[RFC PATCH 0/3] make persistent huge zero folio read-only

public inbox for linux-arm-kernel@lists.infradead.org 
 help / color / mirror / Atom feed

From: Xueyuan chen <xueyuan.chen21@gmail•com>
To: akpm@linux-foundation•org, linux-mm@kvack•org
Cc: linux-kernel@vger•kernel.org,
	linux-arm-kernel@lists•infradead.org, x86@kernel•org,
	catalin.marinas@arm•com, will@kernel•org, tglx@kernel•org,
	mingo@redhat•com, bp@alien8•de, dave.hansen@linux•intel.com,
	hpa@zytor•com, david@kernel•org, ljs@kernel•org, ziy@nvidia•com,
	baolin.wang@linux•alibaba.com, ryan.roberts@arm•com,
	dev.jain@arm•com, lance.yang@linux•dev,
	yang@os•amperecomputing.com, jannh@google•com,
	Xueyuan Chen <xueyuan.chen21@gmail•com>
Subject: [RFC PATCH 0/3] make persistent huge zero folio read-only
Date: Wed, 27 May 2026 11:56:04 +0800	[thread overview]
Message-ID: <20260527035607.14919-1-xueyuan.chen21@gmail.com> (raw)

From: Xueyuan Chen <xueyuan.chen21@gmail•com>

Hi all,

This series makes the persistent huge zero folio read-only in the direct
map.

The motivation comes from Jann Horn's read-only zero page work[1] and the
follow-up discussion[2] with Yang Shi. As Jann pointed out, the kernel has
had bugs, including security bugs, where pages taken with read-only
semantics were later written to. For the huge zero folio, making the direct
map read-only turns such writes into faults instead of silently corrupting
shared zero contents.

The permission change is best effort. If the architecture cannot safely
make the direct map read-only, the kernel keeps using the writable
persistent huge zero folio.

Patch 1 adds the generic support for making the persistent huge zero folio
read-only. Patches 2 and 3 add arm64 and x86 support.

[1] https://lore.kernel.org/linux-mm/20260508-ro-zeropage-v1-1-9808abc20b49@google.com/
[2] https://lore.kernel.org/linux-mm/CAHbLzkrXXe7r3n3jXgDKtwZhRqj=jDx9E6dLOULohnhBguvi9A@mail.gmail.com/

Xueyuan Chen (3):
  mm: make persistent huge zero folio read-only
  arm64/mm: make huge zero folio read-only in linear map
  x86/mm: make huge zero folio read-only in direct map

 arch/arm64/Kconfig       |  1 +
 arch/arm64/mm/pageattr.c | 16 ++++++++++++++++
 arch/x86/Kconfig         |  1 +
 arch/x86/mm/init.c       | 11 +++++++++++
 include/linux/huge_mm.h  |  5 +++++
 mm/Kconfig               | 17 +++++++++++++++++
 mm/huge_memory.c         | 25 ++++++++++++++++++++++++-
 7 files changed, 75 insertions(+), 1 deletion(-)

-- 
2.47.3

next             reply	other threads:[~2026-05-27  3:56 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-27  3:56 Xueyuan chen [this message]
2026-05-27  3:56 ` [RFC PATCH 1/3] mm: make persistent huge zero folio read-only Xueyuan chen
2026-05-27 13:32   ` Dev Jain
2026-05-27 23:03     ` Xueyuan Chen
2026-05-27 15:55   ` Dave Hansen
2026-05-27 16:20     ` Jann Horn
2026-05-28 18:43       ` Yang Shi
2026-05-29  3:09         ` Lance Yang
2026-06-01 13:49     ` David Hildenbrand (Arm)
2026-06-01 15:43       ` Lance Yang
2026-06-01 15:46         ` David Hildenbrand (Arm)
2026-05-27  3:56 ` [RFC PATCH 2/3] arm64/mm: make huge zero folio read-only in linear map Xueyuan chen
2026-05-27  3:56 ` [RFC PATCH 3/3] x86/mm: make huge zero folio read-only in direct map Xueyuan chen
2026-05-27 15:58 ` [RFC PATCH 0/3] make persistent huge zero folio read-only Dave Hansen
2026-05-30  7:46   ` Lance Yang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260527035607.14919-1-xueyuan.chen21@gmail.com \
    --to=xueyuan.chen21@gmail$(echo .)com \
    --cc=akpm@linux-foundation$(echo .)org \
    --cc=baolin.wang@linux$(echo .)alibaba.com \
    --cc=bp@alien8$(echo .)de \
    --cc=catalin.marinas@arm$(echo .)com \
    --cc=dave.hansen@linux$(echo .)intel.com \
    --cc=david@kernel$(echo .)org \
    --cc=dev.jain@arm$(echo .)com \
    --cc=hpa@zytor$(echo .)com \
    --cc=jannh@google$(echo .)com \
    --cc=lance.yang@linux$(echo .)dev \
    --cc=linux-arm-kernel@lists$(echo .)infradead.org \
    --cc=linux-kernel@vger$(echo .)kernel.org \
    --cc=linux-mm@kvack$(echo .)org \
    --cc=ljs@kernel$(echo .)org \
    --cc=mingo@redhat$(echo .)com \
    --cc=ryan.roberts@arm$(echo .)com \
    --cc=tglx@kernel$(echo .)org \
    --cc=will@kernel$(echo .)org \
    --cc=x86@kernel$(echo .)org \
    --cc=yang@os$(echo .)amperecomputing.com \
    --cc=ziy@nvidia$(echo .)com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox