| Message ID | 20221025201057.945960823@infradead.org |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp1196373wru;
Tue, 25 Oct 2022 13:13:32 -0700 (PDT)
X-Google-Smtp-Source:
AMsMyM4mBl6LxL4BSOPKcBifS+H6b/CVwyicO7d80uxBQ99/NIOYQJ8exDoatRer63WXj6OEWH+/
X-Received: by 2002:a63:1e05:0:b0:451:31d0:8c0f with SMTP id
e5-20020a631e05000000b0045131d08c0fmr34169392pge.227.1666728812187;
Tue, 25 Oct 2022 13:13:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1666728812; cv=none;
d=google.com; s=arc-20160816;
b=ievWRIjfRHs7n4Lu5Aywl5HdPPeeOSD6sNHe+K1nAyZF+X1/VX8J+q5RlGOw/itCQO
+FhAu6dV3fUTiI+7LNT8yDSTflF11TDq3AcFpua/OhSZcTVOINIGQufWufxSF2l2d6yK
7K3bqhxvvRZrw69yFShBb/OBcwh5km30u3r8iHhIelT6TFvwq30WvoJ5kk6eUOxP0O6b
oWWrnMWLy2P+OTHB4Br46pANcxIuob7Ta/FA5Df5Ueg12WRUgxiP4Wm9Dd3PP/1gL2B6
d1dO+xbmw2sMWhUFy3Eh1E9nV1TFkYWFVIbyH9n38K6sQJwjyykIEbyNFhgk0covUyQ1
CZSQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:mime-version:references:subject:cc:to:from:date
:user-agent:message-id:dkim-signature;
bh=r0O1A5cCcJcSiywQeCYs1n88surn5b369qkAVUdXrbY=;
b=a6IAc3lcRMPQBa30ycbiaOy+tfZt6g1SHOKRtpHL4uPg2RuXTy2ym3xx8yYHlDYGMq
/z1Tr59T+vq4iU3wGTeGbNnuy9kZEQ34b4x/M0foeFzN3SeKvCRzLcxbSYNnD22qRIYr
PvBEjOtM9s9qRCDbyn2++gUxh5RJlUY4yPEjEHlz0ggR9mR4ykMcDQxBiNVz7Msbk/eh
K4sTuWsNRgwBhouU2aNugWqMyU5rzaZapk9DfNZZv5IWe8OoCU9P1/wK+Ythg4yX/gj8
mBQHH81epZfi8eQA1xuXQL8KxEgVlQZ645rqw0fkcFDb9ck1mAXGb7Lhpoe/iHzTnKBi
TeLg==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@infradead.org header.s=desiato.20200630
header.b=lXH6RCe6;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
pb14-20020a17090b3c0e00b0020d3a22af84si3908258pjb.186.2022.10.25.13.13.00;
Tue, 25 Oct 2022 13:13:32 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@infradead.org header.s=desiato.20200630
header.b=lXH6RCe6;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S231790AbiJYULv (ORCPT <rfc822;pwkd43@gmail.com> + 99 others);
Tue, 25 Oct 2022 16:11:51 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57494 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S231241AbiJYULj (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 25 Oct 2022 16:11:39 -0400
Received: from desiato.infradead.org (desiato.infradead.org
[IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9D5AA7A750
for <linux-kernel@vger.kernel.org>;
Tue, 25 Oct 2022 13:11:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=infradead.org; s=desiato.20200630;
h=Content-Type:MIME-Version:References:
Subject:Cc:To:From:Date:Message-ID:Sender:Reply-To:Content-Transfer-Encoding:
Content-ID:Content-Description:In-Reply-To;
bh=r0O1A5cCcJcSiywQeCYs1n88surn5b369qkAVUdXrbY=;
b=lXH6RCe64PDOftKZYiV3BSdSyS
Vf1YajQ1pZNPPNyQeqhAcoDkxeQj5Is8ivCIMW3x3XmccSusppC8cnqbdfOuogRx++v9KLbJk2+FS
vKcmnUCExsnpkZCRQjpAxbICl/rwWmRyLS+M5zl4S+Ed/K8w3XxhMhnoTVd9zLNCrdtK5eNfxn2GZ
5Q673p1zDJAdZWkFqjyPy76VGJCRUkjlldj9bVTI6C6Wnuxwa9hI9WPqynq1sPiKCW/Pq1j8sfhuF
2SdWITEeeOM9+UhF5F86Tw8iHl2ehnBp2Kgwq9wiAZodatkH570UAwSYos3mqZv5svKsFSJcK9s1X
JSQHdeYA==;
Received: from j130084.upc-j.chello.nl ([24.132.130.84]
helo=noisy.programming.kicks-ass.net)
by desiato.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux))
id 1onQGh-006OK4-Sv; Tue, 25 Oct 2022 20:11:24 +0000
Received: from hirez.programming.kicks-ass.net
(hirez.programming.kicks-ass.net [192.168.1.225])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits))
(Client did not present a certificate)
by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id
B41D5300446;
Tue, 25 Oct 2022 22:11:22 +0200 (CEST)
Received: by hirez.programming.kicks-ass.net (Postfix, from userid 0)
id 99DC920117B33; Tue, 25 Oct 2022 22:11:22 +0200 (CEST)
Message-ID: <20221025201057.945960823@infradead.org>
User-Agent: quilt/0.66
Date: Tue, 25 Oct 2022 22:07:00 +0200
From: Peter Zijlstra <peterz@infradead.org>
To: torvalds@linux-foundation.org, rostedt@goodmis.org,
dave.hansen@intel.com
Cc: linux-kernel@vger.kernel.org, peterz@infradead.org, x86@kernel.org,
keescook@chromium.org, seanjc@google.com
Subject: [PATCH 4/5] x86/ftrace: Remove SYSTEM_BOOTING exceptions
References: <20221025200656.951281799@infradead.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
SPF_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1747691830837220819?=
X-GMAIL-MSGID: =?utf-8?q?1747691830837220819?=
|
| Series | x86/ftrace: Cure boot time W+X mapping | |
Commit Message
Peter Zijlstra
Oct. 25, 2022, 8:07 p.m. UTC
Now that text_poke is available before ftrace, remove the
SYSTEM_BOOTING exceptions.
Specifically, this cures a W+X case during boot.
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
---
arch/x86/kernel/alternative.c | 10 ----------
arch/x86/kernel/ftrace.c | 3 +--
2 files changed, 1 insertion(+), 12 deletions(-)
Comments
On Tue, 25 Oct 2022 22:07:00 +0200 Peter Zijlstra <peterz@infradead.org> wrote: > Now that text_poke is available before ftrace, remove the > SYSTEM_BOOTING exceptions. > > Specifically, this cures a W+X case during boot. We have W+X all over the place (the entire kernel text). And I don't think we really want this. This will slow down boots in general, as it will cause all static_branches to use this memory page logic. And I don't think we really want to do that at boot up when we don't need to. I would change this to: if (unlikely(system_state == SYSTEM_BOOTING) && core_kernel_text((unsigned long)addr)) { This way we still do memcpy() on all core kernel text which is still writable. It was the ftrace allocated trampoline that caused issues, not the locations that were being updated. -- Steve > > Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> > --- > arch/x86/kernel/alternative.c | 10 ---------- > arch/x86/kernel/ftrace.c | 3 +-- > 2 files changed, 1 insertion(+), 12 deletions(-) > > --- a/arch/x86/kernel/alternative.c > +++ b/arch/x86/kernel/alternative.c > @@ -1681,11 +1681,6 @@ void __ref text_poke_queue(void *addr, c > { > struct text_poke_loc *tp; > > - if (unlikely(system_state == SYSTEM_BOOTING)) { > - text_poke_early(addr, opcode, len); > - return; > - } > - > text_poke_flush(addr); > > tp = &tp_vec[tp_vec_nr++]; > @@ -1707,11 +1702,6 @@ void __ref text_poke_bp(void *addr, cons > { > struct text_poke_loc tp; > > - if (unlikely(system_state == SYSTEM_BOOTING)) { > - text_poke_early(addr, opcode, len); > - return; > - } > - > text_poke_loc_init(&tp, addr, opcode, len, emulate); > text_poke_bp_batch(&tp, 1); > } > --- a/arch/x86/kernel/ftrace.c > +++ b/arch/x86/kernel/ftrace.c > @@ -415,8 +415,7 @@ create_trampoline(struct ftrace_ops *ops > > set_vm_flush_reset_perms(trampoline); > > - if (likely(system_state != SYSTEM_BOOTING)) > - set_memory_ro((unsigned long)trampoline, npages); > + set_memory_ro((unsigned long)trampoline, npages); > set_memory_x((unsigned long)trampoline, npages); > return (unsigned long)trampoline; > fail: >
On Tue, Oct 25, 2022 at 04:59:56PM -0400, Steven Rostedt wrote: > On Tue, 25 Oct 2022 22:07:00 +0200 > Peter Zijlstra <peterz@infradead.org> wrote: > > > Now that text_poke is available before ftrace, remove the > > SYSTEM_BOOTING exceptions. > > > > Specifically, this cures a W+X case during boot. > > We have W+X all over the place (the entire kernel text). And I don't think > we really want this. > > This will slow down boots in general, as it will cause all static_branches > to use this memory page logic. And I don't think we really want to do > that at boot up when we don't need to. Both static_call and jump_label explicitly call text_poke_early() when appropriate. > I would change this to: > > if (unlikely(system_state == SYSTEM_BOOTING) && > core_kernel_text((unsigned long)addr)) { > > This way we still do memcpy() on all core kernel text which is still > writable. It was the ftrace allocated trampoline that caused issues, not > the locations that were being updated. I would suggest changing ftrace to call text_poke_early() when appropriate if it matters (it already does a little of that); doing a boot test with and without my patch 4 on shows no noticable overhead over being horribly slow either way.
--- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -1681,11 +1681,6 @@ void __ref text_poke_queue(void *addr, c { struct text_poke_loc *tp; - if (unlikely(system_state == SYSTEM_BOOTING)) { - text_poke_early(addr, opcode, len); - return; - } - text_poke_flush(addr); tp = &tp_vec[tp_vec_nr++]; @@ -1707,11 +1702,6 @@ void __ref text_poke_bp(void *addr, cons { struct text_poke_loc tp; - if (unlikely(system_state == SYSTEM_BOOTING)) { - text_poke_early(addr, opcode, len); - return; - } - text_poke_loc_init(&tp, addr, opcode, len, emulate); text_poke_bp_batch(&tp, 1); } --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c @@ -415,8 +415,7 @@ create_trampoline(struct ftrace_ops *ops set_vm_flush_reset_perms(trampoline); - if (likely(system_state != SYSTEM_BOOTING)) - set_memory_ro((unsigned long)trampoline, npages); + set_memory_ro((unsigned long)trampoline, npages); set_memory_x((unsigned long)trampoline, npages); return (unsigned long)trampoline; fail: