From nobody Mon May 25 01:14:33 2026
Received: from mail-wr1-f73.google.com (mail-wr1-f73.google.com
 [209.85.221.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id A024A37B03E
	for <linux-kernel@vger.kernel.org>; Wed, 20 May 2026 07:34:57 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.221.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779262501; cv=none;
 b=W8Z/dtFmNQx1eOnpghFBUBpyEijExvn0WlYt1Gh4uKqWwg67l0VbkoyJ2ECeK0hlBfUR4IZJudJBX7MYtsbF++kj8xGgGXDr0bhvJwtyS6xJwy31ZQ/IKC07jiTBQX3aMkH+GWWGMlGlDswkAYB05Mg+Dum941rPxzMGO1REJgI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779262501; c=relaxed/simple;
	bh=W3zbRA8rfphhwUdEI2dhpZjHMxHtNK20ydnHdsGTkHY=;
	h=Date:Mime-Version:Message-ID:Subject:From:To:Cc:Content-Type;
 b=HhXQPcEiisnsFDV/mAfIAVfazP5OC6YxxQP0g6RZ/L4283iEb17rj6snAQFMSJjjIJ9CQ3qgRL/Szy/oTSmHEQvrfQ4lPXRbqwl+rKTHaLY3YlK4VZEexajJ0CShGjkjtL8+NIl+IawDsit4fS4aWAie77FEb/HRGN/f5wNIGnA=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=Vo5LVzOi; arc=none smtp.client-ip=209.85.221.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="Vo5LVzOi"
Received: by mail-wr1-f73.google.com with SMTP id
 ffacd0b85a97d-4497a0e3acaso4385332f8f.0
        for <linux-kernel@vger.kernel.org>;
 Wed, 20 May 2026 00:34:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779262495; x=1779867295;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject
         :date:message-id:reply-to;
        bh=TBfrHUM4K+Fvnf6VLbbC+7tqRoLbh8+kTigJR63RjPw=;
        b=Vo5LVzOiyccJyi62MN4booo47uPsdR6qRfdv5v0bnJv6B5w9HFDIrurSgpFsxpqyAS
         4GpScMnwWKEAruhxpAA+14Q2iMTLLoObZQkP3f3R+8L/ht1kdY8x5+axT0IJHI6ezIC+
         34OXqK++UQ2GyNRvhboy/J9qOQw74LWqhZJ0u+nt0yVaoaGv6dCYi7aUuW/X3SUD1JAq
         b7wfSCcgjc+4B/vc4GQTnCSeicQYtGjPmL293LEVoQXzUx2mVk5YTXAZ/CUDk2O/P0aX
         vYyJ5NphSGAYY5zkh3iwNnINivQhIc29OhxcAANXe4/rLb5MDag1FTtKvjzSrurvzjHe
         eNuQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779262495; x=1779867295;
        h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=TBfrHUM4K+Fvnf6VLbbC+7tqRoLbh8+kTigJR63RjPw=;
        b=FnZQkm4Uzc83ed11l0yP0iirVHwqe7jFWw8qLLUHBPQQz4mySiDKv38VvTzpgxGZWU
         jhWp5WOasGaKa8LpoanCDLZmqrPy1NkME/Nok1u+9gMCl+cp2tpXp2KuB5WPj4XTntdG
         urxJ0E+ZvauAW2DkETH7spuKD7PeUbFZ2QuqpkT+O8luThIWT9eyt4bVZhkg3sV965gE
         OSIeqyWOE9na+n2kYRMwkNceVlm49IfzmKEHnE83j1ZwVeQiQoJ/Fnz0PoAhRssRT4YK
         FTf71yNRj2sI19U0H1V/wlf98+3Lh/n2dLOr2SlofU5sAo9TICjS2h6kXoTKOPUsKnXJ
         OfLQ==
X-Gm-Message-State: AOJu0Yz5rPmobu2CSD0pJBPBCb+6U6whBxKt6CTEfRVA4rl8TVVNa/Hk
	48ehENQ5JRx9PiQ6W9wOW85ANLmgj/ACCWA6K36R+ZgGGxfZl+ht6LMqp8b7KFqLiJ8whGPDb05
	FmNMw4b9qMdMTeiDAtOHxriiuSCtAq0lC9w4m056R0d//xpnaboqZ4b1mE7f+ZYy8ADF4W+8yaC
	3f9kXA66oMb6wnVNFKEMyFNAwsMaVmKroKUQ==
X-Received: from wmxb16-n2.prod.google.com
 ([2002:a05:600d:8450:20b0:488:e192:6fb1])
 (user=ardb job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:600c:8210:b0:48a:5c23:cab
 with SMTP id 5b1f17b1804b1-48fe6322447mr327485535e9.19.1779262494439; Wed, 20
 May 2026 00:34:54 -0700 (PDT)
Date: Wed, 20 May 2026 09:34:40 +0200
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=2580; i=ardb@kernel.org;
 h=from:subject; bh=oY6gtKVWNTBx6UhZYZ8J5F7bWJKDdqkgNGPUoOyRHTg=;
 b=owGbwMvMwCVmkMcZplerG8N4Wi2JIYs3RWD7P9O9sip+nxa8t3i22u1c9+ypXxduWjaj6mv8v
 Ad5y6codpSyMIhxMciKKbIIzP77bufpiVK1zrNkYeawMoEMYeDiFICJhBox/M94/XbBEb45a0sm
 T0iw2eXcuyKvVOt/YIzwzZp7x18VHdrC8E/zmjyPpZ+xlEKMw/TfJ/4sXjvrUTTvgvztfF9NHeL
 uS7ECAA==
X-Mailer: git-send-email 2.54.0.631.ge1b05301d1-goog
Message-ID: <20260520073439.3279874-2-ardb+git@google.com>
Subject: [PATCH] powerpc/code-patching: Avoid r/w mapping of the zero page
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-kernel@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org, Ard Biesheuvel <ardb@kernel.org>,
	Madhavan Srinivasan <maddy@linux.ibm.com>,
 Michael Ellerman <mpe@ellerman.id.au>,
	Nicholas Piggin <npiggin@gmail.com>,
 "Christophe Leroy (CS GROUP)" <chleroy@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ard Biesheuvel <ardb@kernel.org>

The only remaining use of map_patch_area() is mapping the zero page, and
immediately unmapping it again so that the intermediate page table
levels are all guaranteed to be populated.

The use of the zero page here is completely arbitrary, and not harmful
per se, but currently, it creates a writable mapping, and does so in a
manner that requires that the empty_zero_page[] symbol is not
const-qualified.

Given that this is about to change, and that map_patch_area() now never
maps anything other than the zero page, let's simplify the code and
- take the PA of empty_zero_page directly
- create a read-only temporary mapping.

This allows empty_zero_page[] to be repainted as const u8[] in a
subsequent patch, without making substantial changes to this code
patching logic.

Cc: Madhavan Srinivasan <maddy@linux.ibm.com>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Nicholas Piggin <npiggin@gmail.com>
Cc: "Christophe Leroy (CS GROUP)" <chleroy@kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
Build tested only (Clang)

 arch/powerpc/lib/code-patching.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/arch/powerpc/lib/code-patching.c b/arch/powerpc/lib/code-patch=
ing.c
index f84e0337cc02..13a8acf851f1 100644
--- a/arch/powerpc/lib/code-patching.c
+++ b/arch/powerpc/lib/code-patching.c
@@ -60,7 +60,7 @@ struct patch_context {
=20
 static DEFINE_PER_CPU(struct patch_context, cpu_patching_context);
=20
-static int map_patch_area(void *addr, unsigned long text_poke_addr);
+static int map_patch_area(unsigned long text_poke_addr);
 static void unmap_patch_area(unsigned long addr);
=20
 static bool mm_patch_enabled(void)
@@ -117,7 +117,7 @@ static int text_area_cpu_up(unsigned int cpu)
=20
 	// Map/unmap the area to ensure all page tables are pre-allocated
 	addr =3D (unsigned long)area->addr;
-	err =3D map_patch_area(empty_zero_page, addr);
+	err =3D map_patch_area(addr);
 	if (err)
 		return err;
=20
@@ -236,11 +236,10 @@ static unsigned long get_patch_pfn(void *addr)
 /*
  * This can be called for kernel text or a module.
  */
-static int map_patch_area(void *addr, unsigned long text_poke_addr)
+static int map_patch_area(unsigned long text_poke_addr)
 {
-	unsigned long pfn =3D get_patch_pfn(addr);
-
-	return map_kernel_page(text_poke_addr, (pfn << PAGE_SHIFT), PAGE_KERNEL);
+	return map_kernel_page(text_poke_addr, __pa_symbol(empty_zero_page),
+			       PAGE_KERNEL_RO);
 }
=20
 static void unmap_patch_area(unsigned long addr)
--=20
2.54.0.631.ge1b05301d1-goog