From patchwork Tue Jul 5 14:26:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Catalin Marinas X-Patchwork-Id: 12906635 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0B04EC43334 for ; Tue, 5 Jul 2022 14:27:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=j5Ic2y7DrAa66tLDsxLgZqmp4z7yDmo/Toewyz41rFY=; b=g8/iM52FTP4x4m u14T46wDNA0gGR+la+m6geSA+ws2koUZoPvWULpu7OO9+c++/PdSCspBs/DorfNgMJZcTm+becYR3 TYulgmpDT3pn/UmuQYZHIW8q975x9mirnj+d+E2cTnVR10/r9SRGmYCxL7uOm6J4tHrKj8++ZqD7L 0viSN57a6wYtJm1cqGROHMoph63+eyr1pfM8etAt0kqoZPzMuEyjGr6jPY5/oBqbYySRiAhBQLe/p X9DhCntkl3DGF47Lgr6VAIDqIOzrZMKBesHCmH/VJbVh0ZyMebZPHDSzXERP0e3rFKV1HqQmQ8wP0 WJRabwoTvzauqmdLo1aw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1o8jVV-000nnB-TV; Tue, 05 Jul 2022 14:26:29 +0000 Received: from dfw.source.kernel.org ([139.178.84.217]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1o8jVS-000nlW-81 for linux-arm-kernel@lists.infradead.org; Tue, 05 Jul 2022 14:26:27 +0000 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id E08D96199F; Tue, 5 Jul 2022 14:26:23 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id DC5ADC341C7; Tue, 5 Jul 2022 14:26:21 +0000 (UTC) From: Catalin Marinas To: Will Deacon , Marc Zyngier , Steven Price , Peter Collingbourne Cc: Vincenzo Frascino , linux-arm-kernel@lists.infradead.org Subject: [PATCH 0/4] arm64: mte: Fix racing on MTE tag initialisation Date: Tue, 5 Jul 2022 15:26:15 +0100 Message-Id: <20220705142619.4135905-1-catalin.marinas@arm.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220705_072626_370228_F8E25680 X-CRM114-Status: GOOD ( 14.32 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org This series aims to fix the races between initialising the tags on a page and setting the PG_mte_tagged flag. Currently the flag is set either before or after that tag initialisation and this can lead to CoW copying stale tags. The first patch moves the flag setting after the tags have been initialised, solving the CoW issue. However, concurrent mprotect() on a shared mapping may (very rarely) lead to valid tags being zeroed. The second skips the sanitise_mte_tags() call in kvm_set_spte_gfn(), deferring it to user_mem_abort(). The outcome is that no sanitise_mte_tags() can be simplified to skip the pfn_to_online_page() check and only rely on VM_MTE_ALLOWED vma flag that can be checked in user_mem_abort(). The third and fourth patches use PG_arch_3 as a lock for page tagging, based on Peter Collingbourne's idea of a two-bit lock. I think the first patch can be queued but the rest needs some in depth review and test. With this series (if correct) we could allos MAP_SHARED on KVM guest memory but this is to be discussed separately as there are some KVM ABI implications. Thanks, Catalin Catalin Marinas (3): arm64: mte: Fix/clarify the PG_mte_tagged semantics KVM: arm64: Simplify the sanitise_mte_tags() logic arm64: mte: Lock a page for MTE tag initialisation Peter Collingbourne (1): mm: Add PG_arch_3 page flag arch/arm64/include/asm/mte.h | 62 ++++++++++++++++++++++++++++++++ arch/arm64/include/asm/pgtable.h | 3 +- arch/arm64/kernel/cpufeature.c | 4 ++- arch/arm64/kernel/elfcore.c | 2 +- arch/arm64/kernel/hibernate.c | 2 +- arch/arm64/kernel/mte.c | 17 +++++---- arch/arm64/kvm/guest.c | 18 ++++++---- arch/arm64/kvm/mmu.c | 42 +++++++++------------- arch/arm64/mm/copypage.c | 6 ++-- arch/arm64/mm/fault.c | 4 ++- arch/arm64/mm/mteswap.c | 5 ++- fs/proc/page.c | 1 + include/linux/page-flags.h | 1 + include/trace/events/mmflags.h | 7 ++-- mm/huge_memory.c | 1 + 15 files changed, 125 insertions(+), 50 deletions(-)