_kernel:11
/sys/kernel/debug/page_tables/current_user:11
/sys/kernel/debug/page_tables/kernel:11
9caae8ad6a1fb53aca2407ec037f612d current_kernel.GLB
9caae8ad6a1fb53aca2407ec037f612d current_user.GLB
9caae8ad6a1fb53aca2407ec037f612d kernel.GLB
A quick visual audit also shows that all the entries make sense.
0xfffffe0000000000 is the cpu_entry_area and 0xffffffff81c00000
is the entry/exit text:
0xfffffe0000000000-0xfffffe0000002000 8K ro GLB NX pte
0xfffffe0000002000-0xfffffe0000003000 4K RW GLB NX pte
0xfffffe0000003000-0xfffffe0000006000 12K ro GLB NX pte
0xfffffe0000006000-0xfffffe0000007000 4K ro GLB x pte
0xfffffe0000007000-0xfffffe000000d000 24K RW GLB NX pte
0xfffffe000002d000-0xfffffe000002e000 4K ro GLB NX pte
0xfffffe000002e000-0xfffffe000002f000 4K RW GLB NX pte
0xfffffe000002f000-0xfffffe0000032000 12K ro GLB NX pte
0xfffffe0000032000-0xfffffe0000033000 4K ro GLB x pte
0xfffffe0000033000-0xfffffe0000039000 24K RW GLB NX pte
0xffffffff81c00000-0xffffffff81e00000 2M ro PSE GLB x pmd
[1.] https://github.com/antonblanchard/will-it-scale/blob/master/tests/lseek1.c
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kees Cook <keescook@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Nadav Amit <namit@vmware.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/20180406205517.C80FBE05@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2018-04-07 03:55:17 +07:00
|
|
|
|
2008-03-12 09:53:29 +07:00
|
|
|
if (!pgprot_val(mask_set) && !pgprot_val(mask_clr) && !force_split)
|
2008-02-04 22:48:06 +07:00
|
|
|
return 0;
|
|
|
|
|
2008-02-13 17:04:50 +07:00
|
|
|
/* Ensure we are PAGE_SIZE aligned */
|
2009-03-20 04:51:14 +07:00
|
|
|
if (in_flag & CPA_ARRAY) {
|
2008-08-21 09:46:06 +07:00
|
|
|
int i;
|
|
|
|
for (i = 0; i < numpages; i++) {
|
|
|
|
if (addr[i] & ~PAGE_MASK) {
|
|
|
|
addr[i] &= PAGE_MASK;
|
|
|
|
WARN_ON_ONCE(1);
|
|
|
|
}
|
|
|
|
}
|
2009-03-20 04:51:14 +07:00
|
|
|
} else if (!(in_flag & CPA_PAGES_ARRAY)) {
|
|
|
|
/*
|
|
|
|
* in_flag of CPA_PAGES_ARRAY implies it is aligned.
|
|
|
|
* No need to cehck in that case
|
|
|
|
*/
|
|
|
|
if (*addr & ~PAGE_MASK) {
|
|
|
|
*addr &= PAGE_MASK;
|
|
|
|
/*
|
|
|
|
* People should not be passing in unaligned addresses:
|
|
|
|
*/
|
|
|
|
WARN_ON_ONCE(1);
|
|
|
|
}
|
2009-09-04 00:56:02 +07:00
|
|
|
/*
|
|
|
|
* Save address for cache flush. *addr is modified in the call
|
|
|
|
* to __change_page_attr_set_clr() below.
|
|
|
|
*/
|
2018-08-31 23:55:06 +07:00
|
|
|
baddr = make_addr_canonical_again(*addr);
|
2008-02-13 17:04:50 +07:00
|
|
|
}
|
|
|
|
|
2008-08-01 08:15:21 +07:00
|
|
|
/* Must avoid aliasing mappings in the highmem code */
|
|
|
|
kmap_flush_unused();
|
|
|
|
|
mm: rewrite vmap layer
Rewrite the vmap allocator to use rbtrees and lazy tlb flushing, and
provide a fast, scalable percpu frontend for small vmaps (requires a
slightly different API, though).
The biggest problem with vmap is actually vunmap. Presently this requires
a global kernel TLB flush, which on most architectures is a broadcast IPI
to all CPUs to flush the cache. This is all done under a global lock. As
the number of CPUs increases, so will the number of vunmaps a scaled
workload will want to perform, and so will the cost of a global TLB flush.
This gives terrible quadratic scalability characteristics.
Another problem is that the entire vmap subsystem works under a single
lock. It is a rwlock, but it is actually taken for write in all the fast
paths, and the read locking would likely never be run concurrently anyway,
so it's just pointless.
This is a rewrite of vmap subsystem to solve those problems. The existing
vmalloc API is implemented on top of the rewritten subsystem.
The TLB flushing problem is solved by using lazy TLB unmapping. vmap
addresses do not have to be flushed immediately when they are vunmapped,
because the kernel will not reuse them again (would be a use-after-free)
until they are reallocated. So the addresses aren't allocated again until
a subsequent TLB flush. A single TLB flush then can flush multiple
vunmaps from each CPU.
XEN and PAT and such do not like deferred TLB flushing because they can't
always handle multiple aliasing virtual addresses to a physical address.
They now call vm_unmap_aliases() in order to flush any deferred mappings.
That call is very expensive (well, actually not a lot more expensive than
a single vunmap under the old scheme), however it should be OK if not
called too often.
The virtual memory extent information is stored in an rbtree rather than a
linked list to improve the algorithmic scalability.
There is a per-CPU allocator for small vmaps, which amortizes or avoids
global locking.
To use the per-CPU interface, the vm_map_ram / vm_unmap_ram interfaces
must be used in place of vmap and vunmap. Vmalloc does not use these
interfaces at the moment, so it will not be quite so scalable (although it
will use lazy TLB flushing).
As a quick test of performance, I ran a test that loops in the kernel,
linearly mapping then touching then unmapping 4 pages. Different numbers
of tests were run in parallel on an 4 core, 2 socket opteron. Results are
in nanoseconds per map+touch+unmap.
threads vanilla vmap rewrite
1 14700 2900
2 33600 3000
4 49500 2800
8 70631 2900
So with a 8 cores, the rewritten version is already 25x faster.
In a slightly more realistic test (although with an older and less
scalable version of the patch), I ripped the not-very-good vunmap batching
code out of XFS, and implemented the large buffer mapping with vm_map_ram
and vm_unmap_ram... along with a couple of other tricks, I was able to
speed up a large directory workload by 20x on a 64 CPU system. I believe
vmap/vunmap is actually sped up a lot more than 20x on such a system, but
I'm running into other locks now. vmap is pretty well blown off the
profiles.
Before:
1352059 total 0.1401
798784 _write_lock 8320.6667 <- vmlist_lock
529313 default_idle 1181.5022
15242 smp_call_function 15.8771 <- vmap tlb flushing
2472 __get_vm_area_node 1.9312 <- vmap
1762 remove_vm_area 4.5885 <- vunmap
316 map_vm_area 0.2297 <- vmap
312 kfree 0.1950
300 _spin_lock 3.1250
252 sn_send_IPI_phys 0.4375 <- tlb flushing
238 vmap 0.8264 <- vmap
216 find_lock_page 0.5192
196 find_next_bit 0.3603
136 sn2_send_IPI 0.2024
130 pio_phys_write_mmr 2.0312
118 unmap_kernel_range 0.1229
After:
78406 total 0.0081
40053 default_idle 89.4040
33576 ia64_spinlock_contention 349.7500
1650 _spin_lock 17.1875
319 __reg_op 0.5538
281 _atomic_dec_and_lock 1.0977
153 mutex_unlock 1.5938
123 iget_locked 0.1671
117 xfs_dir_lookup 0.1662
117 dput 0.1406
114 xfs_iget_core 0.0268
92 xfs_da_hashname 0.1917
75 d_alloc 0.0670
68 vmap_page_range 0.0462 <- vmap
58 kmem_cache_alloc 0.0604
57 memset 0.0540
52 rb_next 0.1625
50 __copy_user 0.0208
49 bitmap_find_free_region 0.2188 <- vmap
46 ia64_sn_udelay 0.1106
45 find_inode_fast 0.1406
42 memcmp 0.2188
42 finish_task_switch 0.1094
42 __d_lookup 0.0410
40 radix_tree_lookup_slot 0.1250
37 _spin_unlock_irqrestore 0.3854
36 xfs_bmapi 0.0050
36 kmem_cache_free 0.0256
35 xfs_vn_getattr 0.0322
34 radix_tree_lookup 0.1062
33 __link_path_walk 0.0035
31 xfs_da_do_buf 0.0091
30 _xfs_buf_find 0.0204
28 find_get_page 0.0875
27 xfs_iread 0.0241
27 __strncpy_from_user 0.2812
26 _xfs_buf_initialize 0.0406
24 _xfs_buf_lookup_pages 0.0179
24 vunmap_page_range 0.0250 <- vunmap
23 find_lock_page 0.0799
22 vm_map_ram 0.0087 <- vmap
20 kfree 0.0125
19 put_page 0.0330
18 __kmalloc 0.0176
17 xfs_da_node_lookup_int 0.0086
17 _read_lock 0.0885
17 page_waitqueue 0.0664
vmap has gone from being the top 5 on the profiles and flushing the crap
out of all TLBs, to using less than 1% of kernel time.
[akpm@linux-foundation.org: cleanups, section fix]
[akpm@linux-foundation.org: fix build on alpha]
Signed-off-by: Nick Piggin <npiggin@suse.de>
Cc: Jeremy Fitzhardinge <jeremy@goop.org>
Cc: Krzysztof Helt <krzysztof.h1@poczta.fm>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-10-19 10:27:03 +07:00
|
|
|
vm_unmap_aliases();
|
|
|
|
|
2008-02-04 22:48:07 +07:00
|
|
|
cpa.vaddr = addr;
|
2009-03-20 04:51:14 +07:00
|
|
|
cpa.pages = pages;
|
2008-02-04 22:48:07 +07:00
|
|
|
cpa.numpages = numpages;
|
|
|
|
cpa.mask_set = mask_set;
|
|
|
|
cpa.mask_clr = mask_clr;
|
2008-08-21 09:46:06 +07:00
|
|
|
cpa.flags = 0;
|
|
|
|
cpa.curpage = 0;
|
2008-03-12 09:53:29 +07:00
|
|
|
cpa.force_split = force_split;
|
2008-02-04 22:48:07 +07:00
|
|
|
|
2009-03-20 04:51:14 +07:00
|
|
|
if (in_flag & (CPA_ARRAY | CPA_PAGES_ARRAY))
|
|
|
|
cpa.flags |= in_flag;
|
2008-08-21 09:46:06 +07:00
|
|
|
|
2008-02-16 03:49:46 +07:00
|
|
|
/* No alias checking for _NX bit modifications */
|
|
|
|
checkalias = (pgprot_val(mask_set) | pgprot_val(mask_clr)) != _PAGE_NX;
|
x86/mm/init: Remove freed kernel image areas from alias mapping
The kernel image is mapped into two places in the virtual address space
(addresses without KASLR, of course):
1. The kernel direct map (0xffff880000000000)
2. The "high kernel map" (0xffffffff81000000)
We actually execute out of #2. If we get the address of a kernel symbol,
it points to #2, but almost all physical-to-virtual translations point to
Parts of the "high kernel map" alias are mapped in the userspace page
tables with the Global bit for performance reasons. The parts that we map
to userspace do not (er, should not) have secrets. When PTI is enabled then
the global bit is usually not set in the high mapping and just used to
compensate for poor performance on systems which lack PCID.
This is fine, except that some areas in the kernel image that are adjacent
to the non-secret-containing areas are unused holes. We free these holes
back into the normal page allocator and reuse them as normal kernel memory.
The memory will, of course, get *used* via the normal map, but the alias
mapping is kept.
This otherwise unused alias mapping of the holes will, by default keep the
Global bit, be mapped out to userspace, and be vulnerable to Meltdown.
Remove the alias mapping of these pages entirely. This is likely to
fracture the 2M page mapping the kernel image near these areas, but this
should affect a minority of the area.
The pageattr code changes *all* aliases mapping the physical pages that it
operates on (by default). We only want to modify a single alias, so we
need to tweak its behavior.
This unmapping behavior is currently dependent on PTI being in place.
Going forward, we should at least consider doing this for all
configurations. Having an extra read-write alias for memory is not exactly
ideal for debugging things like random memory corruption and this does
undercut features like DEBUG_PAGEALLOC or future work like eXclusive Page
Frame Ownership (XPFO).
Before this patch:
current_kernel:---[ High Kernel Mapping ]---
current_kernel-0xffffffff80000000-0xffffffff81000000 16M pmd
current_kernel-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_kernel-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_kernel-0xffffffff81e11000-0xffffffff82000000 1980K RW NX pte
current_kernel-0xffffffff82000000-0xffffffff82600000 6M ro PSE GLB NX pmd
current_kernel-0xffffffff82600000-0xffffffff82c00000 6M RW PSE NX pmd
current_kernel-0xffffffff82c00000-0xffffffff82e00000 2M RW NX pte
current_kernel-0xffffffff82e00000-0xffffffff83200000 4M RW PSE NX pmd
current_kernel-0xffffffff83200000-0xffffffffa0000000 462M pmd
current_user:---[ High Kernel Mapping ]---
current_user-0xffffffff80000000-0xffffffff81000000 16M pmd
current_user-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_user-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_user-0xffffffff81e11000-0xffffffff82000000 1980K RW NX pte
current_user-0xffffffff82000000-0xffffffff82600000 6M ro PSE GLB NX pmd
current_user-0xffffffff82600000-0xffffffffa0000000 474M pmd
After this patch:
current_kernel:---[ High Kernel Mapping ]---
current_kernel-0xffffffff80000000-0xffffffff81000000 16M pmd
current_kernel-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_kernel-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_kernel-0xffffffff81e11000-0xffffffff82000000 1980K pte
current_kernel-0xffffffff82000000-0xffffffff82400000 4M ro PSE GLB NX pmd
current_kernel-0xffffffff82400000-0xffffffff82488000 544K ro NX pte
current_kernel-0xffffffff82488000-0xffffffff82600000 1504K pte
current_kernel-0xffffffff82600000-0xffffffff82c00000 6M RW PSE NX pmd
current_kernel-0xffffffff82c00000-0xffffffff82c0d000 52K RW NX pte
current_kernel-0xffffffff82c0d000-0xffffffff82dc0000 1740K pte
current_user:---[ High Kernel Mapping ]---
current_user-0xffffffff80000000-0xffffffff81000000 16M pmd
current_user-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_user-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_user-0xffffffff81e11000-0xffffffff82000000 1980K pte
current_user-0xffffffff82000000-0xffffffff82400000 4M ro PSE GLB NX pmd
current_user-0xffffffff82400000-0xffffffff82488000 544K ro NX pte
current_user-0xffffffff82488000-0xffffffff82600000 1504K pte
current_user-0xffffffff82600000-0xffffffffa0000000 474M pmd
[ tglx: Do not unmap on 32bit as there is only one mapping ]
Fixes: 0f561fce4d69 ("x86/pti: Enable global pages for shared areas")
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Kees Cook <keescook@google.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Joerg Roedel <jroedel@suse.de>
Link: https://lkml.kernel.org/r/20180802225831.5F6A2BFC@viggo.jf.intel.com
2018-08-03 05:58:31 +07:00
|
|
|
/* Has caller explicitly disabled alias checking? */
|
|
|
|
if (in_flag & CPA_NO_CHECK_ALIAS)
|
|
|
|
checkalias = 0;
|
2008-02-16 03:49:46 +07:00
|
|
|
|
|
|
|
ret = __change_page_attr_set_clr(&cpa, checkalias);
|
2008-01-30 19:34:08 +07:00
|
|
|
|
2008-02-04 22:48:07 +07:00
|
|
|
/*
|
|
|
|
* Check whether we really changed something:
|
|
|
|
*/
|
2008-08-21 09:46:06 +07:00
|
|
|
if (!(cpa.flags & CPA_FLUSHTLB))
|
2008-08-04 13:51:24 +07:00
|
|
|
goto out;
|
2008-08-21 18:46:33 +07:00
|
|
|
|
2008-02-04 22:48:06 +07:00
|
|
|
/*
|
|
|
|
* No need to flush, when we did not set any of the caching
|
|
|
|
* attributes:
|
|
|
|
*/
|
2014-11-03 20:01:57 +07:00
|
|
|
cache = !!pgprot2cachemode(mask_set);
|
2008-02-04 22:48:06 +07:00
|
|
|
|
2008-01-30 19:34:08 +07:00
|
|
|
/*
|
2014-03-12 21:13:04 +07:00
|
|
|
* On success we use CLFLUSH, when the CPU supports it to
|
|
|
|
* avoid the WBINVD. If the CPU does not support it and in the
|
2012-08-14 23:53:38 +07:00
|
|
|
* error case we fall back to cpa_flush_all (which uses
|
2014-03-12 21:13:04 +07:00
|
|
|
* WBINVD):
|
2008-01-30 19:34:08 +07:00
|
|
|
*/
|
2016-03-29 22:41:59 +07:00
|
|
|
if (!ret && boot_cpu_has(X86_FEATURE_CLFLUSH)) {
|
2009-03-20 04:51:14 +07:00
|
|
|
if (cpa.flags & (CPA_PAGES_ARRAY | CPA_ARRAY)) {
|
|
|
|
cpa_flush_array(addr, numpages, cache,
|
|
|
|
cpa.flags, pages);
|
|
|
|
} else
|
2009-09-04 00:56:02 +07:00
|
|
|
cpa_flush_range(baddr, numpages, cache);
|
2008-08-21 09:46:06 +07:00
|
|
|
} else
|
2008-02-04 22:48:06 +07:00
|
|
|
cpa_flush_all(cache);
|
2008-08-21 18:46:33 +07:00
|
|
|
|
2008-02-10 05:24:09 +07:00
|
|
|
out:
|
2008-01-30 19:34:08 +07:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2008-08-21 09:46:06 +07:00
|
|
|
static inline int change_page_attr_set(unsigned long *addr, int numpages,
|
|
|
|
pgprot_t mask, int array)
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
{
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_set_clr(addr, numpages, mask, __pgprot(0), 0,
|
2009-03-20 04:51:14 +07:00
|
|
|
(array ? CPA_ARRAY : 0), NULL);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
|
|
|
|
2008-08-21 09:46:06 +07:00
|
|
|
static inline int change_page_attr_clear(unsigned long *addr, int numpages,
|
|
|
|
pgprot_t mask, int array)
|
2008-01-30 19:34:08 +07:00
|
|
|
{
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_set_clr(addr, numpages, __pgprot(0), mask, 0,
|
2009-03-20 04:51:14 +07:00
|
|
|
(array ? CPA_ARRAY : 0), NULL);
|
2008-01-30 19:34:08 +07:00
|
|
|
}
|
|
|
|
|
2009-03-20 04:51:15 +07:00
|
|
|
static inline int cpa_set_pages_array(struct page **pages, int numpages,
|
|
|
|
pgprot_t mask)
|
|
|
|
{
|
|
|
|
return change_page_attr_set_clr(NULL, numpages, mask, __pgprot(0), 0,
|
|
|
|
CPA_PAGES_ARRAY, pages);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int cpa_clear_pages_array(struct page **pages, int numpages,
|
|
|
|
pgprot_t mask)
|
|
|
|
{
|
|
|
|
return change_page_attr_set_clr(NULL, numpages, __pgprot(0), mask, 0,
|
|
|
|
CPA_PAGES_ARRAY, pages);
|
|
|
|
}
|
|
|
|
|
2008-03-19 07:00:18 +07:00
|
|
|
int _set_memory_uc(unsigned long addr, int numpages)
|
2008-01-30 19:34:08 +07:00
|
|
|
{
|
2008-04-26 07:07:22 +07:00
|
|
|
/*
|
|
|
|
* for now UC MINUS. see comments in ioremap_nocache()
|
x86/mm: Add ioremap_uc() helper to map memory uncacheable (not UC-)
ioremap_nocache() currently uses UC- by default. Our goal is to
eventually make UC the default. Linux maps UC- to PCD=1, PWT=0
page attributes on non-PAT systems. Linux maps UC to PCD=1,
PWT=1 page attributes on non-PAT systems. On non-PAT and PAT
systems a WC MTRR has different effects on pages with either of
these attributes. In order to help with a smooth transition its
best to enable use of UC (PCD,1, PWT=1) on a region as that
ensures a WC MTRR will have no effect on a region, this however
requires us to have an way to declare a region as UC and we
currently do not have a way to do this.
WC MTRR on non-PAT system with PCD=1, PWT=0 (UC-) yields WC.
WC MTRR on non-PAT system with PCD=1, PWT=1 (UC) yields UC.
WC MTRR on PAT system with PCD=1, PWT=0 (UC-) yields WC.
WC MTRR on PAT system with PCD=1, PWT=1 (UC) yields UC.
A flip of the default ioremap_nocache() behaviour from UC- to UC
can therefore regress a memory region from effective memory type
WC to UC if MTRRs are used. Use of MTRRs should be phased out
and in the best case only arch_phys_wc_add() use will remain,
even if this happens arch_phys_wc_add() will have an effect on
non-PAT systems and changes to default ioremap_nocache()
behaviour could regress drivers.
Now, ideally we'd use ioremap_nocache() on the regions in which
we'd need uncachable memory types and avoid any MTRRs on those
regions. There are however some restrictions on MTRRs use, such
as the requirement of having the base and size of variable sized
MTRRs to be powers of two, which could mean having to use a WC
MTRR over a large area which includes a region in which
write-combining effects are undesirable.
Add ioremap_uc() to help with the both phasing out of MTRR use
and also provide a way to blacklist small WC undesirable regions
in devices with mixed regions which are size-implicated to use
large WC MTRRs. Use of ioremap_uc() helps phase out MTRR use by
avoiding regressions with an eventual flip of default behaviour
or ioremap_nocache() from UC- to UC.
Drivers working with WC MTRRs can use the below table to review
and consider the use of ioremap*() and similar helpers to ensure
appropriate behaviour long term even if default
ioremap_nocache() behaviour changes from UC- to UC.
Although ioremap_uc() is being added we leave set_memory_uc() to
use UC- as only initial memory type setup is required to be able
to accommodate existing device drivers and phase out MTRR use.
It should also be clarified that set_memory_uc() cannot be used
with IO memory, even though its use will not return any errors,
it really has no effect.
----------------------------------------------------------------------
MTRR Non-PAT PAT Linux ioremap value Effective memory type
----------------------------------------------------------------------
Non-PAT | PAT
PAT
|PCD
||PWT
|||
WC 000 WB _PAGE_CACHE_MODE_WB WC | WC
WC 001 WC _PAGE_CACHE_MODE_WC WC* | WC
WC 010 UC- _PAGE_CACHE_MODE_UC_MINUS WC* | WC
WC 011 UC _PAGE_CACHE_MODE_UC UC | UC
----------------------------------------------------------------------
Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: H. Peter Anvin <hpa@zytor.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Antonino Daplas <adaplas@gmail.com>
Cc: Bjorn Helgaas <bhelgaas@google.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Davidlohr Bueso <dbueso@suse.de>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Jean-Christophe Plagniol-Villard <plagnioj@jcrosoft.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Mike Travis <travis@sgi.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Suresh Siddha <sbsiddha@gmail.com>
Cc: Thierry Reding <treding@nvidia.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tomi Valkeinen <tomi.valkeinen@ti.com>
Cc: Toshi Kani <toshi.kani@hp.com>
Cc: Ville Syrjälä <syrjala@sci.fi>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Will Deacon <will.deacon@arm.com>
Cc: linux-fbdev@vger.kernel.org
Link: http://lkml.kernel.org/r/1430343851-967-2-git-send-email-mcgrof@do-not-panic.com
Link: http://lkml.kernel.org/r/1431332153-18566-9-git-send-email-bp@alien8.de
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2015-05-11 15:15:53 +07:00
|
|
|
* If you really need strong UC use ioremap_uc(), but note
|
|
|
|
* that you cannot override IO areas with set_memory_*() as
|
|
|
|
* these helpers cannot work with IO memory.
|
2008-04-26 07:07:22 +07:00
|
|
|
*/
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_set(&addr, numpages,
|
2014-11-03 20:01:57 +07:00
|
|
|
cachemode2pgprot(_PAGE_CACHE_MODE_UC_MINUS),
|
|
|
|
0);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
2008-03-19 07:00:18 +07:00
|
|
|
|
|
|
|
int set_memory_uc(unsigned long addr, int numpages)
|
|
|
|
{
|
2009-04-10 04:26:49 +07:00
|
|
|
int ret;
|
|
|
|
|
2008-04-26 07:07:22 +07:00
|
|
|
/*
|
|
|
|
* for now UC MINUS. see comments in ioremap_nocache()
|
|
|
|
*/
|
2009-04-10 04:26:49 +07:00
|
|
|
ret = reserve_memtype(__pa(addr), __pa(addr) + numpages * PAGE_SIZE,
|
2014-11-03 20:01:59 +07:00
|
|
|
_PAGE_CACHE_MODE_UC_MINUS, NULL);
|
2009-04-10 04:26:49 +07:00
|
|
|
if (ret)
|
|
|
|
goto out_err;
|
|
|
|
|
|
|
|
ret = _set_memory_uc(addr, numpages);
|
|
|
|
if (ret)
|
|
|
|
goto out_free;
|
|
|
|
|
|
|
|
return 0;
|
2008-03-19 07:00:18 +07:00
|
|
|
|
2009-04-10 04:26:49 +07:00
|
|
|
out_free:
|
|
|
|
free_memtype(__pa(addr), __pa(addr) + numpages * PAGE_SIZE);
|
|
|
|
out_err:
|
|
|
|
return ret;
|
2008-03-19 07:00:18 +07:00
|
|
|
}
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
EXPORT_SYMBOL(set_memory_uc);
|
|
|
|
|
2011-11-16 05:49:00 +07:00
|
|
|
static int _set_memory_array(unsigned long *addr, int addrinarray,
|
2014-11-03 20:01:57 +07:00
|
|
|
enum page_cache_mode new_type)
|
2008-08-21 09:46:06 +07:00
|
|
|
{
|
2015-06-04 23:55:20 +07:00
|
|
|
enum page_cache_mode set_type;
|
2009-04-10 04:26:49 +07:00
|
|
|
int i, j;
|
|
|
|
int ret;
|
|
|
|
|
2008-08-21 09:46:06 +07:00
|
|
|
for (i = 0; i < addrinarray; i++) {
|
2009-04-10 04:26:49 +07:00
|
|
|
ret = reserve_memtype(__pa(addr[i]), __pa(addr[i]) + PAGE_SIZE,
|
2010-04-01 19:45:01 +07:00
|
|
|
new_type, NULL);
|
2009-04-10 04:26:49 +07:00
|
|
|
if (ret)
|
|
|
|
goto out_free;
|
2008-08-21 09:46:06 +07:00
|
|
|
}
|
|
|
|
|
2015-06-04 23:55:20 +07:00
|
|
|
/* If WC, set to UC- first and then WC */
|
|
|
|
set_type = (new_type == _PAGE_CACHE_MODE_WC) ?
|
|
|
|
_PAGE_CACHE_MODE_UC_MINUS : new_type;
|
|
|
|
|
2009-04-10 04:26:49 +07:00
|
|
|
ret = change_page_attr_set(addr, addrinarray,
|
2015-06-04 23:55:20 +07:00
|
|
|
cachemode2pgprot(set_type), 1);
|
2010-04-01 19:45:01 +07:00
|
|
|
|
2014-11-03 20:01:57 +07:00
|
|
|
if (!ret && new_type == _PAGE_CACHE_MODE_WC)
|
2010-04-01 19:45:01 +07:00
|
|
|
ret = change_page_attr_set_clr(addr, addrinarray,
|
2014-11-03 20:01:57 +07:00
|
|
|
cachemode2pgprot(
|
|
|
|
_PAGE_CACHE_MODE_WC),
|
2010-04-01 19:45:01 +07:00
|
|
|
__pgprot(_PAGE_CACHE_MASK),
|
|
|
|
0, CPA_ARRAY, NULL);
|
2009-04-10 04:26:49 +07:00
|
|
|
if (ret)
|
|
|
|
goto out_free;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
out_free:
|
|
|
|
for (j = 0; j < i; j++)
|
|
|
|
free_memtype(__pa(addr[j]), __pa(addr[j]) + PAGE_SIZE);
|
|
|
|
|
|
|
|
return ret;
|
2008-08-21 09:46:06 +07:00
|
|
|
}
|
2010-04-01 19:45:01 +07:00
|
|
|
|
|
|
|
int set_memory_array_uc(unsigned long *addr, int addrinarray)
|
|
|
|
{
|
2014-11-03 20:01:57 +07:00
|
|
|
return _set_memory_array(addr, addrinarray, _PAGE_CACHE_MODE_UC_MINUS);
|
2010-04-01 19:45:01 +07:00
|
|
|
}
|
2008-08-21 09:46:06 +07:00
|
|
|
EXPORT_SYMBOL(set_memory_array_uc);
|
|
|
|
|
2010-04-01 19:45:01 +07:00
|
|
|
int set_memory_array_wc(unsigned long *addr, int addrinarray)
|
|
|
|
{
|
2014-11-03 20:01:57 +07:00
|
|
|
return _set_memory_array(addr, addrinarray, _PAGE_CACHE_MODE_WC);
|
2010-04-01 19:45:01 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_memory_array_wc);
|
|
|
|
|
2015-06-04 23:55:20 +07:00
|
|
|
int set_memory_array_wt(unsigned long *addr, int addrinarray)
|
|
|
|
{
|
|
|
|
return _set_memory_array(addr, addrinarray, _PAGE_CACHE_MODE_WT);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(set_memory_array_wt);
|
|
|
|
|
2008-03-19 07:00:23 +07:00
|
|
|
int _set_memory_wc(unsigned long addr, int numpages)
|
|
|
|
{
|
2009-04-10 04:26:50 +07:00
|
|
|
int ret;
|
x86, pat: Fix set_memory_wc related corruption
Changeset 3869c4aa18835c8c61b44bd0f3ace36e9d3b5bd0
that went in after 2.6.30-rc1 was a seemingly small change to _set_memory_wc()
to make it complaint with SDM requirements. But, introduced a nasty bug, which
can result in crash and/or strange corruptions when set_memory_wc is used.
One such crash reported here
http://lkml.org/lkml/2009/7/30/94
Actually, that changeset introduced two bugs.
* change_page_attr_set() takes &addr as first argument and can the addr value
might have changed on return, even for single page change_page_attr_set()
call. That will make the second change_page_attr_set() in this routine
operate on unrelated addr, that can eventually cause strange corruptions
and bad page state crash.
* The second change_page_attr_set() call, before setting _PAGE_CACHE_WC, should
clear the earlier _PAGE_CACHE_UC_MINUS, as otherwise cache attribute will not
be WC (will be UC instead).
The patch below fixes both these problems. Sending a single patch to fix both
the problems, as the change is to the same line of code. The change to have a
addr_copy is not very clean. But, it is simpler than making more changes
through various routines in pageattr.c.
A huge thanks to Jerome for reporting this problem and providing a simple test
case that helped us root cause the problem.
Reported-by: Jerome Glisse <glisse@freedesktop.org>
Signed-off-by: Venkatesh Pallipadi <venkatesh.pallipadi@intel.com>
Signed-off-by: Suresh Siddha <suresh.b.siddha@intel.com>
LKML-Reference: <20090730214319.GA1889@linux-os.sc.intel.com>
Acked-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2009-07-31 04:43:19 +07:00
|
|
|
unsigned long addr_copy = addr;
|
|
|
|
|
2009-04-10 04:26:50 +07:00
|
|
|
ret = change_page_attr_set(&addr, numpages,
|
2014-11-03 20:01:57 +07:00
|
|
|
cachemode2pgprot(_PAGE_CACHE_MODE_UC_MINUS),
|
|
|
|
0);
|
2009-04-10 04:26:50 +07:00
|
|
|
if (!ret) {
|
x86, pat: Fix set_memory_wc related corruption
Changeset 3869c4aa18835c8c61b44bd0f3ace36e9d3b5bd0
that went in after 2.6.30-rc1 was a seemingly small change to _set_memory_wc()
to make it complaint with SDM requirements. But, introduced a nasty bug, which
can result in crash and/or strange corruptions when set_memory_wc is used.
One such crash reported here
http://lkml.org/lkml/2009/7/30/94
Actually, that changeset introduced two bugs.
* change_page_attr_set() takes &addr as first argument and can the addr value
might have changed on return, even for single page change_page_attr_set()
call. That will make the second change_page_attr_set() in this routine
operate on unrelated addr, that can eventually cause strange corruptions
and bad page state crash.
* The second change_page_attr_set() call, before setting _PAGE_CACHE_WC, should
clear the earlier _PAGE_CACHE_UC_MINUS, as otherwise cache attribute will not
be WC (will be UC instead).
The patch below fixes both these problems. Sending a single patch to fix both
the problems, as the change is to the same line of code. The change to have a
addr_copy is not very clean. But, it is simpler than making more changes
through various routines in pageattr.c.
A huge thanks to Jerome for reporting this problem and providing a simple test
case that helped us root cause the problem.
Reported-by: Jerome Glisse <glisse@freedesktop.org>
Signed-off-by: Venkatesh Pallipadi <venkatesh.pallipadi@intel.com>
Signed-off-by: Suresh Siddha <suresh.b.siddha@intel.com>
LKML-Reference: <20090730214319.GA1889@linux-os.sc.intel.com>
Acked-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2009-07-31 04:43:19 +07:00
|
|
|
ret = change_page_attr_set_clr(&addr_copy, numpages,
|
2014-11-03 20:01:57 +07:00
|
|
|
cachemode2pgprot(
|
|
|
|
_PAGE_CACHE_MODE_WC),
|
x86, pat: Fix set_memory_wc related corruption
Changeset 3869c4aa18835c8c61b44bd0f3ace36e9d3b5bd0
that went in after 2.6.30-rc1 was a seemingly small change to _set_memory_wc()
to make it complaint with SDM requirements. But, introduced a nasty bug, which
can result in crash and/or strange corruptions when set_memory_wc is used.
One such crash reported here
http://lkml.org/lkml/2009/7/30/94
Actually, that changeset introduced two bugs.
* change_page_attr_set() takes &addr as first argument and can the addr value
might have changed on return, even for single page change_page_attr_set()
call. That will make the second change_page_attr_set() in this routine
operate on unrelated addr, that can eventually cause strange corruptions
and bad page state crash.
* The second change_page_attr_set() call, before setting _PAGE_CACHE_WC, should
clear the earlier _PAGE_CACHE_UC_MINUS, as otherwise cache attribute will not
be WC (will be UC instead).
The patch below fixes both these problems. Sending a single patch to fix both
the problems, as the change is to the same line of code. The change to have a
addr_copy is not very clean. But, it is simpler than making more changes
through various routines in pageattr.c.
A huge thanks to Jerome for reporting this problem and providing a simple test
case that helped us root cause the problem.
Reported-by: Jerome Glisse <glisse@freedesktop.org>
Signed-off-by: Venkatesh Pallipadi <venkatesh.pallipadi@intel.com>
Signed-off-by: Suresh Siddha <suresh.b.siddha@intel.com>
LKML-Reference: <20090730214319.GA1889@linux-os.sc.intel.com>
Acked-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2009-07-31 04:43:19 +07:00
|
|
|
__pgprot(_PAGE_CACHE_MASK),
|
|
|
|
0, 0, NULL);
|
2009-04-10 04:26:50 +07:00
|
|
|
}
|
|
|
|
return ret;
|
2008-03-19 07:00:23 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
int set_memory_wc(unsigned long addr, int numpages)
|
|
|
|
{
|
2009-04-10 04:26:49 +07:00
|
|
|
int ret;
|
|
|
|
|
|
|
|
ret = reserve_memtype(__pa(addr), __pa(addr) + numpages * PAGE_SIZE,
|
2014-11-03 20:01:59 +07:00
|
|
|
_PAGE_CACHE_MODE_WC, NULL);
|
2009-04-10 04:26:49 +07:00
|
|
|
if (ret)
|
2015-06-04 23:55:20 +07:00
|
|
|
return ret;
|
2008-03-19 07:00:23 +07:00
|
|
|
|
2009-04-10 04:26:49 +07:00
|
|
|
ret = _set_memory_wc(addr, numpages);
|
|
|
|
if (ret)
|
2015-06-04 23:55:20 +07:00
|
|
|
free_memtype(__pa(addr), __pa(addr) + numpages * PAGE_SIZE);
|
2009-04-10 04:26:49 +07:00
|
|
|
|
|
|
|
return ret;
|
2008-03-19 07:00:23 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_memory_wc);
|
|
|
|
|
2015-06-04 23:55:20 +07:00
|
|
|
int _set_memory_wt(unsigned long addr, int numpages)
|
|
|
|
{
|
|
|
|
return change_page_attr_set(&addr, numpages,
|
|
|
|
cachemode2pgprot(_PAGE_CACHE_MODE_WT), 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
int set_memory_wt(unsigned long addr, int numpages)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
ret = reserve_memtype(__pa(addr), __pa(addr) + numpages * PAGE_SIZE,
|
|
|
|
_PAGE_CACHE_MODE_WT, NULL);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
ret = _set_memory_wt(addr, numpages);
|
|
|
|
if (ret)
|
|
|
|
free_memtype(__pa(addr), __pa(addr) + numpages * PAGE_SIZE);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(set_memory_wt);
|
|
|
|
|
2008-03-19 07:00:18 +07:00
|
|
|
int _set_memory_wb(unsigned long addr, int numpages)
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
{
|
2014-11-03 20:01:57 +07:00
|
|
|
/* WB cache mode is hard wired to all cache attribute bits being 0 */
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_clear(&addr, numpages,
|
|
|
|
__pgprot(_PAGE_CACHE_MASK), 0);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
2008-03-19 07:00:18 +07:00
|
|
|
|
|
|
|
int set_memory_wb(unsigned long addr, int numpages)
|
|
|
|
{
|
2009-04-10 04:26:49 +07:00
|
|
|
int ret;
|
|
|
|
|
|
|
|
ret = _set_memory_wb(addr, numpages);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
2008-08-21 06:45:51 +07:00
|
|
|
free_memtype(__pa(addr), __pa(addr) + numpages * PAGE_SIZE);
|
2009-04-10 04:26:49 +07:00
|
|
|
return 0;
|
2008-03-19 07:00:18 +07:00
|
|
|
}
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
EXPORT_SYMBOL(set_memory_wb);
|
|
|
|
|
2008-08-21 09:46:06 +07:00
|
|
|
int set_memory_array_wb(unsigned long *addr, int addrinarray)
|
|
|
|
{
|
|
|
|
int i;
|
2009-04-10 04:26:48 +07:00
|
|
|
int ret;
|
|
|
|
|
2014-11-03 20:01:57 +07:00
|
|
|
/* WB cache mode is hard wired to all cache attribute bits being 0 */
|
2009-04-10 04:26:48 +07:00
|
|
|
ret = change_page_attr_clear(addr, addrinarray,
|
|
|
|
__pgprot(_PAGE_CACHE_MASK), 1);
|
2009-04-10 04:26:49 +07:00
|
|
|
if (ret)
|
|
|
|
return ret;
|
2008-08-21 09:46:06 +07:00
|
|
|
|
2009-04-10 04:26:49 +07:00
|
|
|
for (i = 0; i < addrinarray; i++)
|
|
|
|
free_memtype(__pa(addr[i]), __pa(addr[i]) + PAGE_SIZE);
|
2008-08-22 06:02:20 +07:00
|
|
|
|
2009-04-10 04:26:49 +07:00
|
|
|
return 0;
|
2008-08-21 09:46:06 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_memory_array_wb);
|
|
|
|
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
int set_memory_x(unsigned long addr, int numpages)
|
|
|
|
{
|
2009-11-14 06:28:15 +07:00
|
|
|
if (!(__supported_pte_mask & _PAGE_NX))
|
|
|
|
return 0;
|
|
|
|
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_clear(&addr, numpages, __pgprot(_PAGE_NX), 0);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_memory_x);
|
|
|
|
|
|
|
|
int set_memory_nx(unsigned long addr, int numpages)
|
|
|
|
{
|
2009-11-14 06:28:15 +07:00
|
|
|
if (!(__supported_pte_mask & _PAGE_NX))
|
|
|
|
return 0;
|
|
|
|
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_set(&addr, numpages, __pgprot(_PAGE_NX), 0);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_memory_nx);
|
|
|
|
|
|
|
|
int set_memory_ro(unsigned long addr, int numpages)
|
|
|
|
{
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_clear(&addr, numpages, __pgprot(_PAGE_RW), 0);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
int set_memory_rw(unsigned long addr, int numpages)
|
|
|
|
{
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_set(&addr, numpages, __pgprot(_PAGE_RW), 0);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
2008-01-30 19:34:07 +07:00
|
|
|
|
|
|
|
int set_memory_np(unsigned long addr, int numpages)
|
|
|
|
{
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_clear(&addr, numpages, __pgprot(_PAGE_PRESENT), 0);
|
2008-01-30 19:34:07 +07:00
|
|
|
}
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
|
x86/mm/init: Remove freed kernel image areas from alias mapping
The kernel image is mapped into two places in the virtual address space
(addresses without KASLR, of course):
1. The kernel direct map (0xffff880000000000)
2. The "high kernel map" (0xffffffff81000000)
We actually execute out of #2. If we get the address of a kernel symbol,
it points to #2, but almost all physical-to-virtual translations point to
Parts of the "high kernel map" alias are mapped in the userspace page
tables with the Global bit for performance reasons. The parts that we map
to userspace do not (er, should not) have secrets. When PTI is enabled then
the global bit is usually not set in the high mapping and just used to
compensate for poor performance on systems which lack PCID.
This is fine, except that some areas in the kernel image that are adjacent
to the non-secret-containing areas are unused holes. We free these holes
back into the normal page allocator and reuse them as normal kernel memory.
The memory will, of course, get *used* via the normal map, but the alias
mapping is kept.
This otherwise unused alias mapping of the holes will, by default keep the
Global bit, be mapped out to userspace, and be vulnerable to Meltdown.
Remove the alias mapping of these pages entirely. This is likely to
fracture the 2M page mapping the kernel image near these areas, but this
should affect a minority of the area.
The pageattr code changes *all* aliases mapping the physical pages that it
operates on (by default). We only want to modify a single alias, so we
need to tweak its behavior.
This unmapping behavior is currently dependent on PTI being in place.
Going forward, we should at least consider doing this for all
configurations. Having an extra read-write alias for memory is not exactly
ideal for debugging things like random memory corruption and this does
undercut features like DEBUG_PAGEALLOC or future work like eXclusive Page
Frame Ownership (XPFO).
Before this patch:
current_kernel:---[ High Kernel Mapping ]---
current_kernel-0xffffffff80000000-0xffffffff81000000 16M pmd
current_kernel-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_kernel-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_kernel-0xffffffff81e11000-0xffffffff82000000 1980K RW NX pte
current_kernel-0xffffffff82000000-0xffffffff82600000 6M ro PSE GLB NX pmd
current_kernel-0xffffffff82600000-0xffffffff82c00000 6M RW PSE NX pmd
current_kernel-0xffffffff82c00000-0xffffffff82e00000 2M RW NX pte
current_kernel-0xffffffff82e00000-0xffffffff83200000 4M RW PSE NX pmd
current_kernel-0xffffffff83200000-0xffffffffa0000000 462M pmd
current_user:---[ High Kernel Mapping ]---
current_user-0xffffffff80000000-0xffffffff81000000 16M pmd
current_user-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_user-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_user-0xffffffff81e11000-0xffffffff82000000 1980K RW NX pte
current_user-0xffffffff82000000-0xffffffff82600000 6M ro PSE GLB NX pmd
current_user-0xffffffff82600000-0xffffffffa0000000 474M pmd
After this patch:
current_kernel:---[ High Kernel Mapping ]---
current_kernel-0xffffffff80000000-0xffffffff81000000 16M pmd
current_kernel-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_kernel-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_kernel-0xffffffff81e11000-0xffffffff82000000 1980K pte
current_kernel-0xffffffff82000000-0xffffffff82400000 4M ro PSE GLB NX pmd
current_kernel-0xffffffff82400000-0xffffffff82488000 544K ro NX pte
current_kernel-0xffffffff82488000-0xffffffff82600000 1504K pte
current_kernel-0xffffffff82600000-0xffffffff82c00000 6M RW PSE NX pmd
current_kernel-0xffffffff82c00000-0xffffffff82c0d000 52K RW NX pte
current_kernel-0xffffffff82c0d000-0xffffffff82dc0000 1740K pte
current_user:---[ High Kernel Mapping ]---
current_user-0xffffffff80000000-0xffffffff81000000 16M pmd
current_user-0xffffffff81000000-0xffffffff81e00000 14M ro PSE GLB x pmd
current_user-0xffffffff81e00000-0xffffffff81e11000 68K ro GLB x pte
current_user-0xffffffff81e11000-0xffffffff82000000 1980K pte
current_user-0xffffffff82000000-0xffffffff82400000 4M ro PSE GLB NX pmd
current_user-0xffffffff82400000-0xffffffff82488000 544K ro NX pte
current_user-0xffffffff82488000-0xffffffff82600000 1504K pte
current_user-0xffffffff82600000-0xffffffffa0000000 474M pmd
[ tglx: Do not unmap on 32bit as there is only one mapping ]
Fixes: 0f561fce4d69 ("x86/pti: Enable global pages for shared areas")
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Kees Cook <keescook@google.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Joerg Roedel <jroedel@suse.de>
Link: https://lkml.kernel.org/r/20180802225831.5F6A2BFC@viggo.jf.intel.com
2018-08-03 05:58:31 +07:00
|
|
|
int set_memory_np_noalias(unsigned long addr, int numpages)
|
|
|
|
{
|
|
|
|
int cpa_flags = CPA_NO_CHECK_ALIAS;
|
|
|
|
|
|
|
|
return change_page_attr_set_clr(&addr, numpages, __pgprot(0),
|
|
|
|
__pgprot(_PAGE_PRESENT), 0,
|
|
|
|
cpa_flags, NULL);
|
|
|
|
}
|
|
|
|
|
2008-03-12 09:53:29 +07:00
|
|
|
int set_memory_4k(unsigned long addr, int numpages)
|
|
|
|
{
|
2008-08-21 09:46:06 +07:00
|
|
|
return change_page_attr_set_clr(&addr, numpages, __pgprot(0),
|
2009-03-20 04:51:14 +07:00
|
|
|
__pgprot(0), 1, 0, NULL);
|
2008-03-12 09:53:29 +07:00
|
|
|
}
|
|
|
|
|
x86/pti: Never implicitly clear _PAGE_GLOBAL for kernel image
Summary:
In current kernels, with PTI enabled, no pages are marked Global. This
potentially increases TLB misses. But, the mechanism by which the Global
bit is set and cleared is rather haphazard. This patch makes the process
more explicit. In the end, it leaves us with Global entries in the page
tables for the areas truly shared by userspace and kernel and increases
TLB hit rates.
The place this patch really shines in on systems without PCIDs. In this
case, we are using an lseek microbenchmark[1] to see how a reasonably
non-trivial syscall behaves. Higher is better:
No Global pages (baseline): 6077741 lseeks/sec
88 Global Pages (this set): 7528609 lseeks/sec (+23.9%)
On a modern Skylake desktop with PCIDs, the benefits are tangible, but not
huge for a kernel compile (lower is better):
No Global pages (baseline): 186.951 seconds time elapsed ( +- 0.35% )
28 Global pages (this set): 185.756 seconds time elapsed ( +- 0.09% )
-1.195 seconds (-0.64%)
I also re-checked everything using the lseek1 test[1]:
No Global pages (baseline): 15783951 lseeks/sec
28 Global pages (this set): 16054688 lseeks/sec
+270737 lseeks/sec (+1.71%)
The effect is more visible, but still modest.
Details:
The kernel page tables are inherited from head_64.S which rudely marks
them as _PAGE_GLOBAL. For PTI, we have been relying on the grace of
$DEITY and some insane behavior in pageattr.c to clear _PAGE_GLOBAL.
This patch tries to do better.
First, stop filtering out "unsupported" bits from being cleared in the
pageattr code. It's fine to filter out *setting* these bits but it
is insane to keep us from clearing them.
Then, *explicitly* go clear _PAGE_GLOBAL from the kernel identity map.
Do not rely on pageattr to do it magically.
After this patch, we can see that "GLB" shows up in each copy of the
page tables, that we have the same number of global entries in each
and that they are the *same* entries.
/sys/kernel/debug/page_tables/current_kernel:11
/sys/kernel/debug/page_tables/current_user:11
/sys/kernel/debug/page_tables/kernel:11
9caae8ad6a1fb53aca2407ec037f612d current_kernel.GLB
9caae8ad6a1fb53aca2407ec037f612d current_user.GLB
9caae8ad6a1fb53aca2407ec037f612d kernel.GLB
A quick visual audit also shows that all the entries make sense.
0xfffffe0000000000 is the cpu_entry_area and 0xffffffff81c00000
is the entry/exit text:
0xfffffe0000000000-0xfffffe0000002000 8K ro GLB NX pte
0xfffffe0000002000-0xfffffe0000003000 4K RW GLB NX pte
0xfffffe0000003000-0xfffffe0000006000 12K ro GLB NX pte
0xfffffe0000006000-0xfffffe0000007000 4K ro GLB x pte
0xfffffe0000007000-0xfffffe000000d000 24K RW GLB NX pte
0xfffffe000002d000-0xfffffe000002e000 4K ro GLB NX pte
0xfffffe000002e000-0xfffffe000002f000 4K RW GLB NX pte
0xfffffe000002f000-0xfffffe0000032000 12K ro GLB NX pte
0xfffffe0000032000-0xfffffe0000033000 4K ro GLB x pte
0xfffffe0000033000-0xfffffe0000039000 24K RW GLB NX pte
0xffffffff81c00000-0xffffffff81e00000 2M ro PSE GLB x pmd
[1.] https://github.com/antonblanchard/will-it-scale/blob/master/tests/lseek1.c
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kees Cook <keescook@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Nadav Amit <namit@vmware.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/20180406205517.C80FBE05@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2018-04-07 03:55:17 +07:00
|
|
|
int set_memory_nonglobal(unsigned long addr, int numpages)
|
|
|
|
{
|
|
|
|
return change_page_attr_clear(&addr, numpages,
|
|
|
|
__pgprot(_PAGE_GLOBAL), 0);
|
|
|
|
}
|
|
|
|
|
2018-08-03 05:58:25 +07:00
|
|
|
int set_memory_global(unsigned long addr, int numpages)
|
|
|
|
{
|
|
|
|
return change_page_attr_set(&addr, numpages,
|
|
|
|
__pgprot(_PAGE_GLOBAL), 0);
|
|
|
|
}
|
|
|
|
|
2017-07-18 04:10:19 +07:00
|
|
|
static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc)
|
|
|
|
{
|
|
|
|
struct cpa_data cpa;
|
|
|
|
unsigned long start;
|
|
|
|
int ret;
|
|
|
|
|
2017-10-20 21:30:48 +07:00
|
|
|
/* Nothing to do if memory encryption is not active */
|
|
|
|
if (!mem_encrypt_active())
|
2017-07-18 04:10:19 +07:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
/* Should not be working on unaligned addresses */
|
|
|
|
if (WARN_ONCE(addr & ~PAGE_MASK, "misaligned address: %#lx\n", addr))
|
|
|
|
addr &= PAGE_MASK;
|
|
|
|
|
|
|
|
start = addr;
|
|
|
|
|
|
|
|
memset(&cpa, 0, sizeof(cpa));
|
|
|
|
cpa.vaddr = &addr;
|
|
|
|
cpa.numpages = numpages;
|
|
|
|
cpa.mask_set = enc ? __pgprot(_PAGE_ENC) : __pgprot(0);
|
|
|
|
cpa.mask_clr = enc ? __pgprot(0) : __pgprot(_PAGE_ENC);
|
|
|
|
cpa.pgd = init_mm.pgd;
|
|
|
|
|
|
|
|
/* Must avoid aliasing mappings in the highmem code */
|
|
|
|
kmap_flush_unused();
|
|
|
|
vm_unmap_aliases();
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Before changing the encryption attribute, we need to flush caches.
|
|
|
|
*/
|
|
|
|
if (static_cpu_has(X86_FEATURE_CLFLUSH))
|
|
|
|
cpa_flush_range(start, numpages, 1);
|
|
|
|
else
|
|
|
|
cpa_flush_all(1);
|
|
|
|
|
|
|
|
ret = __change_page_attr_set_clr(&cpa, 1);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* After changing the encryption attribute, we need to flush TLBs
|
|
|
|
* again in case any speculative TLB caching occurred (but no need
|
|
|
|
* to flush caches again). We could just use cpa_flush_all(), but
|
|
|
|
* in case TLB flushing gets optimized in the cpa_flush_range()
|
|
|
|
* path use the same logic as above.
|
|
|
|
*/
|
|
|
|
if (static_cpu_has(X86_FEATURE_CLFLUSH))
|
|
|
|
cpa_flush_range(start, numpages, 0);
|
|
|
|
else
|
|
|
|
cpa_flush_all(0);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
int set_memory_encrypted(unsigned long addr, int numpages)
|
|
|
|
{
|
|
|
|
return __set_memory_enc_dec(addr, numpages, true);
|
|
|
|
}
|
2017-07-18 04:10:26 +07:00
|
|
|
EXPORT_SYMBOL_GPL(set_memory_encrypted);
|
2017-07-18 04:10:19 +07:00
|
|
|
|
|
|
|
int set_memory_decrypted(unsigned long addr, int numpages)
|
|
|
|
{
|
|
|
|
return __set_memory_enc_dec(addr, numpages, false);
|
|
|
|
}
|
2017-07-18 04:10:26 +07:00
|
|
|
EXPORT_SYMBOL_GPL(set_memory_decrypted);
|
2017-07-18 04:10:19 +07:00
|
|
|
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
int set_pages_uc(struct page *page, int numpages)
|
|
|
|
{
|
|
|
|
unsigned long addr = (unsigned long)page_address(page);
|
|
|
|
|
2008-01-30 19:34:07 +07:00
|
|
|
return set_memory_uc(addr, numpages);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_pages_uc);
|
|
|
|
|
2010-04-01 19:45:01 +07:00
|
|
|
static int _set_pages_array(struct page **pages, int addrinarray,
|
2014-11-03 20:01:57 +07:00
|
|
|
enum page_cache_mode new_type)
|
2009-03-20 04:51:15 +07:00
|
|
|
{
|
|
|
|
unsigned long start;
|
|
|
|
unsigned long end;
|
2015-06-04 23:55:20 +07:00
|
|
|
enum page_cache_mode set_type;
|
2009-03-20 04:51:15 +07:00
|
|
|
int i;
|
|
|
|
int free_idx;
|
2010-04-01 19:45:01 +07:00
|
|
|
int ret;
|
2009-03-20 04:51:15 +07:00
|
|
|
|
|
|
|
for (i = 0; i < addrinarray; i++) {
|
2009-08-03 14:25:45 +07:00
|
|
|
if (PageHighMem(pages[i]))
|
|
|
|
continue;
|
|
|
|
start = page_to_pfn(pages[i]) << PAGE_SHIFT;
|
2009-03-20 04:51:15 +07:00
|
|
|
end = start + PAGE_SIZE;
|
2010-04-01 19:45:01 +07:00
|
|
|
if (reserve_memtype(start, end, new_type, NULL))
|
2009-03-20 04:51:15 +07:00
|
|
|
goto err_out;
|
|
|
|
}
|
|
|
|
|
2015-06-04 23:55:20 +07:00
|
|
|
/* If WC, set to UC- first and then WC */
|
|
|
|
set_type = (new_type == _PAGE_CACHE_MODE_WC) ?
|
|
|
|
_PAGE_CACHE_MODE_UC_MINUS : new_type;
|
|
|
|
|
2010-04-01 19:45:01 +07:00
|
|
|
ret = cpa_set_pages_array(pages, addrinarray,
|
2015-06-04 23:55:20 +07:00
|
|
|
cachemode2pgprot(set_type));
|
2014-11-03 20:01:57 +07:00
|
|
|
if (!ret && new_type == _PAGE_CACHE_MODE_WC)
|
2010-04-01 19:45:01 +07:00
|
|
|
ret = change_page_attr_set_clr(NULL, addrinarray,
|
2014-11-03 20:01:57 +07:00
|
|
|
cachemode2pgprot(
|
|
|
|
_PAGE_CACHE_MODE_WC),
|
2010-04-01 19:45:01 +07:00
|
|
|
__pgprot(_PAGE_CACHE_MASK),
|
|
|
|
0, CPA_PAGES_ARRAY, pages);
|
|
|
|
if (ret)
|
|
|
|
goto err_out;
|
|
|
|
return 0; /* Success */
|
2009-03-20 04:51:15 +07:00
|
|
|
err_out:
|
|
|
|
free_idx = i;
|
|
|
|
for (i = 0; i < free_idx; i++) {
|
2009-08-03 14:25:45 +07:00
|
|
|
if (PageHighMem(pages[i]))
|
|
|
|
continue;
|
|
|
|
start = page_to_pfn(pages[i]) << PAGE_SHIFT;
|
2009-03-20 04:51:15 +07:00
|
|
|
end = start + PAGE_SIZE;
|
|
|
|
free_memtype(start, end);
|
|
|
|
}
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
2010-04-01 19:45:01 +07:00
|
|
|
|
|
|
|
int set_pages_array_uc(struct page **pages, int addrinarray)
|
|
|
|
{
|
2014-11-03 20:01:57 +07:00
|
|
|
return _set_pages_array(pages, addrinarray, _PAGE_CACHE_MODE_UC_MINUS);
|
2010-04-01 19:45:01 +07:00
|
|
|
}
|
2009-03-20 04:51:15 +07:00
|
|
|
EXPORT_SYMBOL(set_pages_array_uc);
|
|
|
|
|
2010-04-01 19:45:01 +07:00
|
|
|
int set_pages_array_wc(struct page **pages, int addrinarray)
|
|
|
|
{
|
2014-11-03 20:01:57 +07:00
|
|
|
return _set_pages_array(pages, addrinarray, _PAGE_CACHE_MODE_WC);
|
2010-04-01 19:45:01 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_pages_array_wc);
|
|
|
|
|
2015-06-04 23:55:20 +07:00
|
|
|
int set_pages_array_wt(struct page **pages, int addrinarray)
|
|
|
|
{
|
|
|
|
return _set_pages_array(pages, addrinarray, _PAGE_CACHE_MODE_WT);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(set_pages_array_wt);
|
|
|
|
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
int set_pages_wb(struct page *page, int numpages)
|
|
|
|
{
|
|
|
|
unsigned long addr = (unsigned long)page_address(page);
|
|
|
|
|
2008-01-30 19:34:07 +07:00
|
|
|
return set_memory_wb(addr, numpages);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_pages_wb);
|
|
|
|
|
2009-03-20 04:51:15 +07:00
|
|
|
int set_pages_array_wb(struct page **pages, int addrinarray)
|
|
|
|
{
|
|
|
|
int retval;
|
|
|
|
unsigned long start;
|
|
|
|
unsigned long end;
|
|
|
|
int i;
|
|
|
|
|
2014-11-03 20:01:57 +07:00
|
|
|
/* WB cache mode is hard wired to all cache attribute bits being 0 */
|
2009-03-20 04:51:15 +07:00
|
|
|
retval = cpa_clear_pages_array(pages, addrinarray,
|
|
|
|
__pgprot(_PAGE_CACHE_MASK));
|
2009-04-10 04:26:49 +07:00
|
|
|
if (retval)
|
|
|
|
return retval;
|
2009-03-20 04:51:15 +07:00
|
|
|
|
|
|
|
for (i = 0; i < addrinarray; i++) {
|
2009-08-03 14:25:45 +07:00
|
|
|
if (PageHighMem(pages[i]))
|
|
|
|
continue;
|
|
|
|
start = page_to_pfn(pages[i]) << PAGE_SHIFT;
|
2009-03-20 04:51:15 +07:00
|
|
|
end = start + PAGE_SIZE;
|
|
|
|
free_memtype(start, end);
|
|
|
|
}
|
|
|
|
|
2009-04-10 04:26:49 +07:00
|
|
|
return 0;
|
2009-03-20 04:51:15 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_pages_array_wb);
|
|
|
|
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
int set_pages_x(struct page *page, int numpages)
|
|
|
|
{
|
|
|
|
unsigned long addr = (unsigned long)page_address(page);
|
|
|
|
|
2008-01-30 19:34:07 +07:00
|
|
|
return set_memory_x(addr, numpages);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_pages_x);
|
|
|
|
|
|
|
|
int set_pages_nx(struct page *page, int numpages)
|
|
|
|
{
|
|
|
|
unsigned long addr = (unsigned long)page_address(page);
|
|
|
|
|
2008-01-30 19:34:07 +07:00
|
|
|
return set_memory_nx(addr, numpages);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(set_pages_nx);
|
|
|
|
|
|
|
|
int set_pages_ro(struct page *page, int numpages)
|
|
|
|
{
|
|
|
|
unsigned long addr = (unsigned long)page_address(page);
|
|
|
|
|
2008-01-30 19:34:07 +07:00
|
|
|
return set_memory_ro(addr, numpages);
|
x86: a new API for drivers/etc to control cache and other page attributes
Right now, if drivers or other code want to change, say, a cache attribute of a
page, the only API they have is change_page_attr(). c-p-a is a really bad API
for this, because it forces the caller to know *ALL* the attributes he wants
for the page, not just the 1 thing he wants to change. So code that wants to
set a page uncachable, needs to be aware of the NX status as well etc etc etc.
This patch introduces a set of new APIs for this, set_pages_<attr> and
set_memory_<attr>, that offer a logical change to the user, and leave all
attributes not implied by the requested logical change alone.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-01-30 19:34:06 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
int set_pages_rw(struct page *page, int numpages)
|
|
|
|
{
|
|
|
|
unsigned long addr = (unsigned long)page_address(page);
|
2008-01-30 19:34:06 +07:00
|
|
|
|
2008-01-30 19:34:07 +07:00
|
|
|
return set_memory_rw(addr, numpages);
|
2008-01-30 19:33:55 +07:00
|
|
|
}
|
|
|
|
|
2005-04-17 05:20:36 +07:00
|
|
|
#ifdef CONFIG_DEBUG_PAGEALLOC
|
2008-01-30 19:34:07 +07:00
|
|
|
|
|
|
|
static int __set_pages_p(struct page *page, int numpages)
|
|
|
|
{
|
2008-08-21 09:46:06 +07:00
|
|
|
unsigned long tempaddr = (unsigned long) page_address(page);
|
|
|
|
struct cpa_data cpa = { .vaddr = &tempaddr,
|
2013-10-31 23:25:07 +07:00
|
|
|
.pgd = NULL,
|
2008-02-04 22:48:07 +07:00
|
|
|
.numpages = numpages,
|
|
|
|
.mask_set = __pgprot(_PAGE_PRESENT | _PAGE_RW),
|
2008-08-21 09:46:06 +07:00
|
|
|
.mask_clr = __pgprot(0),
|
|
|
|
.flags = 0};
|
2008-01-30 19:34:08 +07:00
|
|
|
|
2008-09-24 04:00:40 +07:00
|
|
|
/*
|
|
|
|
* No alias checking needed for setting present flag. otherwise,
|
|
|
|
* we may need to break large pages for 64-bit kernel text
|
|
|
|
* mappings (this adds to complexity if we want to do this from
|
|
|
|
* atomic context especially). Let's keep it simple!
|
|
|
|
*/
|
|
|
|
return __change_page_attr_set_clr(&cpa, 0);
|
2008-01-30 19:34:07 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
static int __set_pages_np(struct page *page, int numpages)
|
|
|
|
{
|
2008-08-21 09:46:06 +07:00
|
|
|
unsigned long tempaddr = (unsigned long) page_address(page);
|
|
|
|
struct cpa_data cpa = { .vaddr = &tempaddr,
|
2013-10-31 23:25:07 +07:00
|
|
|
.pgd = NULL,
|
2008-02-04 22:48:07 +07:00
|
|
|
.numpages = numpages,
|
|
|
|
.mask_set = __pgprot(0),
|
2008-08-21 09:46:06 +07:00
|
|
|
.mask_clr = __pgprot(_PAGE_PRESENT | _PAGE_RW),
|
|
|
|
.flags = 0};
|
2008-01-30 19:34:08 +07:00
|
|
|
|
2008-09-24 04:00:40 +07:00
|
|
|
/*
|
|
|
|
* No alias checking needed for setting not present flag. otherwise,
|
|
|
|
* we may need to break large pages for 64-bit kernel text
|
|
|
|
* mappings (this adds to complexity if we want to do this from
|
|
|
|
* atomic context especially). Let's keep it simple!
|
|
|
|
*/
|
|
|
|
return __change_page_attr_set_clr(&cpa, 0);
|
2008-01-30 19:34:07 +07:00
|
|
|
}
|
|
|
|
|
2014-12-13 07:55:52 +07:00
|
|
|
void __kernel_map_pages(struct page *page, int numpages, int enable)
|
2005-04-17 05:20:36 +07:00
|
|
|
{
|
|
|
|
if (PageHighMem(page))
|
|
|
|
return;
|
2008-01-30 19:33:41 +07:00
|
|
|
if (!enable) {
|
2006-06-27 16:54:49 +07:00
|
|
|
debug_check_no_locks_freed(page_address(page),
|
|
|
|
numpages * PAGE_SIZE);
|
2008-01-30 19:33:41 +07:00
|
|
|
}
|
2006-01-10 06:59:21 +07:00
|
|
|
|
2008-01-30 19:33:41 +07:00
|
|
|
/*
|
2008-02-13 20:09:53 +07:00
|
|
|
* The return value is ignored as the calls cannot fail.
|
2008-09-24 04:00:40 +07:00
|
|
|
* Large pages for identity mappings are not used at boot time
|
|
|
|
* and hence no memory allocations during large page split.
|
2005-04-17 05:20:36 +07:00
|
|
|
*/
|
2008-01-30 19:34:07 +07:00
|
|
|
if (enable)
|
|
|
|
__set_pages_p(page, numpages);
|
|
|
|
else
|
|
|
|
__set_pages_np(page, numpages);
|
2008-01-30 19:33:41 +07:00
|
|
|
|
|
|
|
/*
|
2008-01-30 19:34:04 +07:00
|
|
|
* We should perform an IPI and flush all tlbs,
|
|
|
|
* but that can deadlock->flush only current cpu:
|
2005-04-17 05:20:36 +07:00
|
|
|
*/
|
|
|
|
__flush_tlb_all();
|
2013-04-12 00:59:52 +07:00
|
|
|
|
|
|
|
arch_flush_lazy_mmu_mode();
|
2008-04-17 22:40:45 +07:00
|
|
|
}
|
|
|
|
|
2008-02-20 07:47:44 +07:00
|
|
|
#ifdef CONFIG_HIBERNATION
|
|
|
|
|
|
|
|
bool kernel_page_present(struct page *page)
|
|
|
|
{
|
|
|
|
unsigned int level;
|
|
|
|
pte_t *pte;
|
|
|
|
|
|
|
|
if (PageHighMem(page))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
pte = lookup_address((unsigned long)page_address(page), &level);
|
|
|
|
return (pte_val(*pte) & _PAGE_PRESENT);
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif /* CONFIG_HIBERNATION */
|
|
|
|
|
|
|
|
#endif /* CONFIG_DEBUG_PAGEALLOC */
|
2008-01-30 19:34:07 +07:00
|
|
|
|
2013-10-31 23:25:07 +07:00
|
|
|
int kernel_map_pages_in_pgd(pgd_t *pgd, u64 pfn, unsigned long address,
|
|
|
|
unsigned numpages, unsigned long page_flags)
|
|
|
|
{
|
|
|
|
int retval = -EINVAL;
|
|
|
|
|
|
|
|
struct cpa_data cpa = {
|
|
|
|
.vaddr = &address,
|
|
|
|
.pfn = pfn,
|
|
|
|
.pgd = pgd,
|
|
|
|
.numpages = numpages,
|
|
|
|
.mask_set = __pgprot(0),
|
|
|
|
.mask_clr = __pgprot(0),
|
|
|
|
.flags = 0,
|
|
|
|
};
|
|
|
|
|
|
|
|
if (!(__supported_pte_mask & _PAGE_NX))
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (!(page_flags & _PAGE_NX))
|
|
|
|
cpa.mask_clr = __pgprot(_PAGE_NX);
|
|
|
|
|
2016-02-17 19:36:04 +07:00
|
|
|
if (!(page_flags & _PAGE_RW))
|
|
|
|
cpa.mask_clr = __pgprot(_PAGE_RW);
|
|
|
|
|
2017-07-18 04:10:07 +07:00
|
|
|
if (!(page_flags & _PAGE_ENC))
|
|
|
|
cpa.mask_clr = pgprot_encrypted(cpa.mask_clr);
|
|
|
|
|
2013-10-31 23:25:07 +07:00
|
|
|
cpa.mask_set = __pgprot(_PAGE_PRESENT | page_flags);
|
|
|
|
|
|
|
|
retval = __change_page_attr_set_clr(&cpa, 0);
|
|
|
|
__flush_tlb_all();
|
|
|
|
|
|
|
|
out:
|
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
2008-01-30 19:34:07 +07:00
|
|
|
/*
|
|
|
|
* The testcases use internal knowledge of the implementation that shouldn't
|
|
|
|
* be exposed to the rest of the kernel. Include these directly here.
|
|
|
|
*/
|
|
|
|
#ifdef CONFIG_CPA_DEBUG
|
|
|
|
#include "pageattr-test.c"
|
|
|
|
#endif
|