Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 29 Nov 2018 06:14:20 +0000
From: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To: "luto@...nel.org" <luto@...nel.org>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"daniel@...earbox.net" <daniel@...earbox.net>, "jeyu@...nel.org"
	<jeyu@...nel.org>, "rostedt@...dmis.org" <rostedt@...dmis.org>,
	"ast@...nel.org" <ast@...nel.org>, "ard.biesheuvel@...aro.org"
	<ard.biesheuvel@...aro.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>,
	"jannh@...gle.com" <jannh@...gle.com>, "Dock, Deneen T"
	<deneen.t.dock@...el.com>, "kristen@...ux.intel.com"
	<kristen@...ux.intel.com>, "akpm@...ux-foundation.org"
	<akpm@...ux-foundation.org>, "will.deacon@....com" <will.deacon@....com>,
	"mingo@...hat.com" <mingo@...hat.com>, "kernel-hardening@...ts.openwall.com"
	<kernel-hardening@...ts.openwall.com>, "Keshavamurthy, Anil S"
	<anil.s.keshavamurthy@...el.com>, "mhiramat@...nel.org"
	<mhiramat@...nel.org>, "naveen.n.rao@...ux.vnet.ibm.com"
	<naveen.n.rao@...ux.vnet.ibm.com>, "davem@...emloft.net"
	<davem@...emloft.net>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	"Hansen, Dave" <dave.hansen@...el.com>
Subject: Re: [PATCH 2/2] x86/modules: Make x86 allocs to flush when free

On Wed, 2018-11-28 at 17:40 -0800, Andy Lutomirski wrote:
> > On Nov 27, 2018, at 4:07 PM, Rick Edgecombe <
> > rick.p.edgecombe@...el.com> wrote:
> > 
> > Change the module allocations to flush before freeing the pages.
> > 
> > Signed-off-by: Rick Edgecombe <rick.p.edgecombe@...el.com>
> > ---
> > arch/x86/kernel/module.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> > 
> > diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c
> > index b052e883dd8c..1694daf256b3 100644
> > --- a/arch/x86/kernel/module.c
> > +++ b/arch/x86/kernel/module.c
> > @@ -87,8 +87,8 @@ void *module_alloc(unsigned long size)
> >    p = __vmalloc_node_range(size, MODULE_ALIGN,
> >                    MODULES_VADDR + get_module_load_offset(),
> >                    MODULES_END, GFP_KERNEL,
> > -                    PAGE_KERNEL_EXEC, 0, NUMA_NO_NODE,
> > -                    __builtin_return_address(0));
> > +                    PAGE_KERNEL_EXEC, VM_IMMEDIATE_UNMAP,
> > +                    NUMA_NO_NODE, __builtin_return_address(0));
> 
> Hmm. How awful is the resulting performance for heavy eBPF
> users?  I’m
> wondering if the JIT will need some kind of cache to reuse
> allocations.
I think it should have no effect for x86 at least. On allocation there
is only the setting of the flag. For free-ing there is of course a new
TLB flush, but it happens in way that should remove one elsewhere for
BPF.

On x86 today there are actually already 3 flushes for the operation
around a module_alloc JIT free. What's happening is there are two
allocations that are RO: the JIT and some data. When freeing, first the
JIT is set RW, then vfreed. So this causes 1 TLB flush from the
set_memory_rw, and there is now a lazy vmap area from the vfree. When
the data allocation is set to RW, vm_unmap_aliases() is called in
pageattr.c:change_page_attr_set_clr, so it will cause a flush from
clearing the lazy area, then there is the third flush as part of the
permissions change like usual.

Since now the JIT vfree will call vm_unmap_aliases(), it should not
trigger a TLB flush in the second permission change, so remain at 3.
> >    if (p && (kasan_module_alloc(p, size) < 0)) {
> >        vfree(p);
> >        return NULL;
> > --
> > 2.17.1
> > 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.