On Aug 23, 2021, at 6:25 AM, Mike Rapoport <rppt@xxxxxxxxxx> wrote: [ snip ] +static void pgtable_write_set(void *pg_table, bool set) I think that the pte_write() test (and the following one) might hide latent bugs. Either you know whether the PTE is write-protected or you need to protect against nested/concurrent calls to pgtable_write_set() by disabling preemption/IRQs. Otherwise, you risk in having someone else write-protecting the PTE after it is write-unprotected and before it is written - causing a crash, or write-unprotecting it after it is protected - which circumvents the protection. Therefore, I would think that instead you should have: VM_BUG_ON(pte_write(*pte)); // (or WARN_ON_ONCE()) In addition, if there are assumptions on the preemptability of the code, it would be nice to have some assertions. I think that the code assumes that all calls to pgtable_write_set() are done while holding the page-table lock. If that is the case, perhaps adding some lockdep assertion would also help to confirm the correctness. [ I put aside the lack of TLB flushes, which make the whole matter of delivered protection questionable. I presume that once PKS is used, this is not an issue. ] |
