From: "Christophe Leroy (CS GROUP)" <chleroy@kernel•org>
To: Ard Biesheuvel <ardb+git@google•com>,
linux-arm-kernel@lists•infradead.org
Cc: linux-kernel@vger•kernel.org, will@kernel•org,
catalin.marinas@arm•com, mark.rutland@arm•com,
Ard Biesheuvel <ardb@kernel•org>,
Ryan Roberts <ryan.roberts@arm•com>,
Anshuman Khandual <anshuman.khandual@arm•com>,
Kevin Brodsky <kevin.brodsky@arm•com>,
Liz Prucka <lizprucka@google•com>,
Seth Jenkins <sethjenkins@google•com>,
Kees Cook <kees@kernel•org>, Mike Rapoport <rppt@kernel•org>,
David Hildenbrand <david@kernel•org>,
Andrew Morton <akpm@linux-foundation•org>,
Jann Horn <jannh@google•com>,
linux-mm@kvack•org, linux-hardening@vger•kernel.org,
linuxppc-dev@lists•ozlabs.org, linux-sh@vger•kernel.org,
Madhavan Srinivasan <maddy@linux•ibm.com>,
Michael Ellerman <mpe@ellerman•id.au>,
Nicholas Piggin <npiggin@gmail•com>
Subject: Re: [PATCH v7 11/15] powerpc/code-patching: Avoid r/w mapping of the zero page
Date: Thu, 4 Jun 2026 09:43:19 +0200 [thread overview]
Message-ID: <11d2f0bd-baca-42aa-89ce-328a9d555f7e@kernel.org> (raw)
In-Reply-To: <20260529150150.1670604-28-ardb+git@google.com>
Le 29/05/2026 à 17:02, Ard Biesheuvel a écrit :
> From: Ard Biesheuvel <ardb@kernel•org>
>
> The only remaining use of map_patch_area() is mapping the zero page, and
> immediately unmapping it again so that the intermediate page table
> levels are all guaranteed to be populated.
>
> The use of the zero page here is completely arbitrary, and not harmful
> per se, but currently, it creates a writable mapping, and does so in a
> manner that requires that the empty_zero_page[] symbol is not
> const-qualified.
>
> Given that this is about to change, and that map_patch_area() now never
> maps anything other than the zero page, let's simplify the code and
> - remove the helpers and call [un]map_kernel_page() directly
> - take the PA of empty_zero_page directly
> - create a read-only temporary mapping.
>
> This allows empty_zero_page[] to be repainted as const u8[] in a
> subsequent patch, without making substantial changes to this code
> patching logic.
>
> Cc: Madhavan Srinivasan <maddy@linux•ibm.com>
> Cc: Michael Ellerman <mpe@ellerman•id.au>
> Cc: Nicholas Piggin <npiggin@gmail•com>
> Cc: "Christophe Leroy (CS GROUP)" <chleroy@kernel•org>
> Link: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.kernel.org%2Fall%2F20260520085423.485402-1-ardb%40kernel.org%2F&data=05%7C02%7Cchristophe.leroy%40csgroup.eu%7Ca75a9b5e25f14d0d9b2208debd935266%7C8b87af7d86474dc78df45f69a2011bb5%7C0%7C0%7C639156637598013085%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Q82ykchJOsuWlbmq%2BKFb2cTWIU4wGXbR53VQjNvgOCk%3D&reserved=0
> Signed-off-by: Ard Biesheuvel <ardb@kernel•org>
Reviewed-by: "Christophe Leroy (CS GROUP)" <chleroy@kernel•org>
> ---
> arch/powerpc/lib/code-patching.c | 52 +-------------------
> 1 file changed, 2 insertions(+), 50 deletions(-)
>
> diff --git a/arch/powerpc/lib/code-patching.c b/arch/powerpc/lib/code-patching.c
> index f84e0337cc02..44ff9f684bef 100644
> --- a/arch/powerpc/lib/code-patching.c
> +++ b/arch/powerpc/lib/code-patching.c
> @@ -60,9 +60,6 @@ struct patch_context {
>
> static DEFINE_PER_CPU(struct patch_context, cpu_patching_context);
>
> -static int map_patch_area(void *addr, unsigned long text_poke_addr);
> -static void unmap_patch_area(unsigned long addr);
> -
> static bool mm_patch_enabled(void)
> {
> return IS_ENABLED(CONFIG_SMP) && radix_enabled();
> @@ -117,11 +114,11 @@ static int text_area_cpu_up(unsigned int cpu)
>
> // Map/unmap the area to ensure all page tables are pre-allocated
> addr = (unsigned long)area->addr;
> - err = map_patch_area(empty_zero_page, addr);
> + err = map_kernel_page(addr, __pa_symbol(empty_zero_page), PAGE_KERNEL_RO);
> if (err)
> return err;
>
> - unmap_patch_area(addr);
> + unmap_kernel_page(addr);
>
> this_cpu_write(cpu_patching_context.area, area);
> this_cpu_write(cpu_patching_context.addr, addr);
> @@ -233,51 +230,6 @@ static unsigned long get_patch_pfn(void *addr)
> return __pa_symbol(addr) >> PAGE_SHIFT;
> }
>
> -/*
> - * This can be called for kernel text or a module.
> - */
> -static int map_patch_area(void *addr, unsigned long text_poke_addr)
> -{
> - unsigned long pfn = get_patch_pfn(addr);
> -
> - return map_kernel_page(text_poke_addr, (pfn << PAGE_SHIFT), PAGE_KERNEL);
> -}
> -
> -static void unmap_patch_area(unsigned long addr)
> -{
> - pte_t *ptep;
> - pmd_t *pmdp;
> - pud_t *pudp;
> - p4d_t *p4dp;
> - pgd_t *pgdp;
> -
> - pgdp = pgd_offset_k(addr);
> - if (WARN_ON(pgd_none(*pgdp)))
> - return;
> -
> - p4dp = p4d_offset(pgdp, addr);
> - if (WARN_ON(p4d_none(*p4dp)))
> - return;
> -
> - pudp = pud_offset(p4dp, addr);
> - if (WARN_ON(pud_none(*pudp)))
> - return;
> -
> - pmdp = pmd_offset(pudp, addr);
> - if (WARN_ON(pmd_none(*pmdp)))
> - return;
> -
> - ptep = pte_offset_kernel(pmdp, addr);
> - if (WARN_ON(pte_none(*ptep)))
> - return;
> -
> - /*
> - * In hash, pte_clear flushes the tlb, in radix, we have to
> - */
> - pte_clear(&init_mm, addr, ptep);
> - flush_tlb_kernel_range(addr, addr + PAGE_SIZE);
> -}
> -
> static int __do_patch_mem_mm(void *addr, unsigned long val, bool is_dword)
> {
> int err;
next prev parent reply other threads:[~2026-06-04 7:43 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-29 15:01 [PATCH v7 00/15] arm64: Unmap linear alias of kernel data/bss Ard Biesheuvel
2026-05-29 15:01 ` [PATCH v7 01/15] arm64: mm: Remove bogus stop condition from map_mem() loop Ard Biesheuvel
2026-05-29 15:01 ` [PATCH v7 02/15] arm64: mm: Drop redundant pgd_t* argument from map_mem() Ard Biesheuvel
2026-05-29 15:01 ` [PATCH v7 03/15] arm64: mm: Check for pud_/pmd_set_huge() failures on kernel mappings Ard Biesheuvel
2026-05-29 15:01 ` [PATCH v7 04/15] arm64: mm: Preserve existing table mappings when mapping DRAM Ard Biesheuvel
2026-05-29 15:01 ` [PATCH v7 05/15] arm64: mm: Preserve non-contiguous descriptors " Ard Biesheuvel
2026-05-29 15:01 ` [PATCH v7 06/15] arm64: mm: Permit contiguous descriptors to be manipulated Ard Biesheuvel
2026-05-29 15:01 ` [PATCH v7 07/15] arm64: kfence: Avoid NOMAP tricks when mapping the early pool Ard Biesheuvel
2026-06-01 10:42 ` Kevin Brodsky
2026-05-29 15:01 ` [PATCH v7 08/15] arm64: mm: Permit contiguous attribute for preliminary mappings Ard Biesheuvel
2026-05-29 15:02 ` [PATCH v7 09/15] arm64: Move fixmap and kasan page tables to end of kernel image Ard Biesheuvel
2026-05-29 15:02 ` [PATCH v7 10/15] arm64: mm: Don't abuse memblock NOMAP to check for overlaps Ard Biesheuvel
2026-06-01 10:43 ` Kevin Brodsky
2026-05-29 15:02 ` [PATCH v7 11/15] powerpc/code-patching: Avoid r/w mapping of the zero page Ard Biesheuvel
2026-06-03 18:03 ` Mukesh Kumar Chaurasiya
2026-06-04 7:43 ` Christophe Leroy (CS GROUP) [this message]
2026-05-29 15:02 ` [PATCH v7 12/15] sh: Drop cache flush of the zero page at boot Ard Biesheuvel
2026-05-30 16:19 ` Mike Rapoport
2026-06-01 8:11 ` Geert Uytterhoeven
2026-05-29 15:02 ` [PATCH v7 13/15] mm: Make empty_zero_page[] const Ard Biesheuvel
2026-05-29 15:02 ` [PATCH v7 14/15] arm64: mm: Map the kernel data/bss read-only in the linear map Ard Biesheuvel
2026-05-29 15:02 ` [PATCH v7 15/15] arm64: mm: Unmap kernel data/bss entirely from " Ard Biesheuvel
2026-06-01 10:43 ` Kevin Brodsky
2026-06-02 20:34 ` [PATCH v7 00/15] arm64: Unmap linear alias of kernel data/bss Will Deacon
2026-06-03 8:57 ` Ard Biesheuvel
2026-06-03 11:22 ` Will Deacon
2026-06-03 11:24 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=11d2f0bd-baca-42aa-89ce-328a9d555f7e@kernel.org \
--to=chleroy@kernel$(echo .)org \
--cc=akpm@linux-foundation$(echo .)org \
--cc=anshuman.khandual@arm$(echo .)com \
--cc=ardb+git@google$(echo .)com \
--cc=ardb@kernel$(echo .)org \
--cc=catalin.marinas@arm$(echo .)com \
--cc=david@kernel$(echo .)org \
--cc=jannh@google$(echo .)com \
--cc=kees@kernel$(echo .)org \
--cc=kevin.brodsky@arm$(echo .)com \
--cc=linux-arm-kernel@lists$(echo .)infradead.org \
--cc=linux-hardening@vger$(echo .)kernel.org \
--cc=linux-kernel@vger$(echo .)kernel.org \
--cc=linux-mm@kvack$(echo .)org \
--cc=linux-sh@vger$(echo .)kernel.org \
--cc=linuxppc-dev@lists$(echo .)ozlabs.org \
--cc=lizprucka@google$(echo .)com \
--cc=maddy@linux$(echo .)ibm.com \
--cc=mark.rutland@arm$(echo .)com \
--cc=mpe@ellerman$(echo .)id.au \
--cc=npiggin@gmail$(echo .)com \
--cc=rppt@kernel$(echo .)org \
--cc=ryan.roberts@arm$(echo .)com \
--cc=sethjenkins@google$(echo .)com \
--cc=will@kernel$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox