From nobody Tue Oct 7 13:28:37 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EF2142E4266; Wed, 9 Jul 2025 13:49:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752068989; cv=none; b=l3updz+E4/UA+qidxglpXpjqeal96+KQtcWML/WxcJOegjCEliBsx/NMw+VxrE2OnEn3Vrgd0mK2a/3g66NbGb1EFAnEFqDhG964xibdkpDVysAClmZGTz8OCKnDDlb/aaHPu+daEEM724eO5bMpymw0U7lSkVzITavDNoPMeg8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752068989; c=relaxed/simple; bh=vyVIGCtc0jVROOiaoRDc63+XloT/k7Y60usHpVt467Y=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=lZQo7B18W9e0edPGhp8PbQi2avbwKQUNFdfasUxYs1AQnG1Gk3lK72aI12oCBYSPDLf3QGI/L00xx/uy4fupAcF7K52aeqqJpFFEUW68k67xtGvUHFRZH2t66F+TIr8uYg1SOIngwbLOGHNa9hSGU+0FWQZiwDx0It5+albtiH0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Et5FV+0A; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Et5FV+0A" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 45C13C4CEF4; Wed, 9 Jul 2025 13:49:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752068988; bh=vyVIGCtc0jVROOiaoRDc63+XloT/k7Y60usHpVt467Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Et5FV+0ADwZBa7ZC5uNEgDWPKMDofqqx7qOQ+s9lYbb3CMnSMy57OdiPDnvMQZsp2 taoKecEZFNt3sN8ocvrmnUxUWkrGSqJEg/cwERxPFEXwqlgabCSFkcbusjfZNSW6wM Z4kJZqYUnmJeT3hDhJHJf8hhTQhHHQH/0q9gC4HkyTqRRXI0h7Z7YabVox09Kt/lP+ Wkq+Vw4fPRRRUHU62XJXBnZy35KhN1qCwJBoThgf09DeMsPRDdgxrs2LIPYzUydNtE ECGyOPNuk+J7jM2WZ+cnmAlLbJBydE2lLzHspDLAltASfu73yweEhxkqbcxTAYjJN3 G51mACWMuXuVQ== From: Mike Rapoport To: Andrew Morton Cc: Andy Lutomirski , Borislav Petkov , Christophe Leroy , Daniel Gomez , Dave Hansen , Ingo Molnar , "Liam R. Howlett" , Luis Chamberlain , Mark Rutland , Masami Hiramatsu , Mike Rapoport , "H. Peter Anvin" , Peter Zijlstra , Petr Pavlu , Sami Tolvanen , Steven Rostedt , Thomas Gleixner , Yann Ylavic , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, linux-trace-kernel@vger.kernel.org, x86@kernel.org Subject: [PATCH v2 1/8] execmem: drop unused execmem_update_copy() Date: Wed, 9 Jul 2025 16:49:26 +0300 Message-ID: <20250709134933.3848895-2-rppt@kernel.org> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250709134933.3848895-1-rppt@kernel.org> References: <20250709134933.3848895-1-rppt@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: "Mike Rapoport (Microsoft)" The execmem_update_copy() that used text poking was required when memory allocated from ROX cache was always read-only. Since now its permissions can be switched to read-write there is no need in a function that updates memory with text poking. Remove it. Signed-off-by: Mike Rapoport (Microsoft) Acked-by: Peter Zijlstra (Intel) --- include/linux/execmem.h | 13 ------------- mm/execmem.c | 5 ----- 2 files changed, 18 deletions(-) diff --git a/include/linux/execmem.h b/include/linux/execmem.h index 3be35680a54f..734fbe83d98e 100644 --- a/include/linux/execmem.h +++ b/include/linux/execmem.h @@ -185,19 +185,6 @@ DEFINE_FREE(execmem, void *, if (_T) execmem_free(_T)); struct vm_struct *execmem_vmap(size_t size); #endif =20 -/** - * execmem_update_copy - copy an update to executable memory - * @dst: destination address to update - * @src: source address containing the data - * @size: how many bytes of memory shold be copied - * - * Copy @size bytes from @src to @dst using text poking if the memory at - * @dst is read-only. - * - * Return: a pointer to @dst or NULL on error - */ -void *execmem_update_copy(void *dst, const void *src, size_t size); - /** * execmem_is_rox - check if execmem is read-only * @type - the execmem type to check diff --git a/mm/execmem.c b/mm/execmem.c index 2b683e7d864d..0712ebb4eb77 100644 --- a/mm/execmem.c +++ b/mm/execmem.c @@ -399,11 +399,6 @@ void execmem_free(void *ptr) vfree(ptr); } =20 -void *execmem_update_copy(void *dst, const void *src, size_t size) -{ - return text_poke_copy(dst, src, size); -} - bool execmem_is_rox(enum execmem_type type) { return !!(execmem_info->ranges[type].flags & EXECMEM_ROX_CACHE); --=20 2.47.2 From nobody Tue Oct 7 13:28:37 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6B4EEBE4A; Wed, 9 Jul 2025 13:49:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752068995; cv=none; b=jXONs44nHXuisG7NytNSEBn0/5bFDBvfv7f/a2oW6v3xngEWiMAk6Yvp5AkWIO3e/uvSWwsP7Aa7WQ+GUm4peXStGwTU+D9Qoi1ucRX4zGyNhqwXCN516azsLEq9sbNeLrPjHywWFR3vcM+Ujv2yH7xKrvpghfRRBDF722SsUhs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752068995; c=relaxed/simple; bh=NrvBoIv7ihWz3msr5ucNgQMNcZ4XLlRn/Kum2bPi/3o=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FPxgNe3WOG1K/0lO+LKuN3G6ZwFF9OD3xwTzv4xG9o2HNcDa+FnASRibTtbVTyaAie24ZCPrJlBwUgtikDgQVgzeObFiVSKSH2inBHhIs7WmS9jwtMsyG+L2jNJHWTcbUKNleuW4PATyCbyxCCqfuiwwoCZTaYVlxi0KZ2ZLJyA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=FCHSnLqs; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="FCHSnLqs" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5AE75C4CEF1; Wed, 9 Jul 2025 13:49:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752068994; bh=NrvBoIv7ihWz3msr5ucNgQMNcZ4XLlRn/Kum2bPi/3o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=FCHSnLqs7TP//QU/xFeQP80uOujzFdZryawOScaDjys/43cMqUe5rrA2XhVwuKD87 sozc0iIvGcC+JWZH3v5hhw/4Ikzi4tEPEJCcmgcYSZHIM4lSwKwlgwP3jDg1wBfuXh vKUpr7j9ezdow7SFhsBAkH4XFm6/mFvx0l0S7IdPjkVf+n2nH8ENgo0TG2Y/5uQuH/ mo9kyqWkxt8g5jOkzUN1HNEpo5WmwSV1vaMJ3ZHxnTl2HRoaPJ5lNwCBBRRoo4+kVX axpQGPmKUQCHlRxYAOEmpQLfllXL7DKKk1bqcS6xkjMPjZrkHz0v/vUylwkNEVIynF E8N7WxdsnKOJQ== From: Mike Rapoport To: Andrew Morton Cc: Andy Lutomirski , Borislav Petkov , Christophe Leroy , Daniel Gomez , Dave Hansen , Ingo Molnar , "Liam R. Howlett" , Luis Chamberlain , Mark Rutland , Masami Hiramatsu , Mike Rapoport , "H. Peter Anvin" , Peter Zijlstra , Petr Pavlu , Sami Tolvanen , Steven Rostedt , Thomas Gleixner , Yann Ylavic , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, linux-trace-kernel@vger.kernel.org, x86@kernel.org Subject: [PATCH v2 2/8] execmem: introduce execmem_alloc_rw() Date: Wed, 9 Jul 2025 16:49:27 +0300 Message-ID: <20250709134933.3848895-3-rppt@kernel.org> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250709134933.3848895-1-rppt@kernel.org> References: <20250709134933.3848895-1-rppt@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: "Mike Rapoport (Microsoft)" Some callers of execmem_alloc() require the memory to be temporarily writable even when it is allocated from ROX cache. These callers use execemem_make_temp_rw() right after the call to execmem_alloc(). Wrap this sequence in execmem_alloc_rw() API. Signed-off-by: Mike Rapoport (Microsoft) Acked-by: Peter Zijlstra (Intel) Reviewed-by: Daniel Gomez Reviewed-by: Petr Pavlu --- arch/x86/kernel/alternative.c | 3 +-- include/linux/execmem.h | 38 ++++++++++++++++++++--------------- kernel/module/main.c | 13 ++---------- mm/execmem.c | 27 ++++++++++++++++++++++++- 4 files changed, 51 insertions(+), 30 deletions(-) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index ea1d984166cd..526a5fef93ab 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -120,7 +120,7 @@ struct its_array its_pages; =20 static void *__its_alloc(struct its_array *pages) { - void *page __free(execmem) =3D execmem_alloc(EXECMEM_MODULE_TEXT, PAGE_SI= ZE); + void *page __free(execmem) =3D execmem_alloc_rw(EXECMEM_MODULE_TEXT, PAGE= _SIZE); if (!page) return NULL; =20 @@ -237,7 +237,6 @@ static void *its_alloc(void) if (!page) return NULL; =20 - execmem_make_temp_rw(page, PAGE_SIZE); if (pages =3D=3D &its_pages) set_memory_x((unsigned long)page, 1); =20 diff --git a/include/linux/execmem.h b/include/linux/execmem.h index 734fbe83d98e..4e510d1c609c 100644 --- a/include/linux/execmem.h +++ b/include/linux/execmem.h @@ -67,21 +67,6 @@ enum execmem_range_flags { */ void execmem_fill_trapping_insns(void *ptr, size_t size, bool writable); =20 -/** - * execmem_make_temp_rw - temporarily remap region with read-write - * permissions - * @ptr: address of the region to remap - * @size: size of the region to remap - * - * Remaps a part of the cached large page in the ROX cache in the range - * [@ptr, @ptr + @size) as writable and not executable. The caller must - * have exclusive ownership of this range and ensure nothing will try to - * execute code in this range. - * - * Return: 0 on success or negative error code on failure. - */ -int execmem_make_temp_rw(void *ptr, size_t size); - /** * execmem_restore_rox - restore read-only-execute permissions * @ptr: address of the region to remap @@ -95,7 +80,6 @@ int execmem_make_temp_rw(void *ptr, size_t size); */ int execmem_restore_rox(void *ptr, size_t size); #else -static inline int execmem_make_temp_rw(void *ptr, size_t size) { return 0;= } static inline int execmem_restore_rox(void *ptr, size_t size) { return 0; } #endif =20 @@ -165,6 +149,28 @@ struct execmem_info *execmem_arch_setup(void); */ void *execmem_alloc(enum execmem_type type, size_t size); =20 +/** + * execmem_alloc_rw - allocate writatble executable memory + * @type: type of the allocation + * @size: how many bytes of memory are required + * + * Allocates memory that will contain executable code, either generated or + * loaded from kernel modules. + * + * Allocates memory that will contain data coupled with executable code, + * like data sections in kernel modules. + * + * Forces writable permissions on the allocated memory and the caller is + * responsible to manage the permissions afterwards. + * + * For architectures that use ROX cache the permissions will be set to R+W. + * For architectures that don't use ROX cache the default permissions for = @type + * will be used as they must be writable. + * + * Return: a pointer to the allocated memory or %NULL + */ +void *execmem_alloc_rw(enum execmem_type type, size_t size); + /** * execmem_free - free executable memory * @ptr: pointer to the memory that should be freed diff --git a/kernel/module/main.c b/kernel/module/main.c index 413ac6ea3702..d009326ef7bb 100644 --- a/kernel/module/main.c +++ b/kernel/module/main.c @@ -1292,20 +1292,11 @@ static int module_memory_alloc(struct module *mod, = enum mod_mem_type type) else execmem_type =3D EXECMEM_MODULE_TEXT; =20 - ptr =3D execmem_alloc(execmem_type, size); + ptr =3D execmem_alloc_rw(execmem_type, size); if (!ptr) return -ENOMEM; =20 - if (execmem_is_rox(execmem_type)) { - int err =3D execmem_make_temp_rw(ptr, size); - - if (err) { - execmem_free(ptr); - return -ENOMEM; - } - - mod->mem[type].is_rox =3D true; - } + mod->mem[type].is_rox =3D execmem_is_rox(execmem_type); =20 /* * The pointer to these blocks of memory are stored on the module diff --git a/mm/execmem.c b/mm/execmem.c index 0712ebb4eb77..6b040fbc5f4f 100644 --- a/mm/execmem.c +++ b/mm/execmem.c @@ -336,7 +336,7 @@ static bool execmem_cache_free(void *ptr) return true; } =20 -int execmem_make_temp_rw(void *ptr, size_t size) +static int execmem_force_rw(void *ptr, size_t size) { unsigned int nr =3D PAGE_ALIGN(size) >> PAGE_SHIFT; unsigned long addr =3D (unsigned long)ptr; @@ -358,6 +358,16 @@ int execmem_restore_rox(void *ptr, size_t size) } =20 #else /* CONFIG_ARCH_HAS_EXECMEM_ROX */ +/* + * when ROX cache is not used the permissions defined by architectures for + * execmem ranges that are updated before use (e.g. EXECMEM_MODULE_TEXT) m= ust + * be writable anyway + */ +static inline int execmem_force_rw(void *ptr, size_t size) +{ + return 0; +} + static void *execmem_cache_alloc(struct execmem_range *range, size_t size) { return NULL; @@ -387,6 +397,21 @@ void *execmem_alloc(enum execmem_type type, size_t siz= e) return kasan_reset_tag(p); } =20 +void *execmem_alloc_rw(enum execmem_type type, size_t size) +{ + void *p __free(execmem) =3D execmem_alloc(type, size); + int err; + + if (!p) + return NULL; + + err =3D execmem_force_rw(p, size); + if (err) + return NULL; + + return no_free_ptr(p); +} + void execmem_free(void *ptr) { /* --=20 2.47.2 From nobody Tue Oct 7 13:28:37 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8A4BFA923; Wed, 9 Jul 2025 13:50:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069001; cv=none; b=t3fsjSkEqWtvTyQnbjcg1hXcB7DYpu0fubIUa5tcCNO+vcoipY0ehavHXieclasi73Vn0Bkb+nWZRoo2yIyiOEBQ2NLbsxcdi/W8zrpXXlX5fxK4AE7x0EiR9LhZ/GTCm/0mbnB6KoCXC5+qhhesgDnlV7lAtvTywYRUAujMSBE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069001; c=relaxed/simple; bh=2EJZ9+aB/E5JNkmaeT8QY2pqIApZJVO2kuQHP+iIbQI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=iSoW3LWX0+6Mrxokkkf1WCqc4lW5ZqWdM0qC0yLZnGUidHFdq+Fubvk28P14dP4Qh2oCqjVpLLWP6HGWHnX/5Zg7MVB1hOfwZrGhjVnTf/o0Q2KpSmiNqedpf5IGrdZJfcmbDgvuM7eDRfVDl8hq9AU7GxMxFN3hPRClBoED6ng= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=qv0TVJVV; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="qv0TVJVV" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6E5B6C4CEEF; Wed, 9 Jul 2025 13:49:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752069001; bh=2EJZ9+aB/E5JNkmaeT8QY2pqIApZJVO2kuQHP+iIbQI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=qv0TVJVVFILyhiJ07rmM2QkXyhZw3eWuUqSiiJFuqIKYREmQJdbXlo1ydYetRUV/Q 6pq7HnIV70A+FY4Yyg9S8PSunITrE7M+rpWbrZbZH0Cth1MXBjHR83573BR3awXc2k VL3WTsF2m+B1ZLDW0AbK4aFS2IkzcjjCnu1+VpV8WtA1AfQITIvf7Vh14y5CpS2JWi 3IdMPfvL3K9WlefR9X1eLsdYUUgQUSU61PP/FpVqEeWgnYVARIGgy5xHJc3Cuuz0By 214qqcDhO1GoOQZ5CxWgbFk3UwmBkndOBXsHJyb1lppDMeLGVJGQAY3p19cHgzASj1 iYdenymGUPpdQ== From: Mike Rapoport To: Andrew Morton Cc: Andy Lutomirski , Borislav Petkov , Christophe Leroy , Daniel Gomez , Dave Hansen , Ingo Molnar , "Liam R. Howlett" , Luis Chamberlain , Mark Rutland , Masami Hiramatsu , Mike Rapoport , "H. Peter Anvin" , Peter Zijlstra , Petr Pavlu , Sami Tolvanen , Steven Rostedt , Thomas Gleixner , Yann Ylavic , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, linux-trace-kernel@vger.kernel.org, x86@kernel.org Subject: [PATCH v2 3/8] execmem: rework execmem_cache_free() Date: Wed, 9 Jul 2025 16:49:28 +0300 Message-ID: <20250709134933.3848895-4-rppt@kernel.org> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250709134933.3848895-1-rppt@kernel.org> References: <20250709134933.3848895-1-rppt@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: "Mike Rapoport (Microsoft)" Currently execmem_cache_free() ignores potential allocation failures that may happen in execmem_cache_add(). Besides, it uses text poking to fill the memory with trapping instructions before returning it to cache although it would be more efficient to make that memory writable, update it using memcpy and then restore ROX protection. Rework execmem_cache_free() so that in case of an error it will defer freeing of the memory to a delayed work. With this the happy fast path will now change permissions to RW, fill the memory with trapping instructions using memcpy, restore ROX permissions, add the memory back to the free cache and clear the relevant entry in busy_areas. If any step in the fast path fails, the entry in busy_areas will be marked as pending_free. These entries will be handled by a delayed work and freed asynchronously. To make the fast path faster, use __GFP_NORETRY for memory allocations and let asynchronous handler try harder with GFP_KERNEL. Signed-off-by: Mike Rapoport (Microsoft) Acked-by: Peter Zijlstra (Intel) --- mm/execmem.c | 125 +++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 102 insertions(+), 23 deletions(-) diff --git a/mm/execmem.c b/mm/execmem.c index 6b040fbc5f4f..4670e97f8e4e 100644 --- a/mm/execmem.c +++ b/mm/execmem.c @@ -93,8 +93,15 @@ struct execmem_cache { struct mutex mutex; struct maple_tree busy_areas; struct maple_tree free_areas; + unsigned int pending_free_cnt; /* protected by mutex */ }; =20 +/* delay to schedule asynchronous free if fast path free fails */ +#define FREE_DELAY (msecs_to_jiffies(10)) + +/* mark entries in busy_areas that should be freed asynchronously */ +#define PENDING_FREE_MASK (1 << (PAGE_SHIFT - 1)) + static struct execmem_cache execmem_cache =3D { .mutex =3D __MUTEX_INITIALIZER(execmem_cache.mutex), .busy_areas =3D MTREE_INIT_EXT(busy_areas, MT_FLAGS_LOCK_EXTERN, @@ -155,20 +162,17 @@ static void execmem_cache_clean(struct work_struct *w= ork) =20 static DECLARE_WORK(execmem_cache_clean_work, execmem_cache_clean); =20 -static int execmem_cache_add(void *ptr, size_t size) +static int execmem_cache_add_locked(void *ptr, size_t size, gfp_t gfp_mask) { struct maple_tree *free_areas =3D &execmem_cache.free_areas; - struct mutex *mutex =3D &execmem_cache.mutex; unsigned long addr =3D (unsigned long)ptr; MA_STATE(mas, free_areas, addr - 1, addr + 1); unsigned long lower, upper; void *area =3D NULL; - int err; =20 lower =3D addr; upper =3D addr + size - 1; =20 - mutex_lock(mutex); area =3D mas_walk(&mas); if (area && mas.last =3D=3D addr - 1) lower =3D mas.index; @@ -178,12 +182,14 @@ static int execmem_cache_add(void *ptr, size_t size) upper =3D mas.last; =20 mas_set_range(&mas, lower, upper); - err =3D mas_store_gfp(&mas, (void *)lower, GFP_KERNEL); - mutex_unlock(mutex); - if (err) - return err; + return mas_store_gfp(&mas, (void *)lower, gfp_mask); +} =20 - return 0; +static int execmem_cache_add(void *ptr, size_t size, gfp_t gfp_mask) +{ + guard(mutex)(&execmem_cache.mutex); + + return execmem_cache_add_locked(ptr, size, gfp_mask); } =20 static bool within_range(struct execmem_range *range, struct ma_state *mas, @@ -278,7 +284,7 @@ static int execmem_cache_populate(struct execmem_range = *range, size_t size) if (err) goto err_free_mem; =20 - err =3D execmem_cache_add(p, alloc_size); + err =3D execmem_cache_add(p, alloc_size, GFP_KERNEL); if (err) goto err_reset_direct_map; =20 @@ -307,29 +313,102 @@ static void *execmem_cache_alloc(struct execmem_rang= e *range, size_t size) return __execmem_cache_alloc(range, size); } =20 +static inline bool is_pending_free(void *ptr) +{ + return ((unsigned long)ptr & PENDING_FREE_MASK); +} + +static inline void *pending_free_set(void *ptr) +{ + return (void *)((unsigned long)ptr | PENDING_FREE_MASK); +} + +static inline void *pending_free_clear(void *ptr) +{ + return (void *)((unsigned long)ptr & ~PENDING_FREE_MASK); +} + +static int execmem_force_rw(void *ptr, size_t size); + +static int __execmem_cache_free(struct ma_state *mas, void *ptr, gfp_t gfp= _mask) +{ + size_t size =3D mas_range_len(mas); + int err; + + err =3D execmem_force_rw(ptr, size); + if (err) + return err; + + execmem_fill_trapping_insns(ptr, size, /* writable =3D */ true); + execmem_restore_rox(ptr, size); + + err =3D execmem_cache_add_locked(ptr, size, gfp_mask); + if (err) + return err; + + mas_store_gfp(mas, NULL, gfp_mask); + return 0; +} + +static void execmem_cache_free_slow(struct work_struct *work); +static DECLARE_DELAYED_WORK(execmem_cache_free_work, execmem_cache_free_sl= ow); + +static void execmem_cache_free_slow(struct work_struct *work) +{ + struct maple_tree *busy_areas =3D &execmem_cache.busy_areas; + MA_STATE(mas, busy_areas, 0, ULONG_MAX); + void *area; + + guard(mutex)(&execmem_cache.mutex); + + if (!execmem_cache.pending_free_cnt) + return; + + mas_for_each(&mas, area, ULONG_MAX) { + if (!is_pending_free(area)) + continue; + + area =3D pending_free_clear(area); + if (__execmem_cache_free(&mas, area, GFP_KERNEL)) + continue; + + execmem_cache.pending_free_cnt--; + } + + if (execmem_cache.pending_free_cnt) + schedule_delayed_work(&execmem_cache_free_work, FREE_DELAY); + else + schedule_work(&execmem_cache_clean_work); +} + static bool execmem_cache_free(void *ptr) { struct maple_tree *busy_areas =3D &execmem_cache.busy_areas; - struct mutex *mutex =3D &execmem_cache.mutex; unsigned long addr =3D (unsigned long)ptr; MA_STATE(mas, busy_areas, addr, addr); - size_t size; void *area; + int err; + + guard(mutex)(&execmem_cache.mutex); =20 - mutex_lock(mutex); area =3D mas_walk(&mas); - if (!area) { - mutex_unlock(mutex); + if (!area) return false; - } - size =3D mas_range_len(&mas); =20 - mas_store_gfp(&mas, NULL, GFP_KERNEL); - mutex_unlock(mutex); - - execmem_fill_trapping_insns(ptr, size, /* writable =3D */ false); - - execmem_cache_add(ptr, size); + err =3D __execmem_cache_free(&mas, area, GFP_KERNEL | __GFP_NORETRY); + if (err) { + /* + * mas points to exact slot we've got the area from, nothing + * else can modify the tree because of the mutex, so there + * won't be any allocations in mas_store_gfp() and it will just + * change the pointer. + */ + area =3D pending_free_set(area); + mas_store_gfp(&mas, area, GFP_KERNEL); + execmem_cache.pending_free_cnt++; + schedule_delayed_work(&execmem_cache_free_work, FREE_DELAY); + return true; + } =20 schedule_work(&execmem_cache_clean_work); =20 --=20 2.47.2 From nobody Tue Oct 7 13:28:37 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 86422A923; Wed, 9 Jul 2025 13:50:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069007; cv=none; b=u2agu8iQgvtAaGgAdebC5iywRKuXTeq8rZrlIJo1Pw+tundgVu2use6Jv5+C6fM9nDWKZ8QwlZhHoWmz+kpwm1sqBxpdc0TibwIRZFkUQdgDS8q/d30H3aZRnQcYwQTk2GL20P3cBe/aJ82nva3NwBTDY0j2b22T1QK2eih6X0o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069007; c=relaxed/simple; bh=Cy9nbTY7/RsVWsT8Lzwrq/nzdX4k1/Ew/ELbVa13ynM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uqsv4GkQwWle/cvRoel/t5h4axKFlk2dw69G0hrYxV5LnQFnqG+UJsgiBUfw/56GgHudmu5kQuqBi1BRcasdtVBaVazm4Dfv8OK9MXA9w5ZDtwIHpfP4Agf5AwOptEaHeUba4ncYR5VyVS/TUtio+GI0iXtKWdag8vOHzq9Ch7E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=pqUhi77p; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="pqUhi77p" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8CD24C4CEF8; Wed, 9 Jul 2025 13:50:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752069007; bh=Cy9nbTY7/RsVWsT8Lzwrq/nzdX4k1/Ew/ELbVa13ynM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=pqUhi77pGCtV3tt1XSaEAlSwTSPrlnCtKynuwZKBGvvm2a3hBX1u1HdXX6n2XyZP1 PcdOUyXq5A3sEsMlmgy/FUvWYAaQOsFGIVeWQP3ry8aY5muSVr3P7sSxpopbGs75ai 1MSce67W63oPqC95WRZXbnlkXWPjbim5rnc0DqcpoJPwrsHcsqgJSq3ONwoSWKxmVd Tv0Qif46FGD3GEQrYtiZznj9oLESU9aaBcTEw6X563qJpzcn6d2aKRT8YM0hESsW+7 Yk3RoFidd0OLMIzXn1z5EMdVC54svbGUNEy/q6DzhcxIuQEdSI9J9QRXWbfzIbEDZa +3V8vzpoT6c8g== From: Mike Rapoport To: Andrew Morton Cc: Andy Lutomirski , Borislav Petkov , Christophe Leroy , Daniel Gomez , Dave Hansen , Ingo Molnar , "Liam R. Howlett" , Luis Chamberlain , Mark Rutland , Masami Hiramatsu , Mike Rapoport , "H. Peter Anvin" , Peter Zijlstra , Petr Pavlu , Sami Tolvanen , Steven Rostedt , Thomas Gleixner , Yann Ylavic , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, linux-trace-kernel@vger.kernel.org, x86@kernel.org Subject: [PATCH v2 4/8] execmem: move execmem_force_rw() and execmem_restore_rox() before use Date: Wed, 9 Jul 2025 16:49:29 +0300 Message-ID: <20250709134933.3848895-5-rppt@kernel.org> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250709134933.3848895-1-rppt@kernel.org> References: <20250709134933.3848895-1-rppt@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: "Mike Rapoport (Microsoft)" to avoid static declarations. Signed-off-by: Mike Rapoport (Microsoft) Acked-by: Peter Zijlstra (Intel) --- mm/execmem.c | 44 +++++++++++++++++++++----------------------- 1 file changed, 21 insertions(+), 23 deletions(-) diff --git a/mm/execmem.c b/mm/execmem.c index 4670e97f8e4e..056d3caaf4a1 100644 --- a/mm/execmem.c +++ b/mm/execmem.c @@ -137,6 +137,27 @@ static int execmem_set_direct_map_valid(struct vm_stru= ct *vm, bool valid) return err; } =20 +static int execmem_force_rw(void *ptr, size_t size) +{ + unsigned int nr =3D PAGE_ALIGN(size) >> PAGE_SHIFT; + unsigned long addr =3D (unsigned long)ptr; + int ret; + + ret =3D set_memory_nx(addr, nr); + if (ret) + return ret; + + return set_memory_rw(addr, nr); +} + +int execmem_restore_rox(void *ptr, size_t size) +{ + unsigned int nr =3D PAGE_ALIGN(size) >> PAGE_SHIFT; + unsigned long addr =3D (unsigned long)ptr; + + return set_memory_rox(addr, nr); +} + static void execmem_cache_clean(struct work_struct *work) { struct maple_tree *free_areas =3D &execmem_cache.free_areas; @@ -328,8 +349,6 @@ static inline void *pending_free_clear(void *ptr) return (void *)((unsigned long)ptr & ~PENDING_FREE_MASK); } =20 -static int execmem_force_rw(void *ptr, size_t size); - static int __execmem_cache_free(struct ma_state *mas, void *ptr, gfp_t gfp= _mask) { size_t size =3D mas_range_len(mas); @@ -415,27 +434,6 @@ static bool execmem_cache_free(void *ptr) return true; } =20 -static int execmem_force_rw(void *ptr, size_t size) -{ - unsigned int nr =3D PAGE_ALIGN(size) >> PAGE_SHIFT; - unsigned long addr =3D (unsigned long)ptr; - int ret; - - ret =3D set_memory_nx(addr, nr); - if (ret) - return ret; - - return set_memory_rw(addr, nr); -} - -int execmem_restore_rox(void *ptr, size_t size) -{ - unsigned int nr =3D PAGE_ALIGN(size) >> PAGE_SHIFT; - unsigned long addr =3D (unsigned long)ptr; - - return set_memory_rox(addr, nr); -} - #else /* CONFIG_ARCH_HAS_EXECMEM_ROX */ /* * when ROX cache is not used the permissions defined by architectures for --=20 2.47.2 From nobody Tue Oct 7 13:28:37 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B29AA2E49BD; Wed, 9 Jul 2025 13:50:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069013; cv=none; b=tGrYhtSwEFfMSXsPnF1lljQrzjl/nyRFleZphVbMxaWArfCvJ0NNEq3fOViy6VGCOVs3NCgMm4ksAX6lyqVD//2N827cDqHy/kRkeo3S1SUJYHzYhBU0SIpo0iuKEYM7WlWaohTKId4qX4TKm3uQfidhFKQjaH4QSpzKh39tTh4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069013; c=relaxed/simple; bh=3rjfBdytCgPEmue4GcEI2ssOKhgIJ1qlJg3E/xaLrs0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ZykpO+qYemCCRBpbNUzNv6MbgYfB1OIKKLEHWrAZIDbd2DRBUkV8mPrQCkqODZFf595sSPSpahI963O2bTPQugyWqtaHRm+EAxGmF+3yUxCIIq6LJnPc2R2QddkWLFULWLfkgWyLSkL/AMRrpj5NeRBRoPYaagRF6nExrLizsOk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=i6mb4tb/; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="i6mb4tb/" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A0F91C4CEEF; Wed, 9 Jul 2025 13:50:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752069013; bh=3rjfBdytCgPEmue4GcEI2ssOKhgIJ1qlJg3E/xaLrs0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=i6mb4tb/c5ErumOIPqYDTAF5gBHWVxb1YJiVQFg8YU/ymef36m7/KBWmtp6YhPXD7 VhjC36mzromjvGypCvFoZU5WRmUVg5YseVQOBP6/WRSxg+8XYIgFFu0R2/FjRMukz+ BTp5uWcXNBH51L7rvo25EghdRCbCkPzeGslyNIBFqyusGbg0rK+UBU9PxZHm/Tgsow k778y1swFYWdZuEUC0CHxiav3CG9aUOi6NWdtstzvWPqV0Ts9oeBzTI0K4+YpQYYD2 21K0u/A6g76A6LiiWRLCNgsCl2xEf3YvhB4O7D30F1GQS6t1GvUmGwZlJ1qj/rUTP3 +IgOb3QxDYbnQ== From: Mike Rapoport To: Andrew Morton Cc: Andy Lutomirski , Borislav Petkov , Christophe Leroy , Daniel Gomez , Dave Hansen , Ingo Molnar , "Liam R. Howlett" , Luis Chamberlain , Mark Rutland , Masami Hiramatsu , Mike Rapoport , "H. Peter Anvin" , Peter Zijlstra , Petr Pavlu , Sami Tolvanen , Steven Rostedt , Thomas Gleixner , Yann Ylavic , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, linux-trace-kernel@vger.kernel.org, x86@kernel.org Subject: [PATCH v2 5/8] execmem: add fallback for failures in vmalloc(VM_ALLOW_HUGE_VMAP) Date: Wed, 9 Jul 2025 16:49:30 +0300 Message-ID: <20250709134933.3848895-6-rppt@kernel.org> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250709134933.3848895-1-rppt@kernel.org> References: <20250709134933.3848895-1-rppt@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: "Mike Rapoport (Microsoft)" When execmem populates ROX cache it uses vmalloc(VM_ALLOW_HUGE_VMAP). Although vmalloc falls back to allocating base pages if high order allocation fails, it may happen that it still cannot allocate enough memory. Right now ROX cache is only used by modules and in majority of cases the allocations happen at boot time when there's plenty of free memory, but upcoming enabling ROX cache for ftrace and kprobes would mean that execmem allocations can happen when the system is under memory pressure and a failure to allocate large page worth of memory becomes more likely. Fallback to regular vmalloc() if vmalloc(VM_ALLOW_HUGE_VMAP) fails. Signed-off-by: Mike Rapoport (Microsoft) Acked-by: Peter Zijlstra (Intel) --- mm/execmem.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/mm/execmem.c b/mm/execmem.c index 056d3caaf4a1..04c35c3a9361 100644 --- a/mm/execmem.c +++ b/mm/execmem.c @@ -291,6 +291,11 @@ static int execmem_cache_populate(struct execmem_range= *range, size_t size) =20 alloc_size =3D round_up(size, PMD_SIZE); p =3D execmem_vmalloc(range, alloc_size, PAGE_KERNEL, vm_flags); + if (!p) { + alloc_size =3D size; + p =3D execmem_vmalloc(range, alloc_size, PAGE_KERNEL, vm_flags); + } + if (!p) return err; =20 @@ -462,7 +467,7 @@ void *execmem_alloc(enum execmem_type type, size_t size) bool use_cache =3D range->flags & EXECMEM_ROX_CACHE; unsigned long vm_flags =3D VM_FLUSH_RESET_PERMS; pgprot_t pgprot =3D range->pgprot; - void *p; + void *p =3D NULL; =20 size =3D PAGE_ALIGN(size); =20 --=20 2.47.2 From nobody Tue Oct 7 13:28:37 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 99BD22E424F; Wed, 9 Jul 2025 13:50:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069020; cv=none; b=kDkWU0NKalQImvEAToSvgX/X3QYvrp08jqRa6hHpMRfMWf3cpsFBwHFCKujoXixAI+jmQ4hNa8aSamLvSqgkfXSxSdimJ+eaUx8ymDwAA3qE7C2YemrGpxPoCCySG2rerAFbNLeGpIS6uzWniLJBIcIyH0qZf+nHPHG39Qwshug= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069020; c=relaxed/simple; bh=UfdU2NtfT5pyDIDyGKKERIvkXlmii1YDvliXyB4yGWE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=JGrFFftTiHa96x617LiRb+HoqFr+igER4bMIckNoNZr9iDbpGQHuuHfITyTtUNXQFN/7kjoqOYjeEGt8f5q0SUjs/qLyrYvhYhDwusuXAjZiMSvIW+Q9VDuX7yHXC7X/jea7K57LHKtdkRVTelyaAXrXGxdFooFB3+CXjw5DZME= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=qYISKbwu; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="qYISKbwu" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B7F07C4CEF1; Wed, 9 Jul 2025 13:50:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752069019; bh=UfdU2NtfT5pyDIDyGKKERIvkXlmii1YDvliXyB4yGWE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=qYISKbwuNhcRxyV4eib/26x4sOL4iiYJhoPQsAjEOC9YExVxanq+lLb26komTBLZG cnB41wXbRuKCHz6C2QkMepppg0/HAHprTz8hplGJU5FEOlV48xUR6gdu67c0YC2i7X XSEhIXis+2pcTnebZIE9RTu6BcQu1CShtCmRvb218F/rTcmotsbHsoNo0YufFV0h5q zVvmNfuIvUHPix7Ht8okjY38iO6O2GjX0f7vhUf6CMK8XS7QKBJe4W/3T1gdn4Lyqf hQ6eWmqDBCz6DNjIamV0urMqjqPvBvaXZ2qbeq/ktYJR2pKNiL3x9BP9y5py2eRQqi gs3wVrRDc1s1w== From: Mike Rapoport To: Andrew Morton Cc: Andy Lutomirski , Borislav Petkov , Christophe Leroy , Daniel Gomez , Dave Hansen , Ingo Molnar , "Liam R. Howlett" , Luis Chamberlain , Mark Rutland , Masami Hiramatsu , Mike Rapoport , "H. Peter Anvin" , Peter Zijlstra , Petr Pavlu , Sami Tolvanen , Steven Rostedt , Thomas Gleixner , Yann Ylavic , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, linux-trace-kernel@vger.kernel.org, x86@kernel.org Subject: [PATCH v2 6/8] execmem: drop writable parameter from execmem_fill_trapping_insns() Date: Wed, 9 Jul 2025 16:49:31 +0300 Message-ID: <20250709134933.3848895-7-rppt@kernel.org> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250709134933.3848895-1-rppt@kernel.org> References: <20250709134933.3848895-1-rppt@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: "Mike Rapoport (Microsoft)" After update of execmem_cache_free() that made memory writable before updating it, there is no need to update read only memory, so the writable parameter to execmem_fill_trapping_insns() is not needed. Drop it. Signed-off-by: Mike Rapoport (Microsoft) Acked-by: Peter Zijlstra (Intel) --- arch/x86/mm/init.c | 8 ++------ include/linux/execmem.h | 3 +-- mm/execmem.c | 4 ++-- 3 files changed, 5 insertions(+), 10 deletions(-) diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c index 7456df985d96..dbc63f0d538f 100644 --- a/arch/x86/mm/init.c +++ b/arch/x86/mm/init.c @@ -1063,13 +1063,9 @@ unsigned long arch_max_swapfile_size(void) static struct execmem_info execmem_info __ro_after_init; =20 #ifdef CONFIG_ARCH_HAS_EXECMEM_ROX -void execmem_fill_trapping_insns(void *ptr, size_t size, bool writeable) +void execmem_fill_trapping_insns(void *ptr, size_t size) { - /* fill memory with INT3 instructions */ - if (writeable) - memset(ptr, INT3_INSN_OPCODE, size); - else - text_poke_set(ptr, INT3_INSN_OPCODE, size); + memset(ptr, INT3_INSN_OPCODE, size); } #endif =20 diff --git a/include/linux/execmem.h b/include/linux/execmem.h index 4e510d1c609c..fe367bdadc3e 100644 --- a/include/linux/execmem.h +++ b/include/linux/execmem.h @@ -60,12 +60,11 @@ enum execmem_range_flags { * will trap * @ptr: pointer to memory to fill * @size: size of the range to fill - * @writable: is the memory poited by @ptr is writable or ROX * * A hook for architecures to fill execmem ranges with invalid instruction= s. * Architectures that use EXECMEM_ROX_CACHE must implement this. */ -void execmem_fill_trapping_insns(void *ptr, size_t size, bool writable); +void execmem_fill_trapping_insns(void *ptr, size_t size); =20 /** * execmem_restore_rox - restore read-only-execute permissions diff --git a/mm/execmem.c b/mm/execmem.c index 04c35c3a9361..0822305413ec 100644 --- a/mm/execmem.c +++ b/mm/execmem.c @@ -304,7 +304,7 @@ static int execmem_cache_populate(struct execmem_range = *range, size_t size) goto err_free_mem; =20 /* fill memory with instructions that will trap */ - execmem_fill_trapping_insns(p, alloc_size, /* writable =3D */ true); + execmem_fill_trapping_insns(p, alloc_size); =20 err =3D set_memory_rox((unsigned long)p, vm->nr_pages); if (err) @@ -363,7 +363,7 @@ static int __execmem_cache_free(struct ma_state *mas, v= oid *ptr, gfp_t gfp_mask) if (err) return err; =20 - execmem_fill_trapping_insns(ptr, size, /* writable =3D */ true); + execmem_fill_trapping_insns(ptr, size); execmem_restore_rox(ptr, size); =20 err =3D execmem_cache_add_locked(ptr, size, gfp_mask); --=20 2.47.2 From nobody Tue Oct 7 13:28:37 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D95272E62C8; Wed, 9 Jul 2025 13:50:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069026; cv=none; b=le6AgbodGDjC21V07lHtfN/bpbm/mkESK7adn/Io7WjmGeyjUlZ7WufmTpWkJ+H5FHvYfnOwyb/WPlpgpwvCwkR8WT7ONWp2At9uD4BpZ2oI5+el3f0nGSLSy0NBZMSYNjWw5eLEkzg0G9YcqGCxCWkZL+kg9q7W+qVRPxE2d+M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069026; c=relaxed/simple; bh=SO2FNTrKQArpvSkS2JHAbwQoeech8iUoJBHVmLqUzb0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=PakLiby5U8d2D9zjkVKxchjeqsj6Xvh396znaY/tukgi748Lhy4Z4rFmLAr2bWCcxasHlTZ/B3dc8+oetgz8FKDOoKNb1lNo73sbkGiL5d05R/VqKoA7s0SBTfjMOARvHyYbED/XTRAwE3dSh7YiLS+pMxYMrakb53DEk1v9KK8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Uqq9DIDz; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Uqq9DIDz" Received: by smtp.kernel.org (Postfix) with ESMTPSA id CE1BAC4CEEF; Wed, 9 Jul 2025 13:50:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752069025; bh=SO2FNTrKQArpvSkS2JHAbwQoeech8iUoJBHVmLqUzb0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Uqq9DIDz+u5Gldw6wG7ZfI5XM1w4kUYiculSQ3INMiGyieKvwEh9cIXiCTgI9TFDS UfWy69dNPRBBsnLd/CEh8u5VjaJEPnEK8ftNLes5Kn6TWBQDVTU7Sdvo/1V8uU84QD 822WJtfCeFCn3SoVBSeTfWifNHrMd1COtMCVrvhtjfV+uLISYf+v38Q1SDEjtl8Bns ZCZAjH6aI+3GjNS8w2eOH4HjgL4Lc11IigT2vA2/c13/GNHT/Al6w1vfeI4T7iKCpL u36mcswSdiJU1B9TcboHT9zTshz5jGq/VQsYRs/rTTJrLioExSmdcdKcfJAE2LztRJ dTcf4vXe7ZEdA== From: Mike Rapoport To: Andrew Morton Cc: Andy Lutomirski , Borislav Petkov , Christophe Leroy , Daniel Gomez , Dave Hansen , Ingo Molnar , "Liam R. Howlett" , Luis Chamberlain , Mark Rutland , Masami Hiramatsu , Mike Rapoport , "H. Peter Anvin" , Peter Zijlstra , Petr Pavlu , Sami Tolvanen , Steven Rostedt , Thomas Gleixner , Yann Ylavic , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, linux-trace-kernel@vger.kernel.org, x86@kernel.org Subject: [PATCH v2 7/8] x86/kprobes: enable EXECMEM_ROX_CACHE for kprobes allocations Date: Wed, 9 Jul 2025 16:49:32 +0300 Message-ID: <20250709134933.3848895-8-rppt@kernel.org> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250709134933.3848895-1-rppt@kernel.org> References: <20250709134933.3848895-1-rppt@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: "Mike Rapoport (Microsoft)" x86::alloc_insn_page() always allocates ROX memory. Instead of overriding this method, add EXECMEM_KPROBES entry in execmem_info with pgprot set to PAGE_KERNEL_ROX and use ROX cache when configuration and CPU features allow it. Signed-off-by: Mike Rapoport (Microsoft) Acked-by: Peter Zijlstra (Intel) --- arch/x86/kernel/kprobes/core.c | 18 ------------------ arch/x86/mm/init.c | 9 ++++++++- 2 files changed, 8 insertions(+), 19 deletions(-) diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c index 47cb8eb138ba..6079d15dab8c 100644 --- a/arch/x86/kernel/kprobes/core.c +++ b/arch/x86/kernel/kprobes/core.c @@ -481,24 +481,6 @@ static int prepare_singlestep(kprobe_opcode_t *buf, st= ruct kprobe *p, return len; } =20 -/* Make page to RO mode when allocate it */ -void *alloc_insn_page(void) -{ - void *page; - - page =3D execmem_alloc(EXECMEM_KPROBES, PAGE_SIZE); - if (!page) - return NULL; - - /* - * TODO: Once additional kernel code protection mechanisms are set, ensure - * that the page was not maliciously altered and it is still zeroed. - */ - set_memory_rox((unsigned long)page, 1); - - return page; -} - /* Kprobe x86 instruction emulation - only regs->ip or IF flag modifiers */ =20 static void kprobe_emulate_ifmodifiers(struct kprobe *p, struct pt_regs *r= egs) diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c index dbc63f0d538f..442fafd8ff52 100644 --- a/arch/x86/mm/init.c +++ b/arch/x86/mm/init.c @@ -1098,7 +1098,14 @@ struct execmem_info __init *execmem_arch_setup(void) .pgprot =3D pgprot, .alignment =3D MODULE_ALIGN, }, - [EXECMEM_KPROBES ... EXECMEM_BPF] =3D { + [EXECMEM_KPROBES] =3D { + .flags =3D flags, + .start =3D start, + .end =3D MODULES_END, + .pgprot =3D PAGE_KERNEL_ROX, + .alignment =3D MODULE_ALIGN, + }, + [EXECMEM_FTRACE ... EXECMEM_BPF] =3D { .flags =3D EXECMEM_KASAN_SHADOW, .start =3D start, .end =3D MODULES_END, --=20 2.47.2 From nobody Tue Oct 7 13:28:37 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 931D02DFA39; Wed, 9 Jul 2025 13:50:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069031; cv=none; b=NsUdLYoG2j6k+5RNLND9f8IZGi3+bVnqfDn1dkg6u19bpz+FYkuv3nN6sU8bE4LLfMHUtvAUhlmtGzBT73TsWKAYjGZd/v4RaHwqPEW6u4oGfjPzRU5H74aXzxY0UK5esw71bspEBcJICVxubU3U58BcRC5+D0fpunp77cbvTgg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1752069031; c=relaxed/simple; bh=N93fx/HWGQ9/7LBI0Q5dx377OnCZ8CrZ/OhiD9v/Z/8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=OrlEDxYnn+0hrkxHutY8QWedbJtYI/XF/S4dvnVtFuZH2zVgXhdjdYRxjANc5gmPD0li+EeAfZo14kjOgv4AAkBP/7ksFUMRC9/nvVdJT7/T45OjXLaWpuBP2Hj607pfzolD4JkeLf1ZicYVXsVzDsfr3eM5IqufRLl0Th5W3sU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=trlDt64N; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="trlDt64N" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E1C52C4CEF1; Wed, 9 Jul 2025 13:50:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1752069031; bh=N93fx/HWGQ9/7LBI0Q5dx377OnCZ8CrZ/OhiD9v/Z/8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=trlDt64NjQr+YNI3YqHEnv8JUfRpoVlxLzQ/crT9viR4cVybY711yJ93jqAp8di1r 4ZnpoAlyw6iExKdqKuy6yItzaWCvmRURcnmZmz3E50KG1GeHIvoZYn/P1QLqb2tcT0 cURqdVH3el7dcyxuJ5ThweDaFxa+HNBfnY4351EyKawHIpbmZEEP/XZvM7wWf+4R8i VPYsSyZiuU0050BIqiaeeE0xywTbJbJhD3aOv0l4iGMFrPZ7arogY31V7FBlNqmsGx T2DjoS9fr0aqMNeafd/Rg9OkMwU4+KLfFx8b1dEl6oiYW5gH3ATdab8I/QR5+raALt 5PuN3SQtLb2ww== From: Mike Rapoport To: Andrew Morton Cc: Andy Lutomirski , Borislav Petkov , Christophe Leroy , Daniel Gomez , Dave Hansen , Ingo Molnar , "Liam R. Howlett" , Luis Chamberlain , Mark Rutland , Masami Hiramatsu , Mike Rapoport , "H. Peter Anvin" , Peter Zijlstra , Petr Pavlu , Sami Tolvanen , Steven Rostedt , Thomas Gleixner , Yann Ylavic , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, linux-trace-kernel@vger.kernel.org, x86@kernel.org Subject: [PATCH v2 8/8] x86/ftrace: enable EXECMEM_ROX_CACHE for ftrace allocations Date: Wed, 9 Jul 2025 16:49:33 +0300 Message-ID: <20250709134933.3848895-9-rppt@kernel.org> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250709134933.3848895-1-rppt@kernel.org> References: <20250709134933.3848895-1-rppt@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: "Mike Rapoport (Microsoft)" For the most part ftrace uses text poking and can handle ROX memory. The only place that requires writable memory is create_trampoline() that updates the allocated memory and in the end makes it ROX. Use execmem_alloc_rw() in x86::ftrace::alloc_tramp() and enable ROX cache for EXECMEM_FTRACE when configuration and CPU features allow that. Signed-off-by: Mike Rapoport (Microsoft) Acked-by: Peter Zijlstra (Intel) --- arch/x86/kernel/ftrace.c | 2 +- arch/x86/mm/init.c | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c index 252e82bcfd2f..4450acec9390 100644 --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c @@ -263,7 +263,7 @@ void arch_ftrace_update_code(int command) =20 static inline void *alloc_tramp(unsigned long size) { - return execmem_alloc(EXECMEM_FTRACE, size); + return execmem_alloc_rw(EXECMEM_FTRACE, size); } static inline void tramp_free(void *tramp) { diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c index 442fafd8ff52..bb57e93b4caf 100644 --- a/arch/x86/mm/init.c +++ b/arch/x86/mm/init.c @@ -1105,7 +1105,14 @@ struct execmem_info __init *execmem_arch_setup(void) .pgprot =3D PAGE_KERNEL_ROX, .alignment =3D MODULE_ALIGN, }, - [EXECMEM_FTRACE ... EXECMEM_BPF] =3D { + [EXECMEM_FTRACE] =3D { + .flags =3D flags, + .start =3D start, + .end =3D MODULES_END, + .pgprot =3D pgprot, + .alignment =3D MODULE_ALIGN, + }, + [EXECMEM_BPF] =3D { .flags =3D EXECMEM_KASAN_SHADOW, .start =3D start, .end =3D MODULES_END, --=20 2.47.2