| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251107224956.477056-7-gourry@gourry.net>
Date: Fri, 7 Nov 2025 17:49:51 -0500
From: Gregory Price <gourry@...rry.net>
To: linux-mm@...ck.org
Cc: linux-cxl@...r.kernel.org,
linux-kernel@...r.kernel.org,
nvdimm@...ts.linux.dev,
linux-fsdevel@...r.kernel.org,
cgroups@...r.kernel.org,
dave@...olabs.net,
jonathan.cameron@...wei.com,
dave.jiang@...el.com,
alison.schofield@...el.com,
vishal.l.verma@...el.com,
ira.weiny@...el.com,
dan.j.williams@...el.com,
longman@...hat.com,
akpm@...ux-foundation.org,
david@...hat.com,
lorenzo.stoakes@...cle.com,
Liam.Howlett@...cle.com,
vbabka@...e.cz,
rppt@...nel.org,
surenb@...gle.com,
mhocko@...e.com,
osalvador@...e.de,
ziy@...dia.com,
matthew.brost@...el.com,
joshua.hahnjy@...il.com,
rakie.kim@...com,
byungchul@...com,
gourry@...rry.net,
ying.huang@...ux.alibaba.com,
apopple@...dia.com,
mingo@...hat.com,
peterz@...radead.org,
juri.lelli@...hat.com,
vincent.guittot@...aro.org,
dietmar.eggemann@....com,
rostedt@...dmis.org,
bsegall@...gle.com,
mgorman@...e.de,
vschneid@...hat.com,
tj@...nel.org,
hannes@...xchg.org,
mkoutny@...e.com,
kees@...nel.org,
muchun.song@...ux.dev,
roman.gushchin@...ux.dev,
shakeel.butt@...ux.dev,
rientjes@...gle.com,
jackmanb@...gle.com,
cl@...two.org,
harry.yoo@...cle.com,
axelrasmussen@...gle.com,
yuanchu@...gle.com,
weixugc@...gle.com,
zhengqi.arch@...edance.com,
yosry.ahmed@...ux.dev,
nphamcs@...il.com,
chengming.zhou@...ux.dev,
fabio.m.de.francesco@...ux.intel.com,
rrichter@....com,
ming.li@...omail.com,
usamaarif642@...il.com,
brauner@...nel.org,
oleg@...hat.com,
namcao@...utronix.de,
escape@...ux.alibaba.com,
dongjoo.seo1@...sung.com
Subject: [RFC PATCH 6/9] mm/memory_hotplug: add MHP_PROTECTED_MEMORY flag
Add support for protected memory blocks/nodes, which signal to
memory_hotplug that a given memory block is considered "protected".
A protected memory block/node is not exposed as SystemRAM by default
via default_sysram_nodes. Protected memory cannot be added to sysram
nodes, and non-protected memory cannot be added to protected nodes.
This enables these memory blocks to be protected from allocation by
general actions (page faults, demotion, etc) without explicit
integration points which are memory-tier aware.
Signed-off-by: Gregory Price <gourry@...rry.net>
---
include/linux/memory_hotplug.h | 10 ++++++++++
mm/memory_hotplug.c | 23 +++++++++++++++++++++++
2 files changed, 33 insertions(+)
diff --git a/include/linux/memory_hotplug.h b/include/linux/memory_hotplug.h
index 23f038a16231..89f4e5b7054d 100644
--- a/include/linux/memory_hotplug.h
+++ b/include/linux/memory_hotplug.h
@@ -74,6 +74,16 @@ typedef int __bitwise mhp_t;
* helpful in low-memory situations.
*/
#define MHP_OFFLINE_INACCESSIBLE ((__force mhp_t)BIT(3))
+/*
+ * The hotplugged memory can only be added to a NUMA node which is
+ * not in default_sysram_nodes. This prevents the node from be accessible
+ * by the page allocator (mm/page_alloc.c) by way of userland configuration.
+ *
+ * Attempting to hotplug protected memory into a node in default_sysram_nodes
+ * will result in an -EINVAL, and attempting to hotplug non-protected memory
+ * into protected memory node will also result in an -EINVAL.
+ */
+#define MHP_PROTECTED_MEMORY ((__force mhp_t)BIT(4))
/*
* Extended parameters for memory hotplug:
diff --git a/mm/memory_hotplug.c b/mm/memory_hotplug.c
index 0be83039c3b5..ceab56b7231d 100644
--- a/mm/memory_hotplug.c
+++ b/mm/memory_hotplug.c
@@ -20,6 +20,7 @@
#include <linux/memory.h>
#include <linux/memremap.h>
#include <linux/memory_hotplug.h>
+#include <linux/memory-tiers.h>
#include <linux/vmalloc.h>
#include <linux/ioport.h>
#include <linux/delay.h>
@@ -1506,6 +1507,7 @@ int add_memory_resource(int nid, struct resource *res, mhp_t mhp_flags)
struct memory_group *group = NULL;
u64 start, size;
bool new_node = false;
+ bool node_has_blocks, protected_mem, node_is_sysram;
int ret;
start = res->start;
@@ -1529,6 +1531,19 @@ int add_memory_resource(int nid, struct resource *res, mhp_t mhp_flags)
mem_hotplug_begin();
+ /*
+ * If the NUMA node already has memory blocks, then we can only allow
+ * additional memory blocks of the same protection type (protected or
+ * un-protected). Online/offline does not matter at this point.
+ */
+ node_has_blocks = node_has_memory_blocks(nid);
+ protected_mem = !!(mhp_flags & MHP_PROTECTED_MEMORY);
+ node_is_sysram = node_isset(nid, *default_sysram_nodes);
+ if (node_has_blocks && (protected_mem ^ node_is_sysram)) {
+ ret = -EINVAL;
+ goto error_mem_hotplug_end;
+ }
+
if (IS_ENABLED(CONFIG_ARCH_KEEP_MEMBLOCK)) {
if (res->flags & IORESOURCE_SYSRAM_DRIVER_MANAGED)
memblock_flags = MEMBLOCK_DRIVER_MANAGED;
@@ -1574,6 +1589,10 @@ int add_memory_resource(int nid, struct resource *res, mhp_t mhp_flags)
register_memory_blocks_under_node_hotplug(nid, PFN_DOWN(start),
PFN_UP(start + size - 1));
+ /* At this point if not protected, we can add node to sysram nodes */
+ if (!(mhp_flags & MHP_PROTECTED_MEMORY))
+ node_set(nid, *default_sysram_nodes);
+
/* create new memmap entry */
if (!strcmp(res->name, "System RAM"))
firmware_map_add_hotplug(start, start + size, "System RAM");
@@ -2274,6 +2293,10 @@ static int try_remove_memory(u64 start, u64 size)
if (nid != NUMA_NO_NODE)
try_offline_node(nid);
+ /* If no more memblocks, remove node from default sysram nodemask */
+ if (!node_has_memory_blocks(nid))
+ node_clear(nid, *default_sysram_nodes);
+
mem_hotplug_done();
return 0;
}
--
2.51.1
Powered by blists - more mailing lists