| Message ID | 20210825092116.149975-4-wangkefeng.wang@huawei.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ARM: Support KFENCE feature | expand |
On 2021/8/25 17:21, Kefeng Wang wrote: > Add architecture specific implementation details for KFENCE and enable > KFENCE on ARM. In particular, this implements the required interface in > <asm/kfence.h>. > > KFENCE requires that attributes for pages from its memory pool can > individually be set. Therefore, force the kfence pool to be mapped > at page granularity. > > Testing this patch using the testcases in kfence_test.c and all passed > with or without ARM_LPAE. > > Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> > --- > arch/arm/Kconfig | 1 + > arch/arm/include/asm/kfence.h | 52 +++++++++++++++++++++++++++++++++++ > arch/arm/mm/fault.c | 9 ++++-- > 3 files changed, 60 insertions(+), 2 deletions(-) > create mode 100644 arch/arm/include/asm/kfence.h > > diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig > index 7a8059ff6bb0..3798f82a0c0d 100644 > --- a/arch/arm/Kconfig > +++ b/arch/arm/Kconfig > @@ -73,6 +73,7 @@ config ARM > select HAVE_ARCH_AUDITSYSCALL if AEABI && !OABI_COMPAT > select HAVE_ARCH_BITREVERSE if (CPU_32v7M || CPU_32v7) && !CPU_32v6 > select HAVE_ARCH_JUMP_LABEL if !XIP_KERNEL && !CPU_ENDIAN_BE32 && MMU > + select HAVE_ARCH_KFENCE if MMU > select HAVE_ARCH_KGDB if !CPU_ENDIAN_BE32 && MMU > select HAVE_ARCH_KASAN if MMU && !XIP_KERNEL > select HAVE_ARCH_MMAP_RND_BITS if MMU > diff --git a/arch/arm/include/asm/kfence.h b/arch/arm/include/asm/kfence.h > new file mode 100644 > index 000000000000..eae7a12ab2a9 > --- /dev/null > +++ b/arch/arm/include/asm/kfence.h > @@ -0,0 +1,52 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > + > +#ifndef __ASM_ARM_KFENCE_H > +#define __ASM_ARM_KFENCE_H > + > +#include <linux/kfence.h> > +#include <asm/set_memory.h> > +#include <asm/pgalloc.h> > + > +static inline int split_pmd_page(pmd_t *pmd, unsigned long addr) > +{ > + int i; > + unsigned long pfn = PFN_DOWN(__pa((addr & PMD_MASK))); > + pte_t *pte = pte_alloc_one_kernel(&init_mm); > + > + if (!pte) > + return -ENOMEM; > + > + for (i = 0; i < PTRS_PER_PTE; i++) > + set_pte_ext(pte + i, pfn_pte(pfn + i, PAGE_KERNEL), 0); > + pmd_populate_kernel(&init_mm, pmd, pte); > + > + flush_tlb_kernel_range(addr, addr + PMD_SIZE); > + return 0; > +} > + > +static inline bool arch_kfence_init_pool(void) > +{ > + unsigned long addr; > + pmd_t *pmd; > + > + for (addr = (unsigned long)__kfence_pool; is_kfence_address((void *)addr); > + addr += PAGE_SIZE) { > + pmd = pmd_off_k(addr); > + > + if (pmd_leaf(*pmd)) { > + if (split_pmd_page(pmd, addr)) > + return false; > + } > + } > + > + return true; > +} > + > +static inline bool kfence_protect_page(unsigned long addr, bool protect) > +{ > + set_memory_valid(addr, 1, !protect); > + > + return true; > +} > + > +#endif /* __ASM_ARM_KFENCE_H */ > diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c > index f7ab6dabe89f..9fa221ffa1b9 100644 > --- a/arch/arm/mm/fault.c > +++ b/arch/arm/mm/fault.c > @@ -17,6 +17,7 @@ > #include <linux/sched/debug.h> > #include <linux/highmem.h> > #include <linux/perf_event.h> > +#include <linux/kfence.h> > > #include <asm/system_misc.h> > #include <asm/system_info.h> > @@ -131,10 +132,14 @@ __do_kernel_fault(struct mm_struct *mm, unsigned long addr, unsigned int fsr, > /* > * No handler, we'll have to terminate things with extreme prejudice. > */ > - if (addr < PAGE_SIZE) > + if (addr < PAGE_SIZE) { > msg = "NULL pointer dereference"; > - else > + } else { > + if (kfence_handle_page_fault(addr, is_write_fault(fsr), regs)) > + return; > + > msg = "paging request"; > + } I think here should do some fixup to follow upstream mainline code. > > die_kernel_fault(msg, mm, addr, fsr, regs); > }
On 2021/8/25 21:18, ownia wrote: > On 2021/8/25 17:21, Kefeng Wang wrote: >> Add architecture specific implementation details for KFENCE and enable >> KFENCE on ARM. In particular, this implements the required interface in >> <asm/kfence.h>. >> >> KFENCE requires that attributes for pages from its memory pool can >> individually be set. Therefore, force the kfence pool to be mapped >> at page granularity. >> >> Testing this patch using the testcases in kfence_test.c and all passed >> with or without ARM_LPAE. >> >> Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> ... >> +#endif /* __ASM_ARM_KFENCE_H */ >> diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c >> index f7ab6dabe89f..9fa221ffa1b9 100644 >> --- a/arch/arm/mm/fault.c >> +++ b/arch/arm/mm/fault.c >> @@ -17,6 +17,7 @@ >> #include <linux/sched/debug.h> >> #include <linux/highmem.h> >> #include <linux/perf_event.h> >> +#include <linux/kfence.h> >> >> #include <asm/system_misc.h> >> #include <asm/system_info.h> >> @@ -131,10 +132,14 @@ __do_kernel_fault(struct mm_struct *mm, unsigned long addr, unsigned int fsr, >> /* >> * No handler, we'll have to terminate things with extreme prejudice. >> */ >> - if (addr < PAGE_SIZE) >> + if (addr < PAGE_SIZE) { >> msg = "NULL pointer dereference"; >> - else >> + } else { >> + if (kfence_handle_page_fault(addr, is_write_fault(fsr), regs)) >> + return; >> + >> msg = "paging request"; >> + } > > I think here should do some fixup to follow upstream mainline code. Yes, the fixup is still there, as the cover-letter said, NOTE: The context of patch2/3 changes in arch/arm/mm/fault.c is based on link[1], which make some refactor and cleanup about page fault. ... [1]https://lore.kernel.org/linux-arm-kernel/20210610123556.171328-1-wangkefeng.wang@huawei.com/ > >> >> die_kernel_fault(msg, mm, addr, fsr, regs); >> } > . >
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 7a8059ff6bb0..3798f82a0c0d 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -73,6 +73,7 @@ config ARM select HAVE_ARCH_AUDITSYSCALL if AEABI && !OABI_COMPAT select HAVE_ARCH_BITREVERSE if (CPU_32v7M || CPU_32v7) && !CPU_32v6 select HAVE_ARCH_JUMP_LABEL if !XIP_KERNEL && !CPU_ENDIAN_BE32 && MMU + select HAVE_ARCH_KFENCE if MMU select HAVE_ARCH_KGDB if !CPU_ENDIAN_BE32 && MMU select HAVE_ARCH_KASAN if MMU && !XIP_KERNEL select HAVE_ARCH_MMAP_RND_BITS if MMU diff --git a/arch/arm/include/asm/kfence.h b/arch/arm/include/asm/kfence.h new file mode 100644 index 000000000000..eae7a12ab2a9 --- /dev/null +++ b/arch/arm/include/asm/kfence.h @@ -0,0 +1,52 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +#ifndef __ASM_ARM_KFENCE_H +#define __ASM_ARM_KFENCE_H + +#include <linux/kfence.h> +#include <asm/set_memory.h> +#include <asm/pgalloc.h> + +static inline int split_pmd_page(pmd_t *pmd, unsigned long addr) +{ + int i; + unsigned long pfn = PFN_DOWN(__pa((addr & PMD_MASK))); + pte_t *pte = pte_alloc_one_kernel(&init_mm); + + if (!pte) + return -ENOMEM; + + for (i = 0; i < PTRS_PER_PTE; i++) + set_pte_ext(pte + i, pfn_pte(pfn + i, PAGE_KERNEL), 0); + pmd_populate_kernel(&init_mm, pmd, pte); + + flush_tlb_kernel_range(addr, addr + PMD_SIZE); + return 0; +} + +static inline bool arch_kfence_init_pool(void) +{ + unsigned long addr; + pmd_t *pmd; + + for (addr = (unsigned long)__kfence_pool; is_kfence_address((void *)addr); + addr += PAGE_SIZE) { + pmd = pmd_off_k(addr); + + if (pmd_leaf(*pmd)) { + if (split_pmd_page(pmd, addr)) + return false; + } + } + + return true; +} + +static inline bool kfence_protect_page(unsigned long addr, bool protect) +{ + set_memory_valid(addr, 1, !protect); + + return true; +} + +#endif /* __ASM_ARM_KFENCE_H */ diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c index f7ab6dabe89f..9fa221ffa1b9 100644 --- a/arch/arm/mm/fault.c +++ b/arch/arm/mm/fault.c @@ -17,6 +17,7 @@ #include <linux/sched/debug.h> #include <linux/highmem.h> #include <linux/perf_event.h> +#include <linux/kfence.h> #include <asm/system_misc.h> #include <asm/system_info.h> @@ -131,10 +132,14 @@ __do_kernel_fault(struct mm_struct *mm, unsigned long addr, unsigned int fsr, /* * No handler, we'll have to terminate things with extreme prejudice. */ - if (addr < PAGE_SIZE) + if (addr < PAGE_SIZE) { msg = "NULL pointer dereference"; - else + } else { + if (kfence_handle_page_fault(addr, is_write_fault(fsr), regs)) + return; + msg = "paging request"; + } die_kernel_fault(msg, mm, addr, fsr, regs); }
Add architecture specific implementation details for KFENCE and enable KFENCE on ARM. In particular, this implements the required interface in <asm/kfence.h>. KFENCE requires that attributes for pages from its memory pool can individually be set. Therefore, force the kfence pool to be mapped at page granularity. Testing this patch using the testcases in kfence_test.c and all passed with or without ARM_LPAE. Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> --- arch/arm/Kconfig | 1 + arch/arm/include/asm/kfence.h | 52 +++++++++++++++++++++++++++++++++++ arch/arm/mm/fault.c | 9 ++++-- 3 files changed, 60 insertions(+), 2 deletions(-) create mode 100644 arch/arm/include/asm/kfence.h