[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <02e48e97-5842-6a19-1ea2-cee4ed5910f4@linux.intel.com>
Date: Tue, 21 Nov 2017 15:17:15 -0800
From: Dave Hansen <dave.hansen@...ux.intel.com>
To: Andy Lutomirski <luto@...capital.net>
Cc: Andy Lutomirski <luto@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
moritz.lipp@...k.tugraz.at,
Daniel Gruss <daniel.gruss@...k.tugraz.at>,
michael.schwarz@...k.tugraz.at, richard.fellner@...dent.tugraz.at,
Linus Torvalds <torvalds@...ux-foundation.org>,
Kees Cook <keescook@...gle.com>,
Hugh Dickins <hughd@...gle.com>, X86 ML <x86@...nel.org>
Subject: Re: [PATCH 12/30] x86, kaiser: map GDT into user page tables
On 11/21/2017 02:46 PM, Andy Lutomirski wrote:
>> GDT: R/O TSS: R/W at least because of trampoline stack entry code:
>> EXEC+R/O exception stacks: R/W
> Can you avoid code duplication by adding some logic right after the
> kernel cpu_entry_area is set up to iterate page by page over the PTEs
> in the cpu_entry_area for that CPU and just install exactly the same
> PTEs into the kaiser table? E.g. just call kaiser_add_mapping once
> per page but with the parameters read out from the fixmap PTEs
> instead of hard coded?
Yes, we could do that. But, what's the gain? We end up removing
effectively three (long) lines of code from three kaiser_add_mapping()
calls.
To do this, we need to special-case the kernel page table walker to deal
with PTEs only since we can't just grab PMD or PUD flags and stick them
in a PTE. We would only be able to use this path when populating things
that we know are 4k-mapped in the kernel.
I guess the upside is that we don't open-code the permissions in the
KAISER code that *have* to match the permissions that the kernel itself
established.
It also means that theoretically you could not touch the KAISER code the
next time we expand the cpu entry area.
Powered by blists - more mailing lists