x86/mm: Factor out pageattr _PAGE_GLOBAL setting
authorDave Hansen <dave.hansen@linux.intel.com>
Fri, 6 Apr 2018 20:55:02 +0000 (13:55 -0700)
committerIngo Molnar <mingo@kernel.org>
Mon, 9 Apr 2018 16:27:32 +0000 (18:27 +0200)
The pageattr code has a pattern repeated where it sets _PAGE_GLOBAL
for present PTEs but clears it for non-present PTEs.  The intention
is to keep _PAGE_GLOBAL from getting confused with _PAGE_PROTNONE
since _PAGE_GLOBAL is for present PTEs and _PAGE_PROTNONE is for
non-present

But, this pattern makes no sense.  Effectively, it says, if you use
the pageattr code, always set _PAGE_GLOBAL when _PAGE_PRESENT.
canon_pgprot() will clear it if unsupported (because it masks the
value with __supported_pte_mask) but we *always* set it. Even if
canon_pgprot() did not filter _PAGE_GLOBAL, it would be OK.
_PAGE_GLOBAL is ignored when CR4.PGE=0 by the hardware.

This unconditional setting of _PAGE_GLOBAL is a problem when we have
PTI and non-PTI and we want some areas to have _PAGE_GLOBAL and some
not.

This updated version of the code says:
1. Clear _PAGE_GLOBAL when !_PAGE_PRESENT
2. Never set _PAGE_GLOBAL implicitly
3. Allow _PAGE_GLOBAL to be in cpa.set_mask
4. Allow _PAGE_GLOBAL to be inherited from previous PTE

Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kees Cook <keescook@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Nadav Amit <namit@vmware.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/20180406205502.86E199DA@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
arch/x86/mm/pageattr.c

index 85cf12219dea4a679158c7e6a8ea72be8e93ff2a..4d369d5c04c530c739f30d117dcdf7d9ab1cddeb 100644 (file)
@@ -512,6 +512,23 @@ static void __set_pmd_pte(pte_t *kpte, unsigned long address, pte_t pte)
 #endif
 }
 
+static pgprot_t pgprot_clear_protnone_bits(pgprot_t prot)
+{
+       /*
+        * _PAGE_GLOBAL means "global page" for present PTEs.
+        * But, it is also used to indicate _PAGE_PROTNONE
+        * for non-present PTEs.
+        *
+        * This ensures that a _PAGE_GLOBAL PTE going from
+        * present to non-present is not confused as
+        * _PAGE_PROTNONE.
+        */
+       if (!(pgprot_val(prot) & _PAGE_PRESENT))
+               pgprot_val(prot) &= ~_PAGE_GLOBAL;
+
+       return prot;
+}
+
 static int
 try_preserve_large_page(pte_t *kpte, unsigned long address,
                        struct cpa_data *cpa)
@@ -577,18 +594,11 @@ try_preserve_large_page(pte_t *kpte, unsigned long address,
         * different bit positions in the two formats.
         */
        req_prot = pgprot_4k_2_large(req_prot);
-
-       /*
-        * Set the PSE and GLOBAL flags only if the PRESENT flag is
-        * set otherwise pmd_present/pmd_huge will return true even on
-        * a non present pmd. The canon_pgprot will clear _PAGE_GLOBAL
-        * for the ancient hardware that doesn't support it.
-        */
+       req_prot = pgprot_clear_protnone_bits(req_prot);
        if (pgprot_val(req_prot) & _PAGE_PRESENT)
-               pgprot_val(req_prot) |= _PAGE_PSE | _PAGE_GLOBAL;
+               pgprot_val(req_prot) |= _PAGE_PSE;
        else
-               pgprot_val(req_prot) &= ~(_PAGE_PSE | _PAGE_GLOBAL);
-
+               pgprot_val(req_prot) &= ~_PAGE_PSE;
        req_prot = canon_pgprot(req_prot);
 
        /*
@@ -698,16 +708,7 @@ __split_large_page(struct cpa_data *cpa, pte_t *kpte, unsigned long address,
                return 1;
        }
 
-       /*
-        * Set the GLOBAL flags only if the PRESENT flag is set
-        * otherwise pmd/pte_present will return true even on a non
-        * present pmd/pte. The canon_pgprot will clear _PAGE_GLOBAL
-        * for the ancient hardware that doesn't support it.
-        */
-       if (pgprot_val(ref_prot) & _PAGE_PRESENT)
-               pgprot_val(ref_prot) |= _PAGE_GLOBAL;
-       else
-               pgprot_val(ref_prot) &= ~_PAGE_GLOBAL;
+       ref_prot = pgprot_clear_protnone_bits(ref_prot);
 
        /*
         * Get the target pfn from the original entry:
@@ -930,18 +931,7 @@ static void populate_pte(struct cpa_data *cpa,
 
        pte = pte_offset_kernel(pmd, start);
 
-       /*
-        * Set the GLOBAL flags only if the PRESENT flag is
-        * set otherwise pte_present will return true even on
-        * a non present pte. The canon_pgprot will clear
-        * _PAGE_GLOBAL for the ancient hardware that doesn't
-        * support it.
-        */
-       if (pgprot_val(pgprot) & _PAGE_PRESENT)
-               pgprot_val(pgprot) |= _PAGE_GLOBAL;
-       else
-               pgprot_val(pgprot) &= ~_PAGE_GLOBAL;
-
+       pgprot = pgprot_clear_protnone_bits(pgprot);
        pgprot = canon_pgprot(pgprot);
 
        while (num_pages-- && start < end) {
@@ -1234,17 +1224,7 @@ repeat:
 
                new_prot = static_protections(new_prot, address, pfn);
 
-               /*
-                * Set the GLOBAL flags only if the PRESENT flag is
-                * set otherwise pte_present will return true even on
-                * a non present pte. The canon_pgprot will clear
-                * _PAGE_GLOBAL for the ancient hardware that doesn't
-                * support it.
-                */
-               if (pgprot_val(new_prot) & _PAGE_PRESENT)
-                       pgprot_val(new_prot) |= _PAGE_GLOBAL;
-               else
-                       pgprot_val(new_prot) &= ~_PAGE_GLOBAL;
+               new_prot = pgprot_clear_protnone_bits(new_prot);
 
                /*
                 * We need to keep the pfn from the existing PTE,