On 25.09.25 21:59, Dave Hansen wrote:
On 9/25/25 12:20, David Hildenbrand wrote:
On 25.09.25 20:27, Dave Hansen wrote:
On 9/24/25 08:22, Roy, Patrick wrote:
Add an option to not perform TLB flushes after direct map manipulations.
I'd really prefer this be left out for now. It's a massive can of worms. Let's agree on something that works and has well-defined behavior before we go breaking it on purpose.
May I ask what the big concern here is?
It's not a _big_ concern.
Oh, I read "can of worms" and thought there is something seriously problematic :)
I just think we want to start on something like this as simple, secure, and deterministic as possible.
Yes, I agree. And it should be the default. Less secure would have to be opt-in and documented thoroughly.
Let's say that with all the unmaps that load_unaligned_zeropad() faults start to bite us. It'll take longer to find them if the TLB isn't flushed.
Basically, it'll make the bad things happen sooner rather than later.
Agreed.