| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aLnFd1Hl_FSHZR3z@arm.com> Date: Thu, 4 Sep 2025 17:59:35 +0100 From: Catalin Marinas <catalin.marinas@....com> To: Ryan Roberts <ryan.roberts@....com> Cc: Will Deacon <will@...nel.org>, Andrew Morton <akpm@...ux-foundation.org>, David Hildenbrand <david@...hat.com>, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, Yang Shi <yang@...amperecomputing.com>, Ard Biesheuvel <ardb@...nel.org>, Dev Jain <dev.jain@....com>, scott@...amperecomputing.com, cl@...two.org, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, linux-mm@...ck.org Subject: Re: [PATCH v7 5/6] arm64: mm: split linear mapping if BBML2 unsupported on secondary CPUs On Fri, Aug 29, 2025 at 12:52:46PM +0100, Ryan Roberts wrote: > The kernel linear mapping is painted in very early stage of system boot. > The cpufeature has not been finalized yet at this point. So the linear > mapping is determined by the capability of boot CPU only. If the boot > CPU supports BBML2, large block mappings will be used for linear > mapping. > > But the secondary CPUs may not support BBML2, so repaint the linear > mapping if large block mapping is used and the secondary CPUs don't > support BBML2 once cpufeature is finalized on all CPUs. > > If the boot CPU doesn't support BBML2 or the secondary CPUs have the > same BBML2 capability with the boot CPU, repainting the linear mapping > is not needed. > > Repainting is implemented by the boot CPU, which we know supports BBML2, > so it is safe for the live mapping size to change for this CPU. The > linear map region is walked using the pagewalk API and any discovered > large leaf mappings are split to pte mappings using the existing helper > functions. Since the repainting is performed inside of a stop_machine(), > we must use GFP_ATOMIC to allocate the extra intermediate pgtables. But > since we are still early in boot, it is expected that there is plenty of > memory available so we will never need to sleep for reclaim, and so > GFP_ATOMIC is acceptable here. > > The secondary CPUs are all put into a waiting area with the idmap in > TTBR0 and reserved map in TTBR1 while this is performed since they > cannot be allowed to observe any size changes on the live mappings. Some > of this infrastructure is reused from the kpti case. Specifically we > share the same flag (was __idmap_kpti_flag, now idmap_kpti_bbml2_flag) > since it means we don't have to reserve any extra pgtable memory to > idmap the extra flag. > > Co-developed-by: Yang Shi <yang@...amperecomputing.com> > Signed-off-by: Yang Shi <yang@...amperecomputing.com> > Signed-off-by: Ryan Roberts <ryan.roberts@....com> I think this works, so: Reviewed-by: Catalin Marinas <catalin.marinas@....com> However, I wonder how likely we are to find this combination in the field to be worth carrying this code upstream. With kpti, we were aware of platforms requiring it but is this also the case for BBM? If not, I'd keep the patch out until we get a concrete example. -- Catalin
Powered by blists - more mailing lists