Re: [PATCH 2/3] x86/mm: introduce __PAGE_KERNEL_GLOBAL
From: Nadav Amit
Date: Fri Feb 16 2018 - 14:54:15 EST
Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> wrote:
> On 02/16/2018 10:25 AM, Nadav Amit wrote:
>>> +#ifdef CONFIG_PAGE_TABLE_ISOLATION
>>> +#define __PAGE_KERNEL_GLOBAL 0
>>> +#else
>>> +#define __PAGE_KERNEL_GLOBAL _PAGE_GLOBAL
>>> +#endif
>> ...
>>> --- a/arch/x86/mm/pageattr.c~kpti-no-global-for-kernel-mappings 2018-02-13 15:17:56.148210060 -0800
>>> +++ b/arch/x86/mm/pageattr.c 2018-02-13 15:17:56.153210060 -0800
>>> @@ -593,7 +593,8 @@ try_preserve_large_page(pte_t *kpte, uns
>>> * different bit positions in the two formats.
>>> */
>>> req_prot = pgprot_4k_2_large(req_prot);
>>> - req_prot = pgprot_set_on_present(req_prot, _PAGE_GLOBAL | _PAGE_PSE);
>>> + req_prot = pgprot_set_on_present(req_prot,
>>> + __PAGE_KERNEL_GLOBAL | _PAGE_PSE);
>>> req_prot = canon_pgprot(req_prot);
>> From these chunks, it seems to me as req_prot will not have the global bit
>> on when ânoptiâ parameter is provided. What am I missing?
>
> That's a good point. The current patch does not allow the use of
> _PAGE_GLOBAL via _PAGE_KERNEL_GLOBAL when CONFIG_PAGE_TABLE_ISOLATION=y,
> but booted with nopti. It's a simple enough fix. Logically:
>
> #ifdef CONFIG_PAGE_TABLE_ISOLATION
> #define __PAGE_KERNEL_GLOBAL static_cpu_has(X86_FEATURE_PTI) ?
> 0 : _PAGE_GLOBAL
> #else
> #define __PAGE_KERNEL_GLOBAL _PAGE_GLOBAL
> #endif
>
> But I don't really want to hide that gunk in a macro like that. It
> might make more sense as a static inline. I'll give that a shot and resent.
Since determining whether PTI is on is done in several places in the kernel,
maybe there should a single function to determine whether PTI is on,
something like:
static inline bool is_pti_on(void)
{
return IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION) &&
static_cpu_has(X86_FEATURE_PTI);
}