Re: [PATCH RFT] arm64: kasan: Make KASAN work with 16K pages + 48 bit VA

From: Catalin Marinas
Date: Fri Nov 27 2015 - 09:11:39 EST


On Fri, Nov 27, 2015 at 10:02:11AM +0000, Will Deacon wrote:
> On Fri, Nov 27, 2015 at 09:35:29AM +0000, Catalin Marinas wrote:
> > On Fri, Nov 27, 2015 at 11:12:28AM +0300, Andrey Ryabinin wrote:
> > > On 11/26/2015 07:40 PM, Ard Biesheuvel wrote:
> > > > On 26 November 2015 at 14:14, Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx> wrote:
> > > >> Currently kasan assumes that shadow memory covers one or more entire PGDs.
> > > >> That's not true for 16K pages + 48bit VA space, where PGDIR_SIZE is bigger
> > > >> than the whole shadow memory.
> > > >>
> > > >> This patch tries to fix that case.
> > > >> clear_page_tables() is a new replacement of clear_pgs(). Instead of always
> > > >> clearing pgds it clears top level page table entries that entirely belongs
> > > >> to shadow memory.
> > > >> In addition to 'tmp_pg_dir' we now have 'tmp_pud' which is used to store
> > > >> puds that now might be cleared by clear_page_tables.
> > > >>
> > > >> Reported-by: Suzuki K. Poulose <Suzuki.Poulose@xxxxxxx>
> > > >> Signed-off-by: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
> > > >
> > > > I would argue that the Kasan code is complicated enough, and we should
> > > > avoid complicating it even further for a configuration that is highly
> > > > theoretical in nature.
> > > >
> > > > In a 16k configuration, the 4th level only adds a single bit of VA
> > > > space (which is, as I understand it, exactly the issue you need to
> > > > address here since the top level page table has only 2 entries and
> > > > hence does not divide by 8 cleanly), which means you are better off
> > > > using 3 levels unless you *really* need more than 128 TB of VA space.
> > > >
> > > > So can't we just live with the limitation, and keep the current code?
> > >
> > > No objections from my side. Let's keep the current code.
> >
> > Ard had a good point, so fine by me as well.
>
> Ok, so obvious follow-up question: why do we even support 48-bit + 16k
> pages in the kernel? Either it's useful, and we make things work with it,
> or it's not and we can drop it (or, at least, hide it behind EXPERT like
> we do for 36-bit).

One reason is hardware validation (I guess that may be the only reason
for 16KB in general ;)). For each of the page sizes we support two VA
ranges: 48-bit (maximum) and a recommended one for the corresponding
granule. With 16K, the difference is not significant (47 to 48), so we
could follow Ard's suggestion and make it depend on EXPERT (we already
do this for 16KB and 36-bit VA).

--
Catalin
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/