| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAhV-H4WrphWQqW7HoeD7xSvRuHV1KBt7jgESQU7N-y1HrSVVw@mail.gmail.com>
Date: Wed, 5 Nov 2025 09:07:53 +0800
From: Huacai Chen <chenhuacai@...nel.org>
To: Tianyang Zhang <zhangtianyang@...ngson.cn>
Cc: kernel@...0n.name, akpm@...ux-foundation.org, willy@...radead.org,
david@...hat.com, linmag7@...il.com, thuth@...hat.com, maobibo@...ngson.cn,
apopple@...dia.com, loongarch@...ts.linux.dev, linux-kernel@...r.kernel.org,
Liupu Wang <wangliupu@...ngson.cn>
Subject: Re: [PATCH] Loongarch:Make pte/pmd_modify can set _PAGE_MODIFIED
On Wed, Nov 5, 2025 at 8:57 AM Tianyang Zhang <zhangtianyang@...ngson.cn> wrote:
>
> Hi, Huacai
>
> 在 2025/11/4 下午4:00, Huacai Chen 写道:
> > Hi, Tianyang,
> >
> > The subject line can be:
> > LoongArch: Let {pte,pmd}_modify() record the status of _PAGE_DIRTY (If
> > I'm right in the later comments).
> Ok. I got it
> >
> > On Tue, Nov 4, 2025 at 3:30 PM Tianyang Zhang <zhangtianyang@...ngson.cn> wrote:
> >> In the current pte_modify operation, _PAGE_DIRTY might be cleared. Since
> >> the hardware-page-walk does not have a predefined _PAGE_MODIFIED flag,
> >> this could lead to loss of valid data in certain scenarios.
> >>
> >> The new modification involves checking whether the original PTE has the
> >> _PAGE_DIRTY flag. If it exists, the _PAGE_MODIFIED bit is set, ensuring
> >> that the pte_dirty interface can return accurate information.
> > The description may be wrong here. Because pte_dirty() returns
> > pte_val(pte) & (_PAGE_DIRTY | _PAGE_MODIFIED).
> > If _PAGE_DIRTY isn't lost, pte_dirty() is always right, no matter
> > whether there is or isn't _PAGE_MODIFIED.
> >
> > I think the real reason is we need to set _PAGE_MODIFIED in
> > pte/pmd_modify to record the status of _PAGE_DIRTY, so that we can
> > recover _PAGE_DIRTY afterwards, such as in pte/pmd_mkwrite().
> Ok, I will adjust the description
After some thinking, your original description may be right. Without
this patch the scenario maybe like this:
The pte is dirty _PAGE_DIRTY but without _PAGE_MODIFIED, after
pte_modify() we lose _PAGE_DIRTY, then pte_dirty() returns false. So
we need _PAGE_MODIFIED to record _PAGE_DIRTY here.
But the description also needs to be updated.
> >
> >> Co-developed-by: Liupu Wang <wangliupu@...ngson.cn>
> >> Signed-off-by: Liupu Wang <wangliupu@...ngson.cn>
> >> Signed-off-by: Tianyang Zhang <zhangtianyang@...ngson.cn>
> >> ---
> >> arch/loongarch/include/asm/pgtable.h | 17 +++++++++++++----
> >> 1 file changed, 13 insertions(+), 4 deletions(-)
> >>
> >> diff --git a/arch/loongarch/include/asm/pgtable.h b/arch/loongarch/include/asm/pgtable.h
> >> index bd128696e96d..106abfa5183b 100644
> >> --- a/arch/loongarch/include/asm/pgtable.h
> >> +++ b/arch/loongarch/include/asm/pgtable.h
> >> @@ -424,8 +424,13 @@ static inline unsigned long pte_accessible(struct mm_struct *mm, pte_t a)
> >>
> >> static inline pte_t pte_modify(pte_t pte, pgprot_t newprot)
> >> {
> >> - return __pte((pte_val(pte) & _PAGE_CHG_MASK) |
> >> - (pgprot_val(newprot) & ~_PAGE_CHG_MASK));
> >> + unsigned long val = (pte_val(pte) & _PAGE_CHG_MASK) |
> >> + (pgprot_val(newprot) & ~_PAGE_CHG_MASK);
> >> +
> >> + if (pte_val(pte) & _PAGE_DIRTY)
> >> + val |= _PAGE_MODIFIED;
> >> +
> >> + return __pte(val);
> >> }
> >>
> >> extern void __update_tlb(struct vm_area_struct *vma,
> >> @@ -547,9 +552,13 @@ static inline struct page *pmd_page(pmd_t pmd)
> >>
> >> static inline pmd_t pmd_modify(pmd_t pmd, pgprot_t newprot)
> >> {
> >> - pmd_val(pmd) = (pmd_val(pmd) & _HPAGE_CHG_MASK) |
> >> + unsigned long val = (pmd_val(pmd) & _HPAGE_CHG_MASK) |
> >> (pgprot_val(newprot) & ~_HPAGE_CHG_MASK);
> >> - return pmd;
> >> +
> >> + if (pmd_val(pmd) & _PAGE_DIRTY)
> >> + val |= _PAGE_MODIFIED;
> >> +
> >> + return __pmd(val);
> >> }
> > A minimal modification can be:
> > diff --git a/arch/loongarch/include/asm/pgtable.h
> > b/arch/loongarch/include/asm/pgtable.h
> > index 1f20e9280062..907ece0199e0 100644
> > --- a/arch/loongarch/include/asm/pgtable.h
> > +++ b/arch/loongarch/include/asm/pgtable.h
> > @@ -448,8 +448,13 @@ static inline unsigned long pte_accessible(struct
> > mm_struct *mm, pte_t a)
> >
> > static inline pte_t pte_modify(pte_t pte, pgprot_t newprot)
> > {
> > - return __pte((pte_val(pte) & _PAGE_CHG_MASK) |
> > - (pgprot_val(newprot) & ~_PAGE_CHG_MASK));
> > + pte_val(pte) = (pte_val(pte) & _PAGE_CHG_MASK) |
> > + (pgprot_val(newprot) & ~_PAGE_CHG_MASK);
> > +
> > + if (pte_val(pte) & _PAGE_DIRTY)
> > + pte_val(pte) |= _PAGE_MODIFIED;
> > +
> > + return pte;
> > }
>
> + pte_val(pte) = (pte_val(pte) & _PAGE_CHG_MASK) |
> + (pgprot_val(newprot) & ~_PAGE_CHG_MASK);
>
> After this step, _PAGE_DIRTY may have already disappeared,
> If no new variables are added, they can be modified in follow way:
>
> static inline pte_t pte_modify(pte_t pte, pgprot_t newprot)
> {
> + if (pte_val(pte) & _PAGE_DIRTY)
> + pte_val(pte) |= _PAGE_MODIFIED;
> +
> return __pte((pte_val(pte) & _PAGE_CHG_MASK) |
> (pgprot_val(newprot) & ~_PAGE_CHG_MASK));
>
> }
OK, it makes sense.
Huacai
>
> >
> > extern void __update_tlb(struct vm_area_struct *vma,
> > @@ -583,7 +588,11 @@ static inline struct page *pmd_page(pmd_t pmd)
> > static inline pmd_t pmd_modify(pmd_t pmd, pgprot_t newprot)
> > {
> > pmd_val(pmd) = (pmd_val(pmd) & _HPAGE_CHG_MASK) |
> > - (pgprot_val(newprot) & ~_HPAGE_CHG_MASK);
> > + (pgprot_val(newprot) & ~_HPAGE_CHG_MASK);
> > +
> > + if (pmd_val(pmd) & _PAGE_DIRTY)
> > + pmd_val(pmd) |= _PAGE_MODIFIED;
> > +
> > return pmd;
> > }
> >
> > You needn't define a new variable.
> >
> >
> > Huacai
> >
> >> static inline pmd_t pmd_mkinvalid(pmd_t pmd)
> >> --
> >> 2.41.0
> >>
> >>
> Thanks
>
> Tianyang
>
Powered by blists - more mailing lists