On Mon, Jun 26, 2023 at 5:31 AM Mark Rutland <mark.rutland@xxxxxxx> wrote: > [...] > > > > So the idea was that jit_text_alloc() will have a cache of large pages > > mapped ROX, will allocate memory from those caches and there will be > > jit_update() that uses text poking for writing to that memory. > > > > Upon allocation of a large page to increase the cache, that large page will > > be "invalidated" by filling it with breakpoint instructions (e.g int3 on > > x86) > > Does that work on x86? > > That is in no way gauranteed for other architectures; on arm64 you need > explicit cache maintenance (with I-cache maintenance at the VA to be executed > from) followed by context-synchronization-events (e.g. via ISB instructions, or > IPIs). I guess we need: 1) Invalidate unused part of the huge ROX pages; 2) Do not put two jit users (including module text, bpf, etc.) in the same cache line; 3) Explicit cache maintenance; 4) context-synchronization-events. Would these (or a subset of them) be sufficient to protect us from torn read? Thanks, Song
