Re: [PATCH v5 13/16] powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX
On Jun 16 2019, christophe leroy wrote: > If any of registers IBATs 4 to 7 are used, could you adjust > CONFIG_ETEXT_SHIFT so that only IBATs 0 to 3 be used, and check if > suspend/resume works when IBATs 4 to 7 are not used ? I forgot to remove my patch. With only 0-3 used, suspend/resume works. Andreas. -- Andreas Schwab, sch...@linux-m68k.org GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1 "And now for something completely different."
Re: [PATCH v5 13/16] powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX
On Jun 16 2019, christophe leroy wrote: > If any of registers IBATs 4 to 7 are used Nope. Andreas. -- Andreas Schwab, sch...@linux-m68k.org GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1 "And now for something completely different."
Re: [PATCH v5 13/16] powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX
On Jun 16 2019, christophe leroy wrote: > Le 15/06/2019 à 14:28, Andreas Schwab a écrit : >> On Feb 21 2019, Christophe Leroy wrote: >> >>> diff --git a/arch/powerpc/mm/pgtable_32.c b/arch/powerpc/mm/pgtable_32.c >>> index a000768a5cc9..6e56a6240bfa 100644 >>> --- a/arch/powerpc/mm/pgtable_32.c >>> +++ b/arch/powerpc/mm/pgtable_32.c >>> @@ -353,7 +353,10 @@ void mark_initmem_nx(void) >>> unsigned long numpages = PFN_UP((unsigned long)_einittext) - >>> PFN_DOWN((unsigned long)_sinittext); >>> - change_page_attr(page, numpages, PAGE_KERNEL); >>> + if (v_block_mapped((unsigned long)_stext) + 1) >> >> That is always true. >> > > Did you boot with 'nobats' kernel parameter ? > > If not, that's normal to be true, it means that memory is mapped with BATs. bool + 1 is always true. Andreas. -- Andreas Schwab, sch...@linux-m68k.org GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1 "And now for something completely different."
Re: [PATCH v5 13/16] powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX
Le 15/06/2019 à 14:28, Andreas Schwab a écrit : On Feb 21 2019, Christophe Leroy wrote: diff --git a/arch/powerpc/mm/pgtable_32.c b/arch/powerpc/mm/pgtable_32.c index a000768a5cc9..6e56a6240bfa 100644 --- a/arch/powerpc/mm/pgtable_32.c +++ b/arch/powerpc/mm/pgtable_32.c @@ -353,7 +353,10 @@ void mark_initmem_nx(void) unsigned long numpages = PFN_UP((unsigned long)_einittext) - PFN_DOWN((unsigned long)_sinittext); - change_page_attr(page, numpages, PAGE_KERNEL); + if (v_block_mapped((unsigned long)_stext) + 1) That is always true. Did you boot with 'nobats' kernel parameter ? If not, that's normal to be true, it means that memory is mapped with BATs. When you boot with 'nobats' parameter, this should return false. Christophe --- L'absence de virus dans ce courrier électronique a été vérifiée par le logiciel antivirus Avast. https://www.avast.com/antivirus
Re: [PATCH v5 13/16] powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX
Le 15/06/2019 à 13:23, Andreas Schwab a écrit : This breaks suspend (or resume) on the iBook G4. no_console_suspend doesn't give any clues, the display just stays dark. After a quick look at the suspend functions, I have the feeling that those functions only store and restore BATs 0 to 3. Could you build your kernel with CONFIG_PPC_PTDUMP and see in file /sys/kernel/debug/powerpc/segment_registers how many IBATs registers are used. If any of registers IBATs 4 to 7 are used, could you adjust CONFIG_ETEXT_SHIFT so that only IBATs 0 to 3 be used, and check if suspend/resume works when IBATs 4 to 7 are not used ? Thanks Christophe --- L'absence de virus dans ce courrier électronique a été vérifiée par le logiciel antivirus Avast. https://www.avast.com/antivirus
Re: [PATCH v5 13/16] powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX
Andreas Schwab a écrit : This breaks suspend (or resume) on the iBook G4. no_console_suspend doesn't give any clues, the display just stays dark. Can you send your .config Thanks Christophe Andreas. -- Andreas Schwab, sch...@linux-m68k.org GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1 "And now for something completely different."
Re: [PATCH v5 13/16] powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX
On Feb 21 2019, Christophe Leroy wrote: > diff --git a/arch/powerpc/mm/pgtable_32.c b/arch/powerpc/mm/pgtable_32.c > index a000768a5cc9..6e56a6240bfa 100644 > --- a/arch/powerpc/mm/pgtable_32.c > +++ b/arch/powerpc/mm/pgtable_32.c > @@ -353,7 +353,10 @@ void mark_initmem_nx(void) > unsigned long numpages = PFN_UP((unsigned long)_einittext) - >PFN_DOWN((unsigned long)_sinittext); > > - change_page_attr(page, numpages, PAGE_KERNEL); > + if (v_block_mapped((unsigned long)_stext) + 1) That is always true. Andreas. -- Andreas Schwab, sch...@linux-m68k.org GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1 "And now for something completely different."
Re: [PATCH v5 13/16] powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX
This breaks suspend (or resume) on the iBook G4. no_console_suspend doesn't give any clues, the display just stays dark. Andreas. -- Andreas Schwab, sch...@linux-m68k.org GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1 "And now for something completely different."
[PATCH v5 13/16] powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX
Today, STRICT_KERNEL_RWX is based on the use of regular pages to map kernel pages. On Book3s 32, it has three consequences: - Using pages instead of BAT for mapping kernel linear memory severely impacts performance. - Exec protection is not effective because no-execute cannot be set at page level (except on 603 which doesn't have hash tables) - Write protection is not effective because PP bits do not provide RO mode for kernel-only pages (except on 603 which handles it in software via PAGE_DIRTY) On the 603+, we have: - Independent IBAT and DBAT allowing limitation of exec parts. - NX bit can be set in segment registers to forbit execution on memory mapped by pages. - RO mode on DBATs even for kernel-only blocks. On the 601, there is nothing much we can do other than warn the user about it, because: - BATs are common to instructions and data. - BAT do not provide RO mode for kernel-only blocks. - segment registers don't have the NX bit. In order to use IBAT for exec protection, this patch: - Aligns _etext to BAT block sizes (128kb) - Set NX bit in kernel segment register (Except on vmalloc area when CONFIG_MODULES is selected) - Maps kernel text with IBATs. In order to use DBAT for exec protection, this patch: - Aligns RW DATA to BAT block sizes (4M) - Maps kernel RO area with write prohibited DBATs - Maps remaining memory with remaining DBATs Here is what we get with this patch on a 832x when activating STRICT_KERNEL_RWX: Symbols: c000 T _stext c068 R __start_rodata c068 R _etext c080 T __init_begin c080 T _sinittext ~# cat /sys/kernel/debug/block_address_translation ---[ Instruction Block Address Translation ]--- 0: 0xc000-0xc03f 0x Kernel EXEC coherent 1: 0xc040-0xc05f 0x0040 Kernel EXEC coherent 2: 0xc060-0xc067 0x0060 Kernel EXEC coherent 3: - 4: - 5: - 6: - 7: - ---[ Data Block Address Translation ]--- 0: 0xc000-0xc07f 0x Kernel RO coherent 1: 0xc080-0xc0ff 0x0080 Kernel RW coherent 2: 0xc100-0xc1ff 0x0100 Kernel RW coherent 3: 0xc200-0xc3ff 0x0200 Kernel RW coherent 4: 0xc400-0xc7ff 0x0400 Kernel RW coherent 5: 0xc800-0xcfff 0x0800 Kernel RW coherent 6: 0xd000-0xdfff 0x1000 Kernel RW coherent 7: - ~# cat /sys/kernel/debug/segment_registers ---[ User Segments ]--- 0x-0x0fff Kern key 1 User key 1 VSID 0xa085d0 0x1000-0x1fff Kern key 1 User key 1 VSID 0xa086e1 0x2000-0x2fff Kern key 1 User key 1 VSID 0xa087f2 0x3000-0x3fff Kern key 1 User key 1 VSID 0xa08903 0x4000-0x4fff Kern key 1 User key 1 VSID 0xa08a14 0x5000-0x5fff Kern key 1 User key 1 VSID 0xa08b25 0x6000-0x6fff Kern key 1 User key 1 VSID 0xa08c36 0x7000-0x7fff Kern key 1 User key 1 VSID 0xa08d47 0x8000-0x8fff Kern key 1 User key 1 VSID 0xa08e58 0x9000-0x9fff Kern key 1 User key 1 VSID 0xa08f69 0xa000-0xafff Kern key 1 User key 1 VSID 0xa0907a 0xb000-0xbfff Kern key 1 User key 1 VSID 0xa0918b ---[ Kernel Segments ]--- 0xc000-0xcfff Kern key 0 User key 1 No Exec VSID 0x000ccc 0xd000-0xdfff Kern key 0 User key 1 No Exec VSID 0x000ddd 0xe000-0xefff Kern key 0 User key 1 No Exec VSID 0x000eee 0xf000-0x Kern key 0 User key 1 No Exec VSID 0x000fff Aligning _etext to 128kb allows to map up to 32Mb text with 8 IBATs: 16Mb + 8Mb + 4Mb + 2Mb + 1Mb + 512kb + 256kb + 128kb (+ 128kb) = 32Mb (A 9th IBAT is unneeded as 32Mb would need only a single 32Mb block) Aligning data to 4M allows to map up to 512Mb data with 8 DBATs: 16Mb + 8Mb + 4Mb + 4Mb + 32Mb + 64Mb + 128Mb + 256Mb = 512Mb Because some processors only have 4 BATs and because some targets need DBATs for mapping other areas, the following patch will allow to modify _etext and data alignment. Signed-off-by: Christophe Leroy Signed-off-by: Christophe Leroy --- arch/powerpc/Kconfig | 2 + arch/powerpc/include/asm/book3s/32/pgtable.h | 11 arch/powerpc/mm/init_32.c| 4 +- arch/powerpc/mm/mmu_decl.h | 8 +++ arch/powerpc/mm/pgtable_32.c | 10 +++- arch/powerpc/mm/ppc_mmu_32.c | 87 ++-- 6 files changed, 112 insertions(+), 10 deletions(-) diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index edef40a2b446..640a7cfba9d0 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -727,11 +727,13 @@ config THREAD_SHIFT config ETEXT_SHIFT int + default 17 if STRICT_KERNEL_RWX && PPC_BOOK3S_32 default PPC_PAGE_SHIFT config DATA_SHIFT int default 24 if STRICT_KERNEL_RWX && PPC64 + default 22 if STRICT_KERNEL_RWX && PPC_BOOK3S_32 default PPC_PAGE_SHIFT config FORCE_MAX_ZONEORDER diff --git a/arch/powerpc/include/asm/book3s/32/pgtable.h