Re: [RFC 11/14] x86: add support for Dynamic Kernel Stacks

From: H. Peter Anvin
Date: Mon Mar 11 2024 - 22:22:07 EST

Next message: Randy Dunlap: "Re: [GIT PULL] EDAC updates for v6.9"
Previous message: Yin Fengwei: "Re: [PATCH v19 022/130] KVM: x86/vmx: Refactor KVM VMX module init/exit functions"
In reply to: Andy Lutomirski: "Re: [RFC 11/14] x86: add support for Dynamic Kernel Stacks"
Next in thread: Andi Kleen: "Re: [RFC 11/14] x86: add support for Dynamic Kernel Stacks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On March 11, 2024 7:16:38 PM PDT, Andy Lutomirski <luto@xxxxxxxxxx> wrote:
>On Mon, Mar 11, 2024, at 6:25 PM, H. Peter Anvin wrote:
>> On March 11, 2024 5:53:33 PM PDT, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
>>>On 3/11/24 16:56, Nadav Amit wrote:
>>>> So you can look on the dirty-bit, which is not being set
>>>> speculatively and save yourself one problem.
>>>Define "set speculatively". :)
>>>
>>>> If software on one logical processor writes to a page while software
>>>> on another logical processor concurrently clears the R/W flag in the
>>>> paging-structure entry that maps the page, execution on some
>>>> processors may result in the entry’s dirty flag being set (due to the
>>>> write on the first logical processor) and the entry’s R/W flag being
>>>> clear (due to the update to the entry on the second logical
>>>> processor).
>>>
>>>In other words, you'll see both a fault *AND* the dirty bit. The write
>>>never retired and the dirty bit is set.
>>>
>>>Does that count as being set speculatively?
>>>
>>>That's just the behavior that the SDM explicitly admits to.
>>
>> Indeed; both the A and D bits are by design permissive; that is, the
>> hardware can set them at any time.
>>
>> The only guarantees are:
>>
>> 1. The hardware will not set the A bit on a not present late, nor the D
>> bit on a read only page.
>
>Wait a sec. What about setting the D bit on a not-present page?
>
>I always assumed that the actual intended purpose of the D bit was for things like file mapping. Imagine an alternate universe in which Linux used hardware dirty tracking instead of relying on do_wp_page, etc.
>
>mmap(..., MAP_SHARED): PTE is created, read-write, clean
>
>user program may or may not write to the page.
>
>Now either munmap is called or the kernel needs to reclaim memory. So the kernel checks if the page is dirty and, if so, writes it back, and then unmaps it.
>
>Now some silly people invented SMP, so this needs an atomic operation: xchg the PTE to all-zeros, see if the dirty bit is set, and, if itt's set, write back the page. Otherwise discard it.
>
>Does this really not work on Intel CPU?
>

Sorry, I should have been more clear.

Hardware will not set a bit that would correspond to a prohibited access.

Next message: Randy Dunlap: "Re: [GIT PULL] EDAC updates for v6.9"
Previous message: Yin Fengwei: "Re: [PATCH v19 022/130] KVM: x86/vmx: Refactor KVM VMX module init/exit functions"
In reply to: Andy Lutomirski: "Re: [RFC 11/14] x86: add support for Dynamic Kernel Stacks"
Next in thread: Andi Kleen: "Re: [RFC 11/14] x86: add support for Dynamic Kernel Stacks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]