From 1b5062263b4a3ca3dc0271d9e06ad0113197344c Mon Sep 17 00:00:00 2001
From: Adin Scannell <ascannell@google.com>
Date: Wed, 6 Jun 2018 21:47:39 -0700
Subject: Add allocator abstraction for page tables.
In order to prevent possible garbage collection and reuse of page table
pages prior to invalidation, introduce a former allocator abstraction
that can ensure entries are held during a single traversal. This also
cleans up the abstraction and splits it out of the machine itself.
PiperOrigin-RevId: 199581636
Change-Id: I2257d5d7ffd9c36f9b7ecd42f769261baeaf115c
---
pkg/sentry/platform/ring0/pagetables/BUILD | 3 +-
pkg/sentry/platform/ring0/pagetables/allocator.go | 109 +++++++++++++++++++++
.../platform/ring0/pagetables/allocator_unsafe.go | 53 ++++++++++
pkg/sentry/platform/ring0/pagetables/pagetables.go | 89 +++--------------
.../platform/ring0/pagetables/pagetables_amd64.go | 56 +++++++----
.../ring0/pagetables/pagetables_amd64_test.go | 8 +-
.../platform/ring0/pagetables/pagetables_test.go | 21 ++--
.../platform/ring0/pagetables/pagetables_unsafe.go | 31 ------
.../platform/ring0/pagetables/pagetables_x86.go | 15 ++-
9 files changed, 238 insertions(+), 147 deletions(-)
create mode 100644 pkg/sentry/platform/ring0/pagetables/allocator.go
create mode 100644 pkg/sentry/platform/ring0/pagetables/allocator_unsafe.go
delete mode 100644 pkg/sentry/platform/ring0/pagetables/pagetables_unsafe.go
(limited to 'pkg/sentry/platform/ring0')
diff --git a/pkg/sentry/platform/ring0/pagetables/BUILD b/pkg/sentry/platform/ring0/pagetables/BUILD
index 1a8b7931e..768f96678 100644
--- a/pkg/sentry/platform/ring0/pagetables/BUILD
+++ b/pkg/sentry/platform/ring0/pagetables/BUILD
@@ -5,9 +5,10 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
go_library(
name = "pagetables",
srcs = [
+ "allocator.go",
+ "allocator_unsafe.go",
"pagetables.go",
"pagetables_amd64.go",
- "pagetables_unsafe.go",
"pagetables_x86.go",
"pcids_x86.go",
],
diff --git a/pkg/sentry/platform/ring0/pagetables/allocator.go b/pkg/sentry/platform/ring0/pagetables/allocator.go
new file mode 100644
index 000000000..1499623fb
--- /dev/null
+++ b/pkg/sentry/platform/ring0/pagetables/allocator.go
@@ -0,0 +1,109 @@
+// Copyright 2018 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package pagetables
+
+// Allocator is used to allocate and map PTEs.
+//
+// Note that allocators may be called concurrently.
+type Allocator interface {
+ // NewPTEs returns a new set of PTEs and their physical address.
+ NewPTEs() *PTEs
+
+ // PhysicalFor gives the physical address for a set of PTEs.
+ PhysicalFor(ptes *PTEs) uintptr
+
+ // LookupPTEs looks up PTEs by physical address.
+ LookupPTEs(physical uintptr) *PTEs
+
+ // FreePTEs frees a set of PTEs.
+ FreePTEs(ptes *PTEs)
+}
+
+// RuntimeAllocator is a trivial allocator.
+type RuntimeAllocator struct {
+ // used is the set of PTEs that have been allocated. This includes any
+ // PTEs that may be in the pool below. PTEs are only freed from this
+ // map by the Drain call.
+ //
+ // This exists to prevent accidental garbage collection.
+ used map[*PTEs]struct{}
+
+ // pool is the set of free-to-use PTEs.
+ pool []*PTEs
+}
+
+// NewRuntimeAllocator returns an allocator that uses runtime allocation.
+func NewRuntimeAllocator() *RuntimeAllocator {
+ return &RuntimeAllocator{
+ used: make(map[*PTEs]struct{}),
+ }
+}
+
+// Drain empties the pool.
+func (r *RuntimeAllocator) Drain() {
+ for i, ptes := range r.pool {
+ // Zap the entry in the underlying array to ensure that it can
+ // be properly garbage collected.
+ r.pool[i] = nil
+ // Similarly, free the reference held by the used map (these
+ // also apply for the pool entries).
+ delete(r.used, ptes)
+ }
+ r.pool = r.pool[:0]
+}
+
+// NewPTEs implements Allocator.NewPTEs.
+//
+// Note that the "physical" address here is actually the virtual address of the
+// PTEs structure. The entries are tracked only to avoid garbage collection.
+//
+// This is guaranteed not to split as long as the pool is sufficiently full.
+//
+//go:nosplit
+func (r *RuntimeAllocator) NewPTEs() *PTEs {
+ // Pull from the pool if we can.
+ if len(r.pool) > 0 {
+ ptes := r.pool[len(r.pool)-1]
+ r.pool = r.pool[:len(r.pool)-1]
+ return ptes
+ }
+
+ // Allocate a new entry.
+ ptes := newAlignedPTEs()
+ r.used[ptes] = struct{}{}
+ return ptes
+}
+
+// PhysicalFor returns the physical address for the given PTEs.
+//
+//go:nosplit
+func (r *RuntimeAllocator) PhysicalFor(ptes *PTEs) uintptr {
+ return physicalFor(ptes)
+}
+
+// LookupPTEs implements Allocator.LookupPTEs.
+//
+//go:nosplit
+func (r *RuntimeAllocator) LookupPTEs(physical uintptr) *PTEs {
+ return fromPhysical(physical)
+}
+
+// FreePTEs implements Allocator.FreePTEs.
+//
+//go:nosplit
+func (r *RuntimeAllocator) FreePTEs(ptes *PTEs) {
+ // Add to the pool.
+ r.pool = append(r.pool, ptes)
+}
diff --git a/pkg/sentry/platform/ring0/pagetables/allocator_unsafe.go b/pkg/sentry/platform/ring0/pagetables/allocator_unsafe.go
new file mode 100644
index 000000000..aca778913
--- /dev/null
+++ b/pkg/sentry/platform/ring0/pagetables/allocator_unsafe.go
@@ -0,0 +1,53 @@
+// Copyright 2018 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package pagetables
+
+import (
+ "unsafe"
+
+ "gvisor.googlesource.com/gvisor/pkg/sentry/usermem"
+)
+
+// newAlignedPTEs returns a set of aligned PTEs.
+func newAlignedPTEs() *PTEs {
+ ptes := new(PTEs)
+ offset := physicalFor(ptes) & (usermem.PageSize - 1)
+ if offset == 0 {
+ // Already aligned.
+ return ptes
+ }
+
+ // Need to force an aligned allocation.
+ unaligned := make([]byte, (2*usermem.PageSize)-1)
+ offset = uintptr(unsafe.Pointer(&unaligned[0])) & (usermem.PageSize - 1)
+ if offset != 0 {
+ offset = usermem.PageSize - offset
+ }
+ return (*PTEs)(unsafe.Pointer(&unaligned[offset]))
+}
+
+// physicalFor returns the "physical" address for PTEs.
+//
+//go:nosplit
+func physicalFor(ptes *PTEs) uintptr {
+ return uintptr(unsafe.Pointer(ptes))
+}
+
+// fromPhysical returns the PTEs from the "physical" address.
+//
+//go:nosplit
+func fromPhysical(physical uintptr) *PTEs {
+ return (*PTEs)(unsafe.Pointer(physical))
+}
diff --git a/pkg/sentry/platform/ring0/pagetables/pagetables.go b/pkg/sentry/platform/ring0/pagetables/pagetables.go
index 2a83bbff2..929771cca 100644
--- a/pkg/sentry/platform/ring0/pagetables/pagetables.go
+++ b/pkg/sentry/platform/ring0/pagetables/pagetables.go
@@ -19,52 +19,28 @@ import (
"gvisor.googlesource.com/gvisor/pkg/sentry/usermem"
)
-// Node is a single node within a set of page tables.
-type Node struct {
- // unalignedData has unaligned data. Unfortunately, we can't really
- // rely on the allocator to give us what we want here. So we just throw
- // it at the wall and use the portion that matches. Gross. This may be
- // changed in the future to use a different allocation mechanism.
- //
- // Access must happen via functions found in pagetables_unsafe.go.
- unalignedData [(2 * usermem.PageSize) - 1]byte
-
- // physical is the translated address of these entries.
- //
- // This is filled in at creation time.
- physical uintptr
-}
-
// PageTables is a set of page tables.
type PageTables struct {
+ // Allocator is used to allocate nodes.
+ Allocator Allocator
+
// root is the pagetable root.
- root *Node
+ root *PTEs
- // translator is the translator passed at creation.
- translator Translator
+ // rootPhysical is the cached physical address of the root.
+ //
+ // This is saved only to prevent constant translation.
+ rootPhysical uintptr
// archPageTables includes architecture-specific features.
archPageTables
-
- // allNodes is a set of nodes indexed by translator address.
- allNodes map[uintptr]*Node
-}
-
-// Translator translates to guest physical addresses.
-type Translator interface {
- // TranslateToPhysical translates the given pointer object into a
- // "physical" address. We do not require that it translates back, the
- // reverse mapping is maintained internally.
- TranslateToPhysical(*PTEs) uintptr
}
// New returns new PageTables.
-func New(t Translator, opts Opts) *PageTables {
- p := &PageTables{
- translator: t,
- allNodes: make(map[uintptr]*Node),
- }
- p.root = p.allocNode()
+func New(a Allocator, opts Opts) *PageTables {
+ p := &PageTables{Allocator: a}
+ p.root = p.Allocator.NewPTEs()
+ p.rootPhysical = p.Allocator.PhysicalFor(p.root)
p.init(opts)
return p
}
@@ -74,40 +50,14 @@ func New(t Translator, opts Opts) *PageTables {
// This function should always be preferred to New if there are existing
// pagetables, as this function preserves architectural constraints relevant to
// managing multiple sets of pagetables.
-func (p *PageTables) New() *PageTables {
- np := &PageTables{
- translator: p.translator,
- allNodes: make(map[uintptr]*Node),
- }
- np.root = np.allocNode()
+func (p *PageTables) New(a Allocator) *PageTables {
+ np := &PageTables{Allocator: a}
+ np.root = np.Allocator.NewPTEs()
+ np.rootPhysical = p.Allocator.PhysicalFor(np.root)
np.initFrom(&p.archPageTables)
return np
}
-// setPageTable sets the given index as a page table.
-func (p *PageTables) setPageTable(n *Node, index int, child *Node) {
- phys := p.translator.TranslateToPhysical(child.PTEs())
- p.allNodes[phys] = child
- pte := &n.PTEs()[index]
- pte.setPageTable(phys)
-}
-
-// clearPageTable clears the given entry.
-func (p *PageTables) clearPageTable(n *Node, index int) {
- pte := &n.PTEs()[index]
- physical := pte.Address()
- pte.Clear()
- delete(p.allNodes, physical)
-}
-
-// getPageTable returns the page table entry.
-func (p *PageTables) getPageTable(n *Node, index int) *Node {
- pte := &n.PTEs()[index]
- physical := pte.Address()
- child := p.allNodes[physical]
- return child
-}
-
// Map installs a mapping with the given physical address.
//
// True is returned iff there was a previous mapping in the range.
@@ -172,10 +122,3 @@ func (p *PageTables) Lookup(addr usermem.Addr) (physical uintptr, opts MapOpts)
})
return
}
-
-// allocNode allocates a new page.
-func (p *PageTables) allocNode() *Node {
- n := new(Node)
- n.physical = p.translator.TranslateToPhysical(n.PTEs())
- return n
-}
diff --git a/pkg/sentry/platform/ring0/pagetables/pagetables_amd64.go b/pkg/sentry/platform/ring0/pagetables/pagetables_amd64.go
index 8dc50f9dd..6a724e4fd 100644
--- a/pkg/sentry/platform/ring0/pagetables/pagetables_amd64.go
+++ b/pkg/sentry/platform/ring0/pagetables/pagetables_amd64.go
@@ -121,7 +121,10 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
}
for pgdIndex := int((start & pgdMask) >> pgdShift); start < end && pgdIndex < entriesPerPage; pgdIndex++ {
- pgdEntry := &p.root.PTEs()[pgdIndex]
+ var (
+ pgdEntry = &p.root[pgdIndex]
+ pudEntries *PTEs
+ )
if !pgdEntry.Valid() {
if !alloc {
// Skip over this entry.
@@ -130,15 +133,20 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
}
// Allocate a new pgd.
- p.setPageTable(p.root, pgdIndex, p.allocNode())
+ pudEntries = p.Allocator.NewPTEs()
+ pgdEntry.setPageTable(p, pudEntries)
+ } else {
+ pudEntries = p.Allocator.LookupPTEs(pgdEntry.Address())
}
// Map the next level.
- pudNode := p.getPageTable(p.root, pgdIndex)
clearPUDEntries := 0
for pudIndex := int((start & pudMask) >> pudShift); start < end && pudIndex < entriesPerPage; pudIndex++ {
- pudEntry := &(pudNode.PTEs()[pudIndex])
+ var (
+ pudEntry = &pudEntries[pudIndex]
+ pmdEntries *PTEs
+ )
if !pudEntry.Valid() {
if !alloc {
// Skip over this entry.
@@ -161,7 +169,8 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
}
// Allocate a new pud.
- p.setPageTable(pudNode, pudIndex, p.allocNode())
+ pmdEntries = p.Allocator.NewPTEs()
+ pudEntry.setPageTable(p, pmdEntries)
} else if pudEntry.IsSuper() {
// Does this page need to be split?
@@ -169,8 +178,7 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
currentAddr := uint64(pudEntry.Address())
// Install the relevant entries.
- pmdNode := p.allocNode()
- pmdEntries := pmdNode.PTEs()
+ pmdEntries = p.Allocator.NewPTEs()
for index := 0; index < entriesPerPage; index++ {
pmdEntry := &pmdEntries[index]
pmdEntry.SetSuper()
@@ -179,7 +187,7 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
}
// Reset to point to the new page.
- p.setPageTable(pudNode, pudIndex, pmdNode)
+ pudEntry.setPageTable(p, pmdEntries)
} else {
// A super page to be checked directly.
fn(uintptr(start), uintptr(start+pudSize), pudEntry, pudSize-1)
@@ -193,14 +201,18 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
start = next(start, pudSize)
continue
}
+ } else {
+ pmdEntries = p.Allocator.LookupPTEs(pudEntry.Address())
}
// Map the next level, since this is valid.
- pmdNode := p.getPageTable(pudNode, pudIndex)
clearPMDEntries := 0
for pmdIndex := int((start & pmdMask) >> pmdShift); start < end && pmdIndex < entriesPerPage; pmdIndex++ {
- pmdEntry := &pmdNode.PTEs()[pmdIndex]
+ var (
+ pmdEntry = &pmdEntries[pmdIndex]
+ pteEntries *PTEs
+ )
if !pmdEntry.Valid() {
if !alloc {
// Skip over this entry.
@@ -222,7 +234,8 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
}
// Allocate a new pmd.
- p.setPageTable(pmdNode, pmdIndex, p.allocNode())
+ pteEntries = p.Allocator.NewPTEs()
+ pmdEntry.setPageTable(p, pteEntries)
} else if pmdEntry.IsSuper() {
// Does this page need to be split?
@@ -230,8 +243,7 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
currentAddr := uint64(pmdEntry.Address())
// Install the relevant entries.
- pteNode := p.allocNode()
- pteEntries := pteNode.PTEs()
+ pteEntries = p.Allocator.NewPTEs()
for index := 0; index < entriesPerPage; index++ {
pteEntry := &pteEntries[index]
pteEntry.Set(uintptr(currentAddr), pmdEntry.Opts())
@@ -239,7 +251,7 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
}
// Reset to point to the new page.
- p.setPageTable(pmdNode, pmdIndex, pteNode)
+ pmdEntry.setPageTable(p, pteEntries)
} else {
// A huge page to be checked directly.
fn(uintptr(start), uintptr(start+pmdSize), pmdEntry, pmdSize-1)
@@ -253,14 +265,17 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
start = next(start, pmdSize)
continue
}
+ } else {
+ pteEntries = p.Allocator.LookupPTEs(pmdEntry.Address())
}
// Map the next level, since this is valid.
- pteNode := p.getPageTable(pmdNode, pmdIndex)
clearPTEEntries := 0
for pteIndex := int((start & pteMask) >> pteShift); start < end && pteIndex < entriesPerPage; pteIndex++ {
- pteEntry := &pteNode.PTEs()[pteIndex]
+ var (
+ pteEntry = &pteEntries[pteIndex]
+ )
if !pteEntry.Valid() && !alloc {
clearPTEEntries++
start += pteSize
@@ -283,21 +298,24 @@ func (p *PageTables) iterateRange(startAddr, endAddr uintptr, alloc bool, fn fun
// Check if we no longer need this page.
if clearPTEEntries == entriesPerPage {
- p.clearPageTable(pmdNode, pmdIndex)
+ pmdEntry.Clear()
+ p.Allocator.FreePTEs(pteEntries)
clearPMDEntries++
}
}
// Check if we no longer need this page.
if clearPMDEntries == entriesPerPage {
- p.clearPageTable(pudNode, pudIndex)
+ pudEntry.Clear()
+ p.Allocator.FreePTEs(pmdEntries)
clearPUDEntries++
}
}
// Check if we no longer need this page.
if clearPUDEntries == entriesPerPage {
- p.clearPageTable(p.root, pgdIndex)
+ pgdEntry.Clear()
+ p.Allocator.FreePTEs(pudEntries)
}
}
}
diff --git a/pkg/sentry/platform/ring0/pagetables/pagetables_amd64_test.go b/pkg/sentry/platform/ring0/pagetables/pagetables_amd64_test.go
index 4f15c6b58..c81786133 100644
--- a/pkg/sentry/platform/ring0/pagetables/pagetables_amd64_test.go
+++ b/pkg/sentry/platform/ring0/pagetables/pagetables_amd64_test.go
@@ -23,7 +23,7 @@ import (
)
func Test2MAnd4K(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Map a small page and a huge page.
pt.Map(0x400000, pteSize, MapOpts{AccessType: usermem.ReadWrite}, pteSize*42)
@@ -37,7 +37,7 @@ func Test2MAnd4K(t *testing.T) {
}
func Test1GAnd4K(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Map a small page and a super page.
pt.Map(0x400000, pteSize, MapOpts{AccessType: usermem.ReadWrite}, pteSize*42)
@@ -51,7 +51,7 @@ func Test1GAnd4K(t *testing.T) {
}
func TestSplit1GPage(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Map a super page and knock out the middle.
pt.Map(0x00007f0000000000, pudSize, MapOpts{AccessType: usermem.Read}, pudSize*42)
@@ -65,7 +65,7 @@ func TestSplit1GPage(t *testing.T) {
}
func TestSplit2MPage(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Map a huge page and knock out the middle.
pt.Map(0x00007f0000000000, pmdSize, MapOpts{AccessType: usermem.Read}, pmdSize*42)
diff --git a/pkg/sentry/platform/ring0/pagetables/pagetables_test.go b/pkg/sentry/platform/ring0/pagetables/pagetables_test.go
index a4f684af2..dec8def7f 100644
--- a/pkg/sentry/platform/ring0/pagetables/pagetables_test.go
+++ b/pkg/sentry/platform/ring0/pagetables/pagetables_test.go
@@ -15,18 +15,11 @@
package pagetables
import (
- "reflect"
"testing"
"gvisor.googlesource.com/gvisor/pkg/sentry/usermem"
)
-type reflectTranslater struct{}
-
-func (r reflectTranslater) TranslateToPhysical(ptes *PTEs) uintptr {
- return reflect.ValueOf(ptes).Pointer()
-}
-
type mapping struct {
start uintptr
length uintptr
@@ -80,12 +73,12 @@ func checkMappings(t *testing.T, pt *PageTables, m []mapping) {
}
func TestAllocFree(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
pt.Release()
}
func TestUnmap(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Map and unmap one entry.
pt.Map(0x400000, pteSize, MapOpts{AccessType: usermem.ReadWrite}, pteSize*42)
@@ -96,7 +89,7 @@ func TestUnmap(t *testing.T) {
}
func TestReadOnly(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Map one entry.
pt.Map(0x400000, pteSize, MapOpts{AccessType: usermem.Read}, pteSize*42)
@@ -108,7 +101,7 @@ func TestReadOnly(t *testing.T) {
}
func TestReadWrite(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Map one entry.
pt.Map(0x400000, pteSize, MapOpts{AccessType: usermem.ReadWrite}, pteSize*42)
@@ -120,7 +113,7 @@ func TestReadWrite(t *testing.T) {
}
func TestSerialEntries(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Map two sequential entries.
pt.Map(0x400000, pteSize, MapOpts{AccessType: usermem.ReadWrite}, pteSize*42)
@@ -134,7 +127,7 @@ func TestSerialEntries(t *testing.T) {
}
func TestSpanningEntries(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Span a pgd with two pages.
pt.Map(0x00007efffffff000, 2*pteSize, MapOpts{AccessType: usermem.Read}, pteSize*42)
@@ -147,7 +140,7 @@ func TestSpanningEntries(t *testing.T) {
}
func TestSparseEntries(t *testing.T) {
- pt := New(reflectTranslater{}, Opts{})
+ pt := New(NewRuntimeAllocator(), Opts{})
// Map two entries in different pgds.
pt.Map(0x400000, pteSize, MapOpts{AccessType: usermem.ReadWrite}, pteSize*42)
diff --git a/pkg/sentry/platform/ring0/pagetables/pagetables_unsafe.go b/pkg/sentry/platform/ring0/pagetables/pagetables_unsafe.go
deleted file mode 100644
index a2b44fb79..000000000
--- a/pkg/sentry/platform/ring0/pagetables/pagetables_unsafe.go
+++ /dev/null
@@ -1,31 +0,0 @@
-// Copyright 2018 Google Inc.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package pagetables
-
-import (
- "unsafe"
-
- "gvisor.googlesource.com/gvisor/pkg/sentry/usermem"
-)
-
-// PTEs returns aligned PTE entries.
-func (n *Node) PTEs() *PTEs {
- addr := uintptr(unsafe.Pointer(&n.unalignedData[0]))
- offset := addr & (usermem.PageSize - 1)
- if offset != 0 {
- offset = usermem.PageSize - offset
- }
- return (*PTEs)(unsafe.Pointer(addr + offset))
-}
diff --git a/pkg/sentry/platform/ring0/pagetables/pagetables_x86.go b/pkg/sentry/platform/ring0/pagetables/pagetables_x86.go
index 8ba78ed0d..72a955d08 100644
--- a/pkg/sentry/platform/ring0/pagetables/pagetables_x86.go
+++ b/pkg/sentry/platform/ring0/pagetables/pagetables_x86.go
@@ -70,9 +70,9 @@ func (p *PageTables) CR3() uint64 {
// Bit 63 is set to avoid flushing the PCID (per SDM 4.10.4.1).
const noFlushBit uint64 = 0x8000000000000000
if p.pcid != 0 {
- return noFlushBit | uint64(p.root.physical) | uint64(p.pcid)
+ return noFlushBit | uint64(p.rootPhysical) | uint64(p.pcid)
}
- return uint64(p.root.physical)
+ return uint64(p.rootPhysical)
}
// FlushCR3 returns the CR3 value that flushes the TLB.
@@ -81,7 +81,7 @@ func (p *PageTables) CR3() uint64 {
//
//go:nosplit
func (p *PageTables) FlushCR3() uint64 {
- return uint64(p.root.physical) | uint64(p.pcid)
+ return uint64(p.rootPhysical) | uint64(p.pcid)
}
// Bits in page table entries.
@@ -200,8 +200,13 @@ func (p *PTE) Set(addr uintptr, opts MapOpts) {
// be cleared. This is used explicitly for breaking super pages.
//
//go:nosplit
-func (p *PTE) setPageTable(addr uintptr) {
- v := (addr &^ optionMask) | present | user | writable | accessed | dirty
+func (p *PTE) setPageTable(pt *PageTables, ptes *PTEs) {
+ addr := pt.Allocator.PhysicalFor(ptes)
+ if addr&^optionMask != addr {
+ // This should never happen.
+ panic("unaligned physical address!")
+ }
+ v := addr | present | user | writable | accessed | dirty
atomic.StoreUintptr((*uintptr)(p), v)
}
--
cgit v1.2.3