[PATCH] arm64: uprobes: Optimize cache flushes for xol slot
Liao, Chang
liaochang1 at huawei.com
Mon Sep 23 04:16:15 PDT 2024
在 2024/9/22 22:09, Will Deacon 写道:
> On Fri, Sep 20, 2024 at 07:32:23PM +0200, Oleg Nesterov wrote:
>> On 09/20, Catalin Marinas wrote:
>>>
>>> On Fri, Sep 20, 2024 at 04:58:31PM +0800, Liao, Chang wrote:
>>>>
>>>>
>>>> 在 2024/9/19 22:18, Oleg Nesterov 写道:
>>>>> On 09/19, Liao Chang wrote:
>>>>>>
>>>>>> --- a/arch/arm64/kernel/probes/uprobes.c
>>>>>> +++ b/arch/arm64/kernel/probes/uprobes.c
>>>>>> @@ -17,12 +17,16 @@ void arch_uprobe_copy_ixol(struct page *page, unsigned long vaddr,
>>>>>> void *xol_page_kaddr = kmap_atomic(page);
>>>>>> void *dst = xol_page_kaddr + (vaddr & ~PAGE_MASK);
>>>>>>
>>>>>> + if (!memcmp(dst, src, len))
>>>>>> + goto done;
>>>>>
>>>>> can't really comment, I know nothing about arm64...
>>>>>
>>>>> but don't we need to change __create_xol_area()
>>>>>
>>>>> - area->page = alloc_page(GFP_HIGHUSER);
>>>>> + area->page = alloc_page(GFP_HIGHUSER | __GFP_ZERO);
>>>>>
>>>>> to avoid the false positives?
>>>>
>>>> Indeed, it would be safer.
>>>>
>>>> Could we tolerate these false positives? Even if the page are not reset
>>>> to zero bits, if the existing bits are the same as the instruction being
>>>> copied, it still can execute the correct instruction.
>>>
>>> Not if the I-cache has stale data. If alloc_page() returns a page with
>>> some random data that resembles a valid instruction but there was never
>>> a cache flush (sync_icache_aliases() on arm64), it's irrelevant whether
>>> the compare (on the D-cache side) succeeds or not.
>>
>> But shouldn't the page fault paths on arm64 flush I-cache ?
>>
>> If alloc_page() returns a page with some random data that resembles a valid
>> instruction, user-space can't execute this instruction until
>> special_mapping_fault() installs the page allocated in __create_xol_area().
>>
>> Again, I know nothing about arm64/icache/etc, I am just curious and trying
>> to understand...
>
> We defer the icache maintenance until set_pte_at() time, where we call
> __sync_icache_dcache() if we're installing a present, executable user
> eintry. That also elides the maintenance if PG_arch_1 is set (i.e. the
> kernel only takes responsibility for the freshly allocated page).
The newly allocated page should always have PG_arch_1 cleared, correct? Is it
possible for alloc_page() to return a page with PG_arch_1 set in the current
arm64 kernel?
>
> Will
>
>>
>> Oleg.
>>
--
BR
Liao, Chang
More information about the linux-arm-kernel
mailing list