From patchwork Wed Jul 10 16:06:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 811916 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8283B1922C0; Wed, 10 Jul 2024 16:09:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.10 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627742; cv=none; b=sB+jYVVYv7kL9Y6REzpirnpghwHkpw4KLkPDRt84OoWs2QX0XXCOpKQKctWRMwxpriSAGA0FzWaXu8irK5DfgK/tkMb9F3NCoQfgzhx0Lq3g0UV9EqlqRdzlXfxWdu+GGMPRTbq7feYDMvvhfKz6Y2boNUTTfIsB8LhMNxdHoAI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627742; c=relaxed/simple; bh=y7vMWpd2OgbEn6OE5pmGbAmSAKrB/bpQq+WM0BvxpuE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=X5HAFkqx6Q1yghr9mNrFaFvRp/Qux/YSccOvVlxi9+zNj2V2MW1ATAZdoDBSvayj742465IMbd4JXcCMk6CmDdng2ibnTEuGJt9qS0EXMxFMoxlqTQ1qEL4lfPeYuUYMNH7RICwYt7uSy5KoPY/nf5ZEYHJUYFgIeJG/lIQYH4c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=OkK9iNKw; arc=none smtp.client-ip=192.198.163.10 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="OkK9iNKw" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627740; x=1752163740; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=y7vMWpd2OgbEn6OE5pmGbAmSAKrB/bpQq+WM0BvxpuE=; b=OkK9iNKwTakHHXIAqs1paCVdOCU9bay1YZhOKyHX9UyWoDrSgwmU5nNW FqfkaTwiTiDZrnb3BwAGEZCFppuogvjZ0tudRD3g5VP8KWTW0CE5VGtqr AFPGBuolgQLmQOnuaYtbyHnsbqMfxk+atSsxICZdVPXmbzlIqjvib4Aey BsNkTs/KehoS6dOjBM6lHkp2+cqndlrULook/aR0NKXuYgAko5n89wh64 zpWWtCWF6qB5BpxL/IAl2iib1ALTZEEQR+jfyHSELkdBlTlfoufzhofXD HWQaj5bE20/KFSQEnx5yMslJ4EpTAnx3YMozKdY6bf8V5yGC3KdTY1uxu w==; X-CSE-ConnectionGUID: F4pjaEqkS1C3MQy284TQDw== X-CSE-MsgGUID: z0sucVrPRyualcsLQDYBdQ== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="29364665" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="29364665" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:08:36 -0700 X-CSE-ConnectionGUID: XEl6TZG9SpeOkrSpSz775Q== X-CSE-MsgGUID: vR4yzamVSIGMOoSAm+6GdA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53084389" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:08:23 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 01/16] x86/cpu: Enumerate the LASS feature bits Date: Wed, 10 Jul 2024 19:06:37 +0300 Message-ID: <20240710160655.3402786-2-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Sohil Mehta Linear Address Space Separation (LASS) is a security feature that intends to prevent malicious virtual address space accesses across user/kernel mode. Such mode based access protection already exists today with paging and features such as SMEP and SMAP. However, to enforce these protections, the processor must traverse the paging structures in memory. Malicious software can use timing information resulting from this traversal to determine details about the paging structures, and these details may also be used to determine the layout of the kernel memory. The LASS mechanism provides the same mode-based protections as paging but without traversing the paging structures. Because the protections enforced by LASS are applied before paging, software will not be able to derive paging-based timing information from the various caching structures such as the TLBs, mid-level caches, page walker, data caches, etc. LASS enforcement relies on the typical kernel implementation to divide the 64-bit virtual address space into two halves: Addr[63]=0 -> User address space Addr[63]=1 -> Kernel address space Any data access or code execution across address spaces typically results in a #GP fault. The LASS enforcement for kernel data access is dependent on CR4.SMAP being set. The enforcement can be disabled by toggling the RFLAGS.AC bit similar to SMAP. Define the CPU feature bits to enumerate this feature and include feature dependencies to reflect the same. Co-developed-by: Yian Chen Signed-off-by: Yian Chen Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/disabled-features.h | 4 +++- arch/x86/include/asm/smap.h | 4 ++++ arch/x86/include/uapi/asm/processor-flags.h | 2 ++ arch/x86/kernel/cpu/cpuid-deps.c | 1 + tools/arch/x86/include/asm/cpufeatures.h | 1 + 6 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 3c7434329661..874809e4547c 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -319,6 +319,7 @@ /* Intel-defined CPU features, CPUID level 0x00000007:1 (EAX), word 12 */ #define X86_FEATURE_AVX_VNNI (12*32+ 4) /* AVX VNNI instructions */ #define X86_FEATURE_AVX512_BF16 (12*32+ 5) /* AVX512 BFLOAT16 instructions */ +#define X86_FEATURE_LASS (12*32+ 6) /* Linear Address Space Separation */ #define X86_FEATURE_CMPCCXADD (12*32+ 7) /* "" CMPccXADD instructions */ #define X86_FEATURE_ARCH_PERFMON_EXT (12*32+ 8) /* "" Intel Architectural PerfMon Extension */ #define X86_FEATURE_FZRM (12*32+10) /* "" Fast zero-length REP MOVSB */ diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index c492bdc97b05..76c7d362af94 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -22,12 +22,14 @@ # define DISABLE_CYRIX_ARR (1<<(X86_FEATURE_CYRIX_ARR & 31)) # define DISABLE_CENTAUR_MCR (1<<(X86_FEATURE_CENTAUR_MCR & 31)) # define DISABLE_PCID 0 +# define DISABLE_LASS 0 #else # define DISABLE_VME 0 # define DISABLE_K6_MTRR 0 # define DISABLE_CYRIX_ARR 0 # define DISABLE_CENTAUR_MCR 0 # define DISABLE_PCID (1<<(X86_FEATURE_PCID & 31)) +# define DISABLE_LASS (1<<(X86_FEATURE_LASS & 31)) #endif /* CONFIG_X86_64 */ #ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS @@ -146,7 +148,7 @@ #define DISABLED_MASK11 (DISABLE_RETPOLINE|DISABLE_RETHUNK|DISABLE_UNRET| \ DISABLE_CALL_DEPTH_TRACKING|DISABLE_USER_SHSTK) #define DISABLED_MASK12 (DISABLE_FRED|DISABLE_LAM) -#define DISABLED_MASK13 0 +#define DISABLED_MASK13 (DISABLE_LASS) #define DISABLED_MASK14 0 #define DISABLED_MASK15 0 #define DISABLED_MASK16 (DISABLE_PKU|DISABLE_OSPKE|DISABLE_LA57|DISABLE_UMIP| \ diff --git a/arch/x86/include/asm/smap.h b/arch/x86/include/asm/smap.h index bab490379c65..776dce849a58 100644 --- a/arch/x86/include/asm/smap.h +++ b/arch/x86/include/asm/smap.h @@ -27,6 +27,10 @@ #else /* __ASSEMBLY__ */ +/* + * The CLAC/STAC instructions toggle enforcement of X86_FEATURE_SMAP as well as + * X86_FEATURE_LASS. + */ static __always_inline void clac(void) { /* Note: a barrier is implicit in alternative() */ diff --git a/arch/x86/include/uapi/asm/processor-flags.h b/arch/x86/include/uapi/asm/processor-flags.h index f1a4adc78272..81d0c8bf1137 100644 --- a/arch/x86/include/uapi/asm/processor-flags.h +++ b/arch/x86/include/uapi/asm/processor-flags.h @@ -136,6 +136,8 @@ #define X86_CR4_PKE _BITUL(X86_CR4_PKE_BIT) #define X86_CR4_CET_BIT 23 /* enable Control-flow Enforcement Technology */ #define X86_CR4_CET _BITUL(X86_CR4_CET_BIT) +#define X86_CR4_LASS_BIT 27 /* enable Linear Address Space Separation support */ +#define X86_CR4_LASS _BITUL(X86_CR4_LASS_BIT) #define X86_CR4_LAM_SUP_BIT 28 /* LAM for supervisor pointers */ #define X86_CR4_LAM_SUP _BITUL(X86_CR4_LAM_SUP_BIT) diff --git a/arch/x86/kernel/cpu/cpuid-deps.c b/arch/x86/kernel/cpu/cpuid-deps.c index b7d9f530ae16..22612e01ec2e 100644 --- a/arch/x86/kernel/cpu/cpuid-deps.c +++ b/arch/x86/kernel/cpu/cpuid-deps.c @@ -84,6 +84,7 @@ static const struct cpuid_dep cpuid_deps[] = { { X86_FEATURE_SHSTK, X86_FEATURE_XSAVES }, { X86_FEATURE_FRED, X86_FEATURE_LKGS }, { X86_FEATURE_FRED, X86_FEATURE_WRMSRNS }, + { X86_FEATURE_LASS, X86_FEATURE_SMAP }, {} }; diff --git a/tools/arch/x86/include/asm/cpufeatures.h b/tools/arch/x86/include/asm/cpufeatures.h index 3c7434329661..874809e4547c 100644 --- a/tools/arch/x86/include/asm/cpufeatures.h +++ b/tools/arch/x86/include/asm/cpufeatures.h @@ -319,6 +319,7 @@ /* Intel-defined CPU features, CPUID level 0x00000007:1 (EAX), word 12 */ #define X86_FEATURE_AVX_VNNI (12*32+ 4) /* AVX VNNI instructions */ #define X86_FEATURE_AVX512_BF16 (12*32+ 5) /* AVX512 BFLOAT16 instructions */ +#define X86_FEATURE_LASS (12*32+ 6) /* Linear Address Space Separation */ #define X86_FEATURE_CMPCCXADD (12*32+ 7) /* "" CMPccXADD instructions */ #define X86_FEATURE_ARCH_PERFMON_EXT (12*32+ 8) /* "" Intel Architectural PerfMon Extension */ #define X86_FEATURE_FZRM (12*32+10) /* "" Fast zero-length REP MOVSB */ From patchwork Wed Jul 10 16:06:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 812372 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 774881953AB; Wed, 10 Jul 2024 16:09:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.10 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627745; cv=none; b=sUVxPiluZyCVOdh+PPMsJsf72LnOod4cLcpg1xEdMOrIzrQDz8EikVFTxkxatsuY0ivvuofchPySkSywJdojo9gbwugTldT6F2TccZRY36nNp18iuTjFNhsQBvG3u62NHV37StZih1L36JTRQsW2VAGlyrEUuc8RPPqdasIamK0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627745; c=relaxed/simple; bh=aQM7UGNlzhF9E1k1zSnMggUBQ/pMVuwT5GMhaakkhzU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=JlzAvhlOexMtNkEsoKAeNcsi/zoSJO1BrLLeryOScgyHgmT3xJD5PPAm3sbbYVAexOkt6R2QSuOCnasHS1gAl+GAPk3jY0JMB33Vh/9s1aDWXtQZUoMhjEgy+C7y801kG7HpR5ygSsTXYCX690KK1Z4883ayEO/YIIPwlbV6R8k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=XEuIfEtn; arc=none smtp.client-ip=192.198.163.10 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="XEuIfEtn" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627743; x=1752163743; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=aQM7UGNlzhF9E1k1zSnMggUBQ/pMVuwT5GMhaakkhzU=; b=XEuIfEtnbAMzgjwbaI7Z70Wy+W90Sn2PA8N5P6VluxBv2s+lWHml63aE rXSpMZXeUg25Z0WIPhJO9YMRFRr1hJ8B2TTt5RWuAGk95WH+BQCu4XYtv UYnSuPWeieGmXSwkwSUH+8BLBCbyEgiG7UfLVs+Bp9X+NS90d2qMRDZ8V 3uVlr6fnpgsDp66HlWRp3ylC1gfISzggF7fxSG+t5XRQBpQWAnk4hDazz FmEDm6SR47jfBF5hCCzfF7WkYGmgRm0fGYGH6b3/2Qwl/26lZ8vslDRjM WNi5c18StnUnnA1C05oPFCtlpMSBBnJ8UqHCiT3LN2Fu+xVOMiSGon9Fw A==; X-CSE-ConnectionGUID: +2HufQqwQmubnJJyz3QZpA== X-CSE-MsgGUID: jmfpaIzLRJiPa8Z7eqPFUw== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="29364718" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="29364718" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:08:49 -0700 X-CSE-ConnectionGUID: VZzz2cXJRLiEWNo7FBsKfQ== X-CSE-MsgGUID: JYLrfBCIQnOkuVNz8AxnCg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53084504" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:08:36 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 02/16] x86/asm: Introduce inline memcpy and memset Date: Wed, 10 Jul 2024 19:06:38 +0300 Message-ID: <20240710160655.3402786-3-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Peter Zijlstra Provide inline memcpy and memset functions that can be used instead of the GCC builtins whenever necessary. Code posted by Peter Zijlstra . Link: https://lore.kernel.org/lkml/Y759AJ%2F0N9fqwDED@hirez.programming.kicks-ass.net/ [Missing Signed-off-by from PeterZ] Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/include/asm/string.h | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/arch/x86/include/asm/string.h b/arch/x86/include/asm/string.h index c3c2c1914d65..9cb5aae7fba9 100644 --- a/arch/x86/include/asm/string.h +++ b/arch/x86/include/asm/string.h @@ -1,6 +1,32 @@ /* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_X86_STRING_H +#define _ASM_X86_STRING_H + #ifdef CONFIG_X86_32 # include #else # include #endif + +static __always_inline void *__inline_memcpy(void *to, const void *from, size_t len) +{ + void *ret = to; + + asm volatile("rep movsb" + : "+D" (to), "+S" (from), "+c" (len) + : : "memory"); + return ret; +} + +static __always_inline void *__inline_memset(void *s, int v, size_t n) +{ + void *ret = s; + + asm volatile("rep stosb" + : "+D" (s), "+c" (n) + : "a" ((uint8_t)v) + : "memory"); + return ret; +} + +#endif /* _ASM_X86_STRING_H */ From patchwork Wed Jul 10 16:06:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 811915 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9AB53195B18; Wed, 10 Jul 2024 16:09:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.10 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627748; cv=none; b=DYtG9wp/mTePAVHpGg2rEiRujbge8oBHOADTfHGJpO/8ucsb1rGQ1UmWAQcvE53qGTmclS9X+WsOJq9rJJDkO3mqcbSG2wlZH2Hu2fWBkgV61tKaX3Kt2nt1+Q7TDstBJVJvqN8/TOCTDT2riuWkG1ytnrFjuvHPhlUpkCGlT6c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627748; c=relaxed/simple; bh=aWgpOz6JryUebtzYDLZUHvgchja1msIbJ5P07l3d2PU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=fhv5WaiHbwrwM3MUg60yIg0IBhktz/wkMIAI79QHl6myVjwUNmVEIWW2ef4PegZ2fBjDui30tAxvDCnsErm+wCdQhIueqtFL/tPGYeMOC5OG+QBO+H4ognXiK3y38NUlD0mkX8QFQEw29RUu2jPiPtGLq6krB4zSbKjuzllTeaQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Z+CGn5d4; arc=none smtp.client-ip=192.198.163.10 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Z+CGn5d4" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627747; x=1752163747; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=aWgpOz6JryUebtzYDLZUHvgchja1msIbJ5P07l3d2PU=; b=Z+CGn5d4205Ro9FqdNhfZ4UMgkC2BH2APCqTZ37MeR+wAKZXLfomOb6L cUdHQcaUQEnxdF9Yq9va0/wsmtXEta//MuqmOIWSK3LUt+/x1/NAp/bkw IUuH1nnSXuQ0tGaVtu4HcJ9WIRLetY4iI0EYvRU5zARfX479CDxlO3zwM 6MF8mBWNXOkP90OqUiEfGEWwkRHqvF5tONNtO4bq+Pjry3OjbI6L8tsZh h28vtGcowB0F9ADndcF6f/tirQ33BX5s1JAhtbmsQKWAFU9k8ysNXcHeA tzMXalDlv69MhoIN02TUmhYZsoJFLJf/uLFRgGQnsgmPX4u9EBmJmMCI+ w==; X-CSE-ConnectionGUID: tEQTcdv6Q6e7IpyjvbXkCw== X-CSE-MsgGUID: vZzE0EuXQYyMeZpdZPldPg== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="29364779" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="29364779" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:09:02 -0700 X-CSE-ConnectionGUID: Xn1rC+BvS4qc51PNoF70fA== X-CSE-MsgGUID: HauCIK9vQNm44v0ASF0M4g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53084620" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:08:49 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 03/16] x86/alternatives: Disable LASS when patching kernel alternatives Date: Wed, 10 Jul 2024 19:06:39 +0300 Message-ID: <20240710160655.3402786-4-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Sohil Mehta For patching, the kernel initializes a temporary mm area in the lower half of the address range. See commit 4fc19708b165 ("x86/alternatives: Initialize temporary mm for patching"). Disable LASS enforcement during patching using the stac()/clac() instructions to avoid triggering a #GP fault. The objtool warns due to a call to a non-allowed function that exists outside of the stac/clac guard, or references to any function with a dynamic function pointer inside the guard. See the Objtool warnings section #9 in the document tools/objtool/Documentation/objtool.txt. Considering that patching is usually small, replace the memcpy and memset functions in the text poking functions with their inline versions respectively. Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/kernel/alternative.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 89de61243272..c6e1b17d1da1 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -1825,16 +1825,24 @@ static inline void unuse_temporary_mm(temp_mm_state_t prev_state) __ro_after_init struct mm_struct *poking_mm; __ro_after_init unsigned long poking_addr; +/* + * poking_init() initializes the text poking address from the lower half of the + * address space. Relax LASS enforcement when accessing the poking address. + */ static void text_poke_memcpy(void *dst, const void *src, size_t len) { - memcpy(dst, src, len); + stac(); + __inline_memcpy(dst, src, len); + clac(); } static void text_poke_memset(void *dst, const void *src, size_t len) { int c = *(const int *)src; - memset(dst, c, len); + stac(); + __inline_memset(dst, c, len); + clac(); } typedef void text_poke_f(void *dst, const void *src, size_t len); From patchwork Wed Jul 10 16:06:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 812371 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C3C3D194ACB; Wed, 10 Jul 2024 16:09:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627758; cv=none; b=lDRtYaX07D/JSd577XQilakAT1gHMOsBQKeyfEByt5PjHRvYViN6YexlhnzB7K0+7bt94gVp01j6FJw4h6W4M8S4KJIfaXnlT/qSMC4ihKU7x1I4+LhMXktq6s6bG1sFBZUbWDt2ix04BysZlUPhBQwu/+SNW2Ygj4HnAqf8Tic= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627758; c=relaxed/simple; bh=UckXJyJIivugNXCO4/8tV/NJP4f3z4DxAvTdHksQcfc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jlcNvz1rqYN5AKTUO2s3dJ1gqR90142vg/Rg+DYrfvBDgtVfcPH8ymVCp6lx7BAyNwrsLMBKLw9zS93/s4D4do1m+mJFh61JUNLqD/+c5YjC+lYNSwxZO/Aj0FKMTjL1AppIFclykpSFA6wqLbdsZ459FjiQhLagYUGG4ZLnANg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=HM6uowvw; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="HM6uowvw" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627756; x=1752163756; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=UckXJyJIivugNXCO4/8tV/NJP4f3z4DxAvTdHksQcfc=; b=HM6uowvwuoJwJCnKIJHCtT+tbaWgbkFU9Aq/O8lhO3j95bRzpF1ZwPfC +J1oZlhQGMbIa87YhtSoTV83TSobFvDOf+JPK/IM2XE989vGReOQNNjdd gcY6BixZ5Y6NbSYKaKk17xULfooBqn+PZp8POI1napRgM2nS/RG8e60o4 vk9pNmeuEmXl5Uws2L8U4GZj/CTt+JtbDBUhc2uHlTM/yQcsFY0lkPz9G wWDexQL0eQzA6IMbRyuqiVorJ3mkwVaOwH69G6QaPi69Gvn9VNFFmw3q/ V9u23KD+bXIG70hEaUTwWKgOtXVWz30hfKFtzQMppS+fG4YOjG9xITCUR Q==; X-CSE-ConnectionGUID: IU9ad3nkTCOj7qEGj2sRZw== X-CSE-MsgGUID: NMxQXeyFRaOPsvGxa1njhQ== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18102986" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18102986" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:09:14 -0700 X-CSE-ConnectionGUID: rQ29e713RBmfaRolv54odg== X-CSE-MsgGUID: QgYROkStRAuOtZT6dUjEtA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53084670" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:09:02 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 04/16] x86/cpu: Enable LASS during CPU initialization Date: Wed, 10 Jul 2024 19:06:40 +0300 Message-ID: <20240710160655.3402786-5-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Sohil Mehta Being a security feature, enable LASS by default if the platform supports it. Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/kernel/cpu/common.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index d4e539d4e158..dcf61a66e462 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -398,6 +398,12 @@ static __always_inline void setup_umip(struct cpuinfo_x86 *c) cr4_clear_bits(X86_CR4_UMIP); } +static __always_inline void setup_lass(struct cpuinfo_x86 *c) +{ + if (cpu_feature_enabled(X86_FEATURE_LASS)) + cr4_set_bits(X86_CR4_LASS); +} + /* These bits should not change their value after CPU init is finished. */ static const unsigned long cr4_pinned_mask = X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_UMIP | X86_CR4_FSGSBASE | X86_CR4_CET | X86_CR4_FRED; @@ -1839,6 +1845,7 @@ static void identify_cpu(struct cpuinfo_x86 *c) setup_smep(c); setup_smap(c); setup_umip(c); + setup_lass(c); /* Enable FSGSBASE instructions if available. */ if (cpu_has(c, X86_FEATURE_FSGSBASE)) { From patchwork Wed Jul 10 16:06:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 811914 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AEE9A194AE2; Wed, 10 Jul 2024 16:09:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627771; cv=none; b=VzyS8JHy7/lZYOIgwRsTOesNHoI0Z3Zljf91DUNeK85qhQ3Ee4xEl0BZSZnnsHFPYaK1Q4fnOOVVgUi6j+r/fQUaaRrtaKcDUNiN3+2WgDu79DjcdX5mYG1gi0O+LTXFIEn4kxc9wSLFFDkGcX+ylEtc5Vroz9EBdLgchKefq+8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627771; c=relaxed/simple; bh=nz8XjyzhYNMxDlabKb77u9LlLIFM1GNNSB/NinucYEA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=sCnqDiMlIA3e74VOEOBDlW+bI7O7+Nt52/v62mNWi+44r+bu+8jt9bQgWk8IBTRX2Gh0YaD91poDf+vRO4MIXLAOZ/trHAp7AO54vXZlDICzzWj4vSQDy9kQgMcjwOOB9LBt4OEBukksSmqg3gC1LIVtBnYXNoR3fXBjgBRLrsk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=bfCBrATz; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="bfCBrATz" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627769; x=1752163769; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=nz8XjyzhYNMxDlabKb77u9LlLIFM1GNNSB/NinucYEA=; b=bfCBrATz9/Dnq4w53WW5CC+aIsDgfgLhFYSauX+J4jCEv4hVJxyVcgs0 99yEyn56/gqZjeJnEpJpKETs76OnfZmFAXa1DlqjgCQVqYAAPO83A9N5P h0ll3PBXf9Y77l74GNtueBrwrfKKb/QhciregN/qJD5LVl6QQ7d/0vLzj 5/orkDuduaoNIY9VC08WybBUu9K9v3ToBwQhP1xx/B6n7qAe9xIiiLT9N uxCtbMFE6HKJnY+IGpkieBZRRyaj/lzu0j+q8nAapwgpKUYo78YzpvRZD EgCsKalztBex45KJnpnjeuCJg3jDP5mq87xTKFFszdCvrRUMB/+9ud7/x A==; X-CSE-ConnectionGUID: +xnDjeX8QCOMwC9FOpULcQ== X-CSE-MsgGUID: 20i98NlJRb6/MxfMrFGLGw== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103053" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103053" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:09:28 -0700 X-CSE-ConnectionGUID: r+GX81G/RPiw+uA49QrD5w== X-CSE-MsgGUID: 9Y6XVd4QR/iIhKJ39KXJbg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53084748" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:09:15 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 05/16] x86/cpu: Remove redundant comment during feature setup Date: Wed, 10 Jul 2024 19:06:41 +0300 Message-ID: <20240710160655.3402786-6-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Sohil Mehta The code below the comment is self explanatory. Instead of updating the comment with the newly added LASS feature, it is better to just remove it. Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/kernel/cpu/common.c | 1 - 1 file changed, 1 deletion(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index dcf61a66e462..33a76256a6f5 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1841,7 +1841,6 @@ static void identify_cpu(struct cpuinfo_x86 *c) /* Disable the PN if appropriate */ squash_the_stupid_serial_number(c); - /* Set up SMEP/SMAP/UMIP */ setup_smep(c); setup_smap(c); setup_umip(c); From patchwork Wed Jul 10 16:06:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 812370 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0C6DA194AFC; Wed, 10 Jul 2024 16:09:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627782; cv=none; b=DQQALVKzK6TwUpIk24Zu8JYMln7+0ge3d3vwFzX7u5lC2+Bv0z6m3bfF57gRS3Exa0qlJWQQIw8LodQ74TWVo6yLwSC+lIR198HOMxwtnicxId0JDzMDQVlGwGw4ugvp6KqQfO/k4SLrGa1h4B2vhGx/0BSDj8diIe75C+9MfMM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627782; c=relaxed/simple; bh=V9px3JV2Wl/ar/jIBNnaNIJiRCsSG4GK1x15nw8iC7A=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=dzUcmasKoGuCA/mTlB7U2KOqO9ezoZbb6Gry4tg0jDQz6VZTgqaiPDjVU9JZ+KMQqVi8tfLZ4bX13Nh8RSQ+hgN0xBK7RleGuajfCFYVWO3oyXbX6WVagRmnIt6LxPriPG2VERo9vNiAnSbc6jlziNLq+ti5PIFjR+6njc8ur5Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=LvArj8vm; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="LvArj8vm" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627781; x=1752163781; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=V9px3JV2Wl/ar/jIBNnaNIJiRCsSG4GK1x15nw8iC7A=; b=LvArj8vmp1FSzyjz0lVzZ3Rl5pUkLsqLQTY8q+tQ2iHdr+qAJpq0juna o/Pf96t7QWzL2RscIuy0CovhgiqeQeocoE5kmfP9NyYOmZcxyEZzFUeBj ljfhIajT5AU6pqOoxl6yZkSlwDhaKpgfFpvMpjlI1VHss+n6v8NOMwvf/ 9WLjOLO5OeG7Rt4d4OMbJXfAjYlxTyHf/ezDVnZZSOuZXe1Xe8ttGULnJ RCKqvtaRtk2FtpVPrncqWrTu0f3TlAKibvR9WhZOEa1YnjGHLnSVcmAYe +F6ZldI3ePnAC5ORERIRrtvDMWXa/o/SiM0e8q4lvhyJ4EqnukSnl6EsW w==; X-CSE-ConnectionGUID: mRo/3/hKSHCLfkAARkz30w== X-CSE-MsgGUID: YhXbDnMXR96759uJJrveAQ== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103074" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103074" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:09:40 -0700 X-CSE-ConnectionGUID: S7w7cXdtTPGVrNV0zBopdA== X-CSE-MsgGUID: vhTxzJONQAybATYZIRD++A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53084797" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:09:28 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 06/16] init/main.c: Move EFI runtime service initialization to x86/cpu Date: Wed, 10 Jul 2024 19:06:42 +0300 Message-ID: <20240710160655.3402786-7-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The EFI call in start_kernel() is guarded by #ifdef CONFIG_X86. Move the thing to the arch_cpu_finalize_init() path on x86 and get rid of the #ifdef in start_kernel(). No functional change intended. Signed-off-by: Alexander Shishkin Suggested-by: Kirill A. Shutemov --- arch/x86/kernel/cpu/common.c | 7 +++++++ init/main.c | 5 ----- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 33a76256a6f5..8aa621dc7d30 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include @@ -2364,6 +2365,12 @@ void __init arch_cpu_finalize_init(void) fpu__init_system(); fpu__init_cpu(); + /* + * This needs to follow the FPU initializtion, since EFI depends on it. + */ + if (efi_enabled(EFI_RUNTIME_SERVICES)) + efi_enter_virtual_mode(); + /* * Ensure that access to the per CPU representation has the initial * boot CPU configuration. diff --git a/init/main.c b/init/main.c index 206acdde51f5..cce4ceaf7c9c 100644 --- a/init/main.c +++ b/init/main.c @@ -51,7 +51,6 @@ #include #include #include -#include #include #include #include @@ -1070,10 +1069,6 @@ void start_kernel(void) pid_idr_init(); anon_vma_init(); -#ifdef CONFIG_X86 - if (efi_enabled(EFI_RUNTIME_SERVICES)) - efi_enter_virtual_mode(); -#endif thread_stack_cache_init(); cred_init(); fork_init(); From patchwork Wed Jul 10 16:06:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 811913 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1DFAE197A6A; Wed, 10 Jul 2024 16:09:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627795; cv=none; b=a3Wn+Oxdnmpmr1RYiri2+6h055CyUQ7hprX3+GBMNYbhyxhP9/yQXIbxY+jwr8crsJ01fD9GogvVIt4E47ChO5EVcafjrEmhJ/YyX1sNJ/NfTXqKT6mSRlkMQBspIRg2uBhLDaURlzHGk2T+ud+KWfvkEBsbF5vGu05VihC8QJk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627795; c=relaxed/simple; bh=3ftzhE2HMy0sn2H91/T7W6LLqTlSAQgGntncMLyhsmw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LGZkXQonQ0E7+6C8Rj77JY6Nu5syQNe6RJUIQbGmI5YU4RXLMQX3nRFyGWtAtrEqN8+hd8QIH3VFHppOhOSm5SpMgsd/mQOpNQY3LYtyFXHM9gqTCS3f7ahyb1L5BTaiaooq8agRdMwQYOY/BHx7DZ1f2ljy9fei75g6ShjNwfA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=CKlmyhvN; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="CKlmyhvN" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627794; x=1752163794; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=3ftzhE2HMy0sn2H91/T7W6LLqTlSAQgGntncMLyhsmw=; b=CKlmyhvNcld8U0SQomSPXaqCOhXA5MbDTPpAh1FrLna2h9wuo0Oc+2aW SNi+JkxBQldnPD/jrCYwAwqex8em61Cc+NP4gEhuRZIS1sGGRSs3wyZOI ZVWytjEauKOHW6njw7nSWeDStC7EaNUNXltJmRjlzoVlB3dzW8OVk2eQy zbs4V2XioZvesNF/vD+9XwUXmo8NGltNvqGylYRpInIyJS4K27scrzz7C p7QyY5ntLIhJctVpi/X5/kJGsUcjHEG0E1isU/CKo3f0Z6/mAl2kMoYW6 xBQEh/s7FrxsO4pK2raSKzj56XrbX7FRGf7v7Dgn/+sXVGtqoRUMr5Zzd g==; X-CSE-ConnectionGUID: orBkQqbFQyO0E+N7dA04Tg== X-CSE-MsgGUID: ozxoi7aETneencODsdqnDA== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103121" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103121" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:09:53 -0700 X-CSE-ConnectionGUID: BpNCO9AUSH+lfP+mhxvjGg== X-CSE-MsgGUID: VsEZXrtKSJ2exKP4UUNK1A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53084891" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:09:41 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 07/16] x86/cpu: Defer CR pinning setup until after EFI initialization Date: Wed, 10 Jul 2024 19:06:43 +0300 Message-ID: <20240710160655.3402786-8-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In order to map the EFI runtime services, set_virtual_address_map needs to be called, which resides in the lower half of the address space. This means that LASS needs to be temporarily disabled around this call. This can only be done before the CR pinning is set up. Move CR pinning setup behind the EFI initialization. Signed-off-by: Alexander Shishkin Suggested-by: Kirill A. Shutemov --- arch/x86/kernel/cpu/common.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 8aa621dc7d30..c93c59a27dfa 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1948,7 +1948,6 @@ static __init void identify_boot_cpu(void) enable_sep_cpu(); #endif cpu_detect_tlb(&boot_cpu_data); - setup_cr_pinning(); tsx_init(); tdx_init(); @@ -2367,10 +2366,16 @@ void __init arch_cpu_finalize_init(void) /* * This needs to follow the FPU initializtion, since EFI depends on it. + * It also needs to precede the CR pinning setup, because we need to be + * able to temporarily clear the CR4.LASS bit in order to execute the + * set_virtual_address_map call, which resides in lower addresses and + * would trip LASS if enabled. */ if (efi_enabled(EFI_RUNTIME_SERVICES)) efi_enter_virtual_mode(); + setup_cr_pinning(); + /* * Ensure that access to the per CPU representation has the initial * boot CPU configuration. From patchwork Wed Jul 10 16:06:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 812369 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 390601957EA; Wed, 10 Jul 2024 16:10:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627809; cv=none; b=BPaJoEoRkxbrBNzpp9jj7zkNSEYPfDroC2GxvjYUZIa6LTtos65N38DScubcOIBD9abZC6aMhSt8FqoEWJumOfRYunYdweb5M59SxSk5pLupen7EYeeIL5a2t3ko/9wQbFiQKfFFyZVtdxqbvlnHwrWXPaT+5gFcOH/uSoxK1mw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627809; c=relaxed/simple; bh=NgRptb4rAMfYIdle52GXDXgskSqbD5NX6Sw8+H8rpog=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Onj5lKM6p90aItwS/yN/lHGIfvVmiMUhqxuiZopEFbMrv2a12v5dWhqsCCTbtvjvrpaIeQPGwpb83Z4Ccmq579zLza4n1QcRXsfglleDGDhBkmjbR74NCHpNNAeb8wH8HIxAZI1+NMVNdOhe6kMKAXloSzP6kcMXTKrkZ7kmFwY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=gUAw9tzK; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="gUAw9tzK" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627808; x=1752163808; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=NgRptb4rAMfYIdle52GXDXgskSqbD5NX6Sw8+H8rpog=; b=gUAw9tzKXv14IOZ6WIL1zY6nI+h8ryZSSVCjJNN0vXQzeMPf60EqKtDD PC6yZjVfSNHkFnwAPQ693oLK6HPg0FZGQ9j39QmuKWySKVtNCb7nAbmFf fBwozhy8NYxQNPAx9wtnO2V6zjVG96j9XyeXqesPOVOYW5uKrMpD3yFpW Q5fpwSMlazELTWsa44S44Fy2zSSDHWuzTFNowEp4LfH3940wbs0Q2Ic1F Ain16G0CbNt6k4keUI/W4RpcZRp8AHe+3qtb8TEuyRLYzSf9RQk+qUpXr NjBx9hr1EhjK61+xBBfFYiL8Sm+UFFwEsvCYwZeTiBKcphGGFXxhi1GHa Q==; X-CSE-ConnectionGUID: QN1AlSuBQB6mVLtChVbVnw== X-CSE-MsgGUID: 2XHYgCEJSaCjeQlO5JoWRw== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103167" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103167" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:10:06 -0700 X-CSE-ConnectionGUID: G9PGHujBQSyYsDVUun4mpQ== X-CSE-MsgGUID: 6SE6r0NrR4mUxA1tXLreqA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53085119" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:09:54 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 08/16] x86/vsyscall: Reorganize the #PF emulation code Date: Wed, 10 Jul 2024 19:06:44 +0300 Message-ID: <20240710160655.3402786-9-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Sohil Mehta Separate out the actual vsyscall emulation from the page fault specific handling in preparation for the upcoming #GP fault emulation. No functional change intended. Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/entry/vsyscall/vsyscall_64.c | 42 +++++++++++++++------------ arch/x86/include/asm/vsyscall.h | 8 ++--- arch/x86/mm/fault.c | 2 +- 3 files changed, 29 insertions(+), 23 deletions(-) diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c index 2fb7d53cf333..e89d7d83a594 100644 --- a/arch/x86/entry/vsyscall/vsyscall_64.c +++ b/arch/x86/entry/vsyscall/vsyscall_64.c @@ -112,30 +112,13 @@ static bool write_ok_or_segv(unsigned long ptr, size_t size) } } -bool emulate_vsyscall(unsigned long error_code, - struct pt_regs *regs, unsigned long address) +static bool __emulate_vsyscall(struct pt_regs *regs, unsigned long address) { unsigned long caller; int vsyscall_nr, syscall_nr, tmp; long ret; unsigned long orig_dx; - /* Write faults or kernel-privilege faults never get fixed up. */ - if ((error_code & (X86_PF_WRITE | X86_PF_USER)) != X86_PF_USER) - return false; - - if (!(error_code & X86_PF_INSTR)) { - /* Failed vsyscall read */ - if (vsyscall_mode == EMULATE) - return false; - - /* - * User code tried and failed to read the vsyscall page. - */ - warn_bad_vsyscall(KERN_INFO, regs, "vsyscall read attempt denied -- look up the vsyscall kernel parameter if you need a workaround"); - return false; - } - /* * No point in checking CS -- the only way to get here is a user mode * trap to a high address, which means that we're in 64-bit user code. @@ -270,6 +253,29 @@ bool emulate_vsyscall(unsigned long error_code, return true; } +bool emulate_vsyscall_pf(unsigned long error_code, struct pt_regs *regs, + unsigned long address) +{ + /* Write faults or kernel-privilege faults never get fixed up. */ + if ((error_code & (X86_PF_WRITE | X86_PF_USER)) != X86_PF_USER) + return false; + + if (!(error_code & X86_PF_INSTR)) { + /* Failed vsyscall read */ + if (vsyscall_mode == EMULATE) + return false; + + /* + * User code tried and failed to read the vsyscall page. + */ + warn_bad_vsyscall(KERN_INFO, regs, + "vsyscall read attempt denied -- look up the vsyscall kernel parameter if you need a workaround"); + return false; + } + + return __emulate_vsyscall(regs, address); +} + /* * A pseudo VMA to allow ptrace access for the vsyscall page. This only * covers the 64bit vsyscall page now. 32bit has a real VMA now and does diff --git a/arch/x86/include/asm/vsyscall.h b/arch/x86/include/asm/vsyscall.h index 472f0263dbc6..214977f4fa11 100644 --- a/arch/x86/include/asm/vsyscall.h +++ b/arch/x86/include/asm/vsyscall.h @@ -14,12 +14,12 @@ extern void set_vsyscall_pgtable_user_bits(pgd_t *root); * Called on instruction fetch fault in vsyscall page. * Returns true if handled. */ -extern bool emulate_vsyscall(unsigned long error_code, - struct pt_regs *regs, unsigned long address); +extern bool emulate_vsyscall_pf(unsigned long error_code, + struct pt_regs *regs, unsigned long address); #else static inline void map_vsyscall(void) {} -static inline bool emulate_vsyscall(unsigned long error_code, - struct pt_regs *regs, unsigned long address) +static inline bool emulate_vsyscall_pf(unsigned long error_code, + struct pt_regs *regs, unsigned long address) { return false; } diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index e6c469b323cc..44e2d1ef4128 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -1318,7 +1318,7 @@ void do_user_addr_fault(struct pt_regs *regs, * to consider the PF_PK bit. */ if (is_vsyscall_vaddr(address)) { - if (emulate_vsyscall(error_code, regs, address)) + if (emulate_vsyscall_pf(error_code, regs, address)) return; } #endif From patchwork Wed Jul 10 16:06:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 811912 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9DEF71957EA; Wed, 10 Jul 2024 16:10:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627823; cv=none; b=my4dyX+689RdSQJn6xkB7bPXjJ7mlu0a311pxTIQe05l+oGvTSttTGJHLMreonhwjT9Xia1xpgNab86MSk6q61k61R57xK36hqNEfWMy5I3V6IPalIS6xkPSdToNNjvsqT/p/7UMn+cwyG2wDUl5pQPtfgLRs5Ld3GTR7jPabR8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627823; c=relaxed/simple; bh=eOsc9zaDvKNVdNiqXR8+NYBnBvM8/2EfjADFBJEBEps=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=si/zUnA8g1uaY+bsaVTDMCgDuipJz0Bs2Klo66B7CQSzyKBfbVzIFa3uNlECUCtNYTu68fN4OuHBhOIcq1mAek+Nb81lfK2WRsEBMCVbCVoifYK1lCT0FxW5SRg1LX81xHJqQsYj7i/5IhOcqMx9c8VGZ9uQd7958htRbwfQ64M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=D14jCmAJ; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="D14jCmAJ" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627821; x=1752163821; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=eOsc9zaDvKNVdNiqXR8+NYBnBvM8/2EfjADFBJEBEps=; b=D14jCmAJAzZM5eYaphpDpGPrX7dpWNNhpgqptnRLTUNv7/Ke2nFW2TZ1 r8wvfFgFIXyaPo2jz7oSrmfRRn4lFI4ZhaKNAtkg6Xvoe2/qc3H+7S5CX v56FnUoQbGmHyHeLxBI7fCBCkveKX2q3qU/N5B5u1vx/osgjx2XQcfKcG xTP5MdoTMP6KeJvzUPW7ZFUV249MLB/4YCQUFLu9s6S9AT43uDdBoEOQs SzJlo/5QkvA3TedNT0vU18w79SnYZOedYqJ/aiAxRfe4mUVLydg/eU4HK EtkS6oXc8B4hevc8CImRji6OAUAqwqWGYw3XmhKjP+utYFjphnT+tmE1N g==; X-CSE-ConnectionGUID: pb5TuZyjRi2V7AcILzKYFQ== X-CSE-MsgGUID: ZHm4lh+VS4mOKdNiMtuU3A== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103229" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103229" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:10:20 -0700 X-CSE-ConnectionGUID: 4xCWndd+RSqdxmLCZg1/XA== X-CSE-MsgGUID: qw9pSSSuTOGJqO5UQin3WQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53085274" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:10:07 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, Dave Hansen Subject: [PATCH v4 09/16] x86/traps: Consolidate user fixups in exc_general_protection() Date: Wed, 10 Jul 2024 19:06:45 +0300 Message-ID: <20240710160655.3402786-10-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Sohil Mehta Move the UMIP exception fixup along with the other user mode fixups, that is, under the common "if (user_mode(regs))" condition where the rest of the fixups reside. No functional change intended. Suggested-by: Dave Hansen Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/kernel/traps.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c index 4fa0b17e5043..ae34e03739cb 100644 --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kernel/traps.c @@ -652,11 +652,6 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection) cond_local_irq_enable(regs); - if (static_cpu_has(X86_FEATURE_UMIP)) { - if (user_mode(regs) && fixup_umip_exception(regs)) - goto exit; - } - if (v8086_mode(regs)) { local_irq_enable(); handle_vm86_fault((struct kernel_vm86_regs *) regs, error_code); @@ -671,6 +666,9 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection) if (fixup_vdso_exception(regs, X86_TRAP_GP, error_code, 0)) goto exit; + if (cpu_feature_enabled(X86_FEATURE_UMIP) && fixup_umip_exception(regs)) + goto exit; + gp_user_force_sig_segv(regs, X86_TRAP_GP, error_code, desc); goto exit; } From patchwork Wed Jul 10 16:06:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 812368 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1972C198A30; Wed, 10 Jul 2024 16:10:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627836; cv=none; b=lhbKuwEolkJSuE1x5XebpK/9cHHqQNbZfvmk827+hvP8Qp0jFRMMsM2T77pgn5CpA2ALgeOhmT+nDIvS0kC35xvlQakhU29Dix8kdlrxAS7VtSNIrrNVVAFxnmFMMphvExDWf+AQ8wSoDDIwYbiVVNVdeeBdLs1nGPxuCjbdYeM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627836; c=relaxed/simple; bh=gph/ljZ0prpurgzSmZ7d5c6Ku+SAKC4eKNi4YbQVLg8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=kQYuXk3H9Nwqan3ZiIPYbwZNtZDMofx5pxdPlIcsbTIMjJkmBlo3s3EWgua58MG+FRBq6VAz0D47Tiwa4Yumr9zj318Z/TDXMziTPAu6R8O23/wM/7NqCLvq2S1XiSzJTtUx+fM99smJvxq88XfWAH8erI93kf1GTPvLpf26GGg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=h2rzLwGH; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="h2rzLwGH" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627835; x=1752163835; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=gph/ljZ0prpurgzSmZ7d5c6Ku+SAKC4eKNi4YbQVLg8=; b=h2rzLwGHQBpWMr5dZ1G2oQiNGqEpY+3Bg4p9DaJTZ/9drvdNNbJnl1Y3 WkNQw/Qi1/6NuZWdQQQ7Zq/pt2aJvuUr/IxtTjZDvtbJizfEvyEubN5zM 8bIqX1ue9y7jlH0XUZBOPZRg7y+h8fEFkal0ouZKOwv3kfUluc+JbAqmj 5eWr0iEPBsnSJ4lKklL48NU8cHBQTge9sVQkgQkvWwvU9cxibd/zexCpy 694H2+UI5vL7irXQbCCWrzXL45uRjXyhSTQF1d3gNMCa0w58HbrCOMlcL aH9TNQ3lRFCxCg+QRXb2rhxwrP/YOnnPo/Y9QCGQB8sa5DPCJwAIBuC3H w==; X-CSE-ConnectionGUID: 4d6i8inFTgyabNMgkKctNg== X-CSE-MsgGUID: /OA4Mcw1SNOKLiAd+xB2aA== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103291" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103291" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:10:33 -0700 X-CSE-ConnectionGUID: MD3L6TcwRuKXb100C4OIhg== X-CSE-MsgGUID: O/j+Vu7GRAeJtwJyPtZD1A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53085359" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:10:20 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 10/16] x86/vsyscall: Add vsyscall emulation for #GP Date: Wed, 10 Jul 2024 19:06:46 +0300 Message-ID: <20240710160655.3402786-11-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Sohil Mehta The legacy vsyscall page is mapped at a fixed address in the kernel address range 0xffffffffff600000-0xffffffffff601000. Prior to LASS being introduced, a legacy vsyscall page access from userspace would always generate a page fault. The kernel emulates the execute (XONLY) accesses in the page fault handler and returns back to userspace with the appropriate register values. Since LASS intercepts these accesses before the paging structures are traversed it generates a general protection fault instead of a page fault. The #GP fault doesn't provide much information in terms of the error code. So, use the faulting RIP which is preserved in the user registers to emulate the vsyscall access without going through complex instruction decoding. Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/entry/vsyscall/vsyscall_64.c | 11 ++++++++++- arch/x86/include/asm/vsyscall.h | 6 ++++++ arch/x86/kernel/traps.c | 4 ++++ 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c index e89d7d83a594..97608883b4b4 100644 --- a/arch/x86/entry/vsyscall/vsyscall_64.c +++ b/arch/x86/entry/vsyscall/vsyscall_64.c @@ -23,7 +23,7 @@ * soon be no new userspace code that will ever use a vsyscall. * * The code in this file emulates vsyscalls when notified of a page - * fault to a vsyscall address. + * fault or a general protection fault to a vsyscall address. */ #include @@ -276,6 +276,15 @@ bool emulate_vsyscall_pf(unsigned long error_code, struct pt_regs *regs, return __emulate_vsyscall(regs, address); } +bool emulate_vsyscall_gp(struct pt_regs *regs) +{ + /* Emulate only if the RIP points to the vsyscall address */ + if (!is_vsyscall_vaddr(regs->ip)) + return false; + + return __emulate_vsyscall(regs, regs->ip); +} + /* * A pseudo VMA to allow ptrace access for the vsyscall page. This only * covers the 64bit vsyscall page now. 32bit has a real VMA now and does diff --git a/arch/x86/include/asm/vsyscall.h b/arch/x86/include/asm/vsyscall.h index 214977f4fa11..4eb8d3673223 100644 --- a/arch/x86/include/asm/vsyscall.h +++ b/arch/x86/include/asm/vsyscall.h @@ -16,6 +16,7 @@ extern void set_vsyscall_pgtable_user_bits(pgd_t *root); */ extern bool emulate_vsyscall_pf(unsigned long error_code, struct pt_regs *regs, unsigned long address); +extern bool emulate_vsyscall_gp(struct pt_regs *regs); #else static inline void map_vsyscall(void) {} static inline bool emulate_vsyscall_pf(unsigned long error_code, @@ -23,6 +24,11 @@ static inline bool emulate_vsyscall_pf(unsigned long error_code, { return false; } + +static inline bool emulate_vsyscall_gp(struct pt_regs *regs) +{ + return false; +} #endif /* diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c index ae34e03739cb..c70d75769b1a 100644 --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kernel/traps.c @@ -67,6 +67,7 @@ #include #include #include +#include #ifdef CONFIG_X86_64 #include @@ -669,6 +670,9 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection) if (cpu_feature_enabled(X86_FEATURE_UMIP) && fixup_umip_exception(regs)) goto exit; + if (cpu_feature_enabled(X86_FEATURE_LASS) && emulate_vsyscall_gp(regs)) + goto exit; + gp_user_force_sig_segv(regs, X86_TRAP_GP, error_code, desc); goto exit; } From patchwork Wed Jul 10 16:06:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 811911 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 765F7195390; Wed, 10 Jul 2024 16:10:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627848; cv=none; b=KhI0tvhCOZwpbLyxiyDIXV5CLwuw9/1FaE5NwP//kbCxX7sfSnyboBnQK4j3GkjrGsKn3nd4xqcJoFIKvRXON06S8gXf4F0OgoWCnYI34f3vzW/vAzH5oDoFlI2nNJpwfiKaZW2yQ6V2jJHZFucqEJkqiDAYJbdVoIKGfhtgGoE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627848; c=relaxed/simple; bh=C6MFhZXeK/t1+ET0yvxa+dCt6aFMcL8iI+b6zXefigE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=pgDlwKyreLUZ+5vPrU+0PkeLBSkQX9WwIsxqSJ2QurzDjjPng6PWNAh2EOu44k6gRDaBvQQTpGDkf9Hk3wghGwyPJ9YKA9Umw7ZSZNxvvJcd2yBgzokS4XfUq9tI9FDajXhuuhUikef+fcFTnK84BFONqAQnYa0QIFMjfxqPGaY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=DAx1C/94; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="DAx1C/94" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627847; x=1752163847; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=C6MFhZXeK/t1+ET0yvxa+dCt6aFMcL8iI+b6zXefigE=; b=DAx1C/94Hc/FkXszPlCBPaJw/gU3w/4dBu2KzzfPpZBl4EVCfCcDywyR rgm3ELFDXcvVEkA1wprb5IVthvONkHL0GdP5UbDNRsOXd2bownhPT5jNt us0sgDsIg8oMFBSE1W/qebQwMUL5zbzXfECFVU1TQk1bLGS5e3XA8QG/M L5M2w7fLF3xZe5oBixv1iardyKn53PjjvuMhQe7c1Jp710l7GFBFzqRYM e8qSLOAwNt6RMt8kSBV4m0cgQYePSn1dVo8phXn2wqyy98sBvUF7nGm5r 8ylSmACx9vVdeaXnLZdkm8rrl/BmcwGisAEfy19k2GIeV6kki+6dgBvdG w==; X-CSE-ConnectionGUID: zh7ihOc7Sh6QcPVm+gnxLA== X-CSE-MsgGUID: e8Kc0fY6QvCN2gTjIg7mVg== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103352" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103352" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:10:46 -0700 X-CSE-ConnectionGUID: v5X2TLgRSNWA649daTdhnw== X-CSE-MsgGUID: 5Ro2g62hR2Sg/FQoxkLaOg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53085454" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:10:34 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 11/16] x86/vsyscall: Disable LASS if vsyscall mode is set to EMULATE Date: Wed, 10 Jul 2024 19:06:47 +0300 Message-ID: <20240710160655.3402786-12-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Sohil Mehta The EMULATE mode of vsyscall maps the vsyscall page into user address space which can be read directly by the user application. This mode has been deprecated recently and can only be enabled from a special command line parameter vsyscall=emulate. See commit bf00745e7791 ("x86/vsyscall: Remove CONFIG_LEGACY_VSYSCALL_EMULATE") Fixing the LASS violations during the EMULATE mode would need complex instruction decoding since the resulting #GP fault does not include any useful error information and the vsyscall address is not readily available in the RIP. At this point, no one is expected to be using the insecure and deprecated EMULATE mode. The rare usages that need support probably don't care much about security anyway. Disable LASS when EMULATE mode is requested during command line parsing to avoid breaking user software. LASS will be supported if vsyscall mode is set to XONLY or NONE. Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/entry/vsyscall/vsyscall_64.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c index 97608883b4b4..7c845c1db3b4 100644 --- a/arch/x86/entry/vsyscall/vsyscall_64.c +++ b/arch/x86/entry/vsyscall/vsyscall_64.c @@ -36,6 +36,7 @@ #include #include #include +#include #include #include @@ -63,6 +64,13 @@ static int __init vsyscall_setup(char *str) else return -EINVAL; + if (cpu_feature_enabled(X86_FEATURE_LASS) && + vsyscall_mode == EMULATE) { + cr4_clear_bits(X86_CR4_LASS); + setup_clear_cpu_cap(X86_FEATURE_LASS); + pr_warn_once("x86/cpu: Disabling LASS support due to vsyscall=emulate\n"); + } + return 0; } From patchwork Wed Jul 10 16:06:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 812367 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 009031946AD; Wed, 10 Jul 2024 16:10:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627861; cv=none; b=udIKYucjaOKKjCeFp3LV0zGD2zraRrOwlT7ZJis8YhL9YNMsTKkyXPu163Z3fTR3tjWH9guFKDVuLbcAqMTu/2wmKe1GC2PkKt1U1yGYh9M5+NHXoBXrlhoqIduMHyHnIVlVOAPTCf81Rg83zs+zUluJrgMlmkTvGVsiJbJC4Tk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627861; c=relaxed/simple; bh=tjWA9OdzKp5oCMrjNAVnwcGNPVjsUmnXZAQ/+ISWzI4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=TWiZzGkfVE3VIphpqMsqG62lmkjgQYKL+IfyUKnUGlHXUK/ZNf03b6Ko0O/hkzY/FwwbZnMDsnuuW5v15rrm8lP5wW5JPxrxaK+CuJaorAPlTp3gLKMZtvSVBAI/CKqxWxPxmLW+Hy4PrjYjyn3dBW9VShyJhm2adVKzFG8GrQc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=gWZfs3r2; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="gWZfs3r2" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627860; x=1752163860; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tjWA9OdzKp5oCMrjNAVnwcGNPVjsUmnXZAQ/+ISWzI4=; b=gWZfs3r2V3IRa/auq+38qjTWwoVM9LIsNAR9AohGU/74hq7VDjdUcCL1 a/w0zHq6sT+P0TVmFQRHf8ti4UydB70UxEShD8uxxHh7MevEBftN2mFw0 QKzFsm1f68GFBrpEjOX1PL19K6piMepzemh10l+jqRD5Vw227dLXRiNBk 7VA/tc06yB1fG7IbNps3YUsJUz4IAqmRIWOHy2yOLvhWWkdoWElg6v8Q5 Oz4f/EA32gckW5bisE7ksF8TNAriuQQwWOy/hkxX94RWaF+ZMuuKxjK/l Lc5LEqqN1O5y1vdvn9int5oeNtgt3RKcOJtVR/q3ZXQAAODZ7d0LWxKCc A==; X-CSE-ConnectionGUID: Tl51GXMgRmamgCf/FqETIA== X-CSE-MsgGUID: UIv1w7YGRzGHiMSmgReqGQ== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103414" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103414" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:10:59 -0700 X-CSE-ConnectionGUID: bcbPCtuEQb2WeEw5KR44Bw== X-CSE-MsgGUID: 61wiqgqJTAqNU/WgPihAGg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53085584" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:10:47 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, Dave Hansen Subject: [PATCH v4 12/16] x86/vsyscall: Document the fact that vsyscall=emulate disables LASS Date: Wed, 10 Jul 2024 19:06:48 +0300 Message-ID: <20240710160655.3402786-13-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Since EMULATE mode of vsyscall disables LASS, because fixing the LASS violations during the EMULATE mode would need complex instruction decoding, document this fact in kernel-parameters.txt. Cc: Andy Lutomirski Suggested-by: Dave Hansen Signed-off-by: Alexander Shishkin --- Documentation/admin-guide/kernel-parameters.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 27ec49af1bf2..f7f06049353c 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -7247,7 +7247,9 @@ emulate Vsyscalls turn into traps and are emulated reasonably safely. The vsyscall page is - readable. + readable. This also disables the LASS + feature to allow userspace to poke around + the vsyscall page. xonly [default] Vsyscalls turn into traps and are emulated reasonably safely. The vsyscall From patchwork Wed Jul 10 16:06:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 811910 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6A48D1946AD; Wed, 10 Jul 2024 16:11:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627874; cv=none; b=Me+auVtunSX7T9jsZUuiN5OE+0coQSy/03edEtf531QMRwc+io/QaBDH0jwM04N5WbS+w2/GYYb7nK6eHimtLlTYG2ohSONqmxv/Gx6IFfTHCXQMBfMd4dfVD2I7ixBw59AHII3gkszyIOsTDI3rWvxU+dLRpDpNU3SQ/CEseSo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627874; c=relaxed/simple; bh=indbEBEnKodo/Nz5z4LUGohOp6TPYInM6siLMopB+W4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=JjoiZz+3tt/xjMGcQxQv7UXd9U8AAHFT8VIRcFRHQ+38JqciXuXDoO+YVOht0i8IuPmOfNpqzveW9FNMHzG5t4Rvgz0/Myf389G/9NUJhILyHmffCuj86ahUOZp6+xBer4SEVSt6qGAT3LL2DK2cEQZp0HKWIpVcNppHDHfeJlk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=T/JgGCxi; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="T/JgGCxi" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627873; x=1752163873; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=indbEBEnKodo/Nz5z4LUGohOp6TPYInM6siLMopB+W4=; b=T/JgGCxiyyYQrgI2GWXHp2jWAjM0Ha6JajgXQMgyC1fRJvQSvaHI5WEA G2+v5lJnhjjObDkLmDvkiixoCDbFjrNm3qtVVYdbgLhFJndc/UwjyRqOS hHgUxNdYAC1GG84JQJqZyKQi52hWb2ST0N9rMK6bO6AS4LIDRXHqwpsqf WskHw13bOmoLdA7PBOMDN+eKCkqaTtYdmkE+ELJQ+3f4c1OsVqB8h/W/2 JQ2Lbq7FMLpQs1ySilXqDlvmRlzvlFtRqgvPbQReEUqP7d51aiFE2WxBx Z3k8MckWprlvvkoSIIWO3kiM1m7+APHSJD/L26CD/Bzc8dQM23Ve1R8Qr A==; X-CSE-ConnectionGUID: Lst0Tr+IQoyeLLL9SQoczg== X-CSE-MsgGUID: X0U1G2sYTrybbsjei8mOpg== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103457" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103457" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:11:12 -0700 X-CSE-ConnectionGUID: QrRL1MwuSx21HKSOzfhClg== X-CSE-MsgGUID: frbnj4/5SM+1Iz+TA64q9A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53085604" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:11:00 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 13/16] x86/cpu: Set LASS CR4 bit as pinning sensitive Date: Wed, 10 Jul 2024 19:06:49 +0300 Message-ID: <20240710160655.3402786-14-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Yian Chen Security features such as LASS are not expected to be disabled once initialized. Add LASS to the CR4 pinned mask. Signed-off-by: Yian Chen Signed-off-by: Alexander Shishkin Reviewed-by: Tony Luck --- arch/x86/kernel/cpu/common.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index c93c59a27dfa..3dc443c349f0 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -407,7 +407,8 @@ static __always_inline void setup_lass(struct cpuinfo_x86 *c) /* These bits should not change their value after CPU init is finished. */ static const unsigned long cr4_pinned_mask = X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_UMIP | - X86_CR4_FSGSBASE | X86_CR4_CET | X86_CR4_FRED; + X86_CR4_FSGSBASE | X86_CR4_CET | X86_CR4_FRED | + X86_CR4_LASS; static DEFINE_STATIC_KEY_FALSE_RO(cr_pinning); static unsigned long cr4_pinned_bits __ro_after_init; From patchwork Wed Jul 10 16:06:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 812366 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DAD3D194AC4; Wed, 10 Jul 2024 16:11:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627887; cv=none; b=ej/ss6izGaHmS8UQnPGL/FWw5Uqw+tVKR+RNPyFpKy4Z29fUPVjoCwE2+XT+0LyYqhy3s0pUBZCzTYD00ug/yL1N51gnYRAelwzxWr5KIplTQUOIEdlVKt+zdAEEoKTSAxFssefqRz3VNdzK/mWAdeT9d1E+jFJIur1RGiGXzqs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627887; c=relaxed/simple; bh=XMtBh7oo1bF8NIbpCrCLnqzYZF6Hphn7iDTKPoNjiOo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=byKGDyl+q1b2Emf9mPYAq+dW6o2sVGfHQ3bf83LNWo68250UzC+k4WrKSokAuekhyJDnDLUXHjP+sMLQxDxSuXGi64DC6olDP2420QT0237pSy4yu/ERV2Wt26kD50POQPLhNPpPOGmM4p3qrllF7X3rpTei0EhKbFo6hKEFLfM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Pce73Kgt; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Pce73Kgt" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627886; x=1752163886; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=XMtBh7oo1bF8NIbpCrCLnqzYZF6Hphn7iDTKPoNjiOo=; b=Pce73KgtyXmwSLtTHypYHgqZcrXlM4IVZjpbKGBqwAs2TLeCTME/EFqF VBE/j7tv5IRAfg+fFGosvaaE83lYBa4B8xeNbHGF5kDkX1WMIoNb7vXuz am88HkpBS5CkjqoS4b/VqfCq/PBU2sqCP/rWN6jTS9T0dmjmQM4HXNepe MwIcGsEOz5e5Lycfm2IrGaBsR5yGc84mfEuIVzV/f56CGYGBy6LSSJSeq /FvXULEMtI3ViXjxBrytHDtAcPABN8KJgNVmn9HOtupfVOkkFcHN/tHb7 8dIjgTUu0ZjZOwlcOmB99N3WslNZ89mT2u2qQcaaKqslVNr6cLxPgYu7e g==; X-CSE-ConnectionGUID: TDff9cYPQ4uCj0njgAzq3A== X-CSE-MsgGUID: 8yLhNe3iQzSACRL1YNAUqA== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103517" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103517" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:11:25 -0700 X-CSE-ConnectionGUID: SFsDpgJlTU+quMknE7O2AQ== X-CSE-MsgGUID: KhawRVzaSrSwiStGfsUbtg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53085670" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:11:13 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 14/16] x86/traps: Communicate a LASS violation in #GP message Date: Wed, 10 Jul 2024 19:06:50 +0300 Message-ID: <20240710160655.3402786-15-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Provide a more helpful message on #GP when a kernel side LASS violation is detected. Signed-off-by: Alexander Shishkin --- arch/x86/kernel/traps.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c index c70d75769b1a..42c032106024 100644 --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kernel/traps.c @@ -488,7 +488,8 @@ DEFINE_IDTENTRY(exc_bounds) enum kernel_gp_hint { GP_NO_HINT, GP_NON_CANONICAL, - GP_CANONICAL + GP_CANONICAL, + GP_LASS_VIOLATION }; /* @@ -524,6 +525,8 @@ static enum kernel_gp_hint get_kernel_gp_address(struct pt_regs *regs, if (*addr < ~__VIRTUAL_MASK && *addr + insn.opnd_bytes - 1 > __VIRTUAL_MASK) return GP_NON_CANONICAL; + else if (*addr < ~__VIRTUAL_MASK && cpu_feature_enabled(X86_FEATURE_LASS)) + return GP_LASS_VIOLATION; #endif return GP_CANONICAL; @@ -647,6 +650,11 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection) char desc[sizeof(GPFSTR) + 50 + 2*sizeof(unsigned long) + 1] = GPFSTR; enum kernel_gp_hint hint = GP_NO_HINT; unsigned long gp_addr; + static char *help[] = { + [GP_NON_CANONICAL] = "probably for non-canonical address", + [GP_CANONICAL] = "maybe for address", + [GP_LASS_VIOLATION] = "LASS prevented access to address" + }; if (user_mode(regs) && try_fixup_enqcmd_gp()) return; @@ -686,9 +694,7 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection) hint = get_kernel_gp_address(regs, &gp_addr); if (hint != GP_NO_HINT) - snprintf(desc, sizeof(desc), GPFSTR ", %s 0x%lx", - (hint == GP_NON_CANONICAL) ? "probably for non-canonical address" - : "maybe for address", + snprintf(desc, sizeof(desc), GPFSTR ", %s 0x%lx", help[hint], gp_addr); /* From patchwork Wed Jul 10 16:06:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 811909 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A7998197A65; Wed, 10 Jul 2024 16:11:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627900; cv=none; b=Od9ES/HzFkTRSARXzh+pD+y3jxEWP7Ba0JnvMOdAJlZnUqNuD1OuRtjIlkzialZGVEhS1UVyOeyzgcAzxUNE7IRTKFAfoFLYdnKCXR+5fid6/a7iu3H6QqcBL7oXM5zPc7rzTx2pQwaVhiz8IK3HzFWa2FQ8PDlsQrvUU/x7+eE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627900; c=relaxed/simple; bh=1qops/D1whUCaCuumg8tNYUF7OTw7VyV1BOkXLwJENI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uzJ0u3SUQQ8qLVGIYE90R3qQVKcaaRyxU2BoSRbRBxGj2Doj4KFdhAuh5mXLIe0g97VsMRCRVFW3uk00zOy8U5LR2app9yesRWnWic8+FknngIXyfiqLMYpR30VBGHo/naM3T6YRwzs3WI8SFL1KDPaebOlNqRsjp8Ly3aSN5jE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Wo8e8oz7; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Wo8e8oz7" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627898; x=1752163898; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=1qops/D1whUCaCuumg8tNYUF7OTw7VyV1BOkXLwJENI=; b=Wo8e8oz7k9wgGu+w4eJndlIhBrJtDmU1JUukYMFUqyc5SVGSxDP5TLSt zi6yeMjcSDzvh1fXK6JS069/UsUmtRfhCro8Am+OSDOb5NV/+fWo9vOgJ AIAixal7nbyU194SuOaO9uXjoaa5vvwTt+iRcmcFbJyf6xWUjkGtQM04h C8H/9wNrbFJJW+uTMYxkba24PWfyBWVXGQ/UBU72cRdvIVnV31weWOBwy zCIZwRusO7MxKKILiP8Jo29UbxuzeqOQ+ZYd+4dwAR7f2AzKaEfDljge/ M6Ni+4Ctxs12hqVd9Mp0hVnGBuZGVZdvMytuehQG1/Wjm/sRqxxP96t7q g==; X-CSE-ConnectionGUID: fPLia0WDR1+Xg/yUMv9i6Q== X-CSE-MsgGUID: HNa+h+lwQJuUuqyE8WWk/g== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103545" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103545" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:11:38 -0700 X-CSE-ConnectionGUID: IkWVpXxJSQmmH8rmIw53kA== X-CSE-MsgGUID: uMxjKUZ/Tmqh02uFLlNeVg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53085712" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:11:26 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 15/16] efi: Disable LASS around set_virtual_address_map call Date: Wed, 10 Jul 2024 19:06:51 +0300 Message-ID: <20240710160655.3402786-16-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Of all the EFI runtime services, set_virtual_address_map is the only one that is called at its lower mapping, which LASS prohibits regardless of EFLAGS.AC setting. The only way to allow this to happen is to disable LASS in the CR4 register. Disable LASS around this low address EFI call. Signed-off-by: Alexander Shishkin --- arch/x86/platform/efi/efi.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c index f090ec972d7b..6e5c2bb4f4df 100644 --- a/arch/x86/platform/efi/efi.c +++ b/arch/x86/platform/efi/efi.c @@ -848,11 +848,24 @@ static void __init __efi_enter_virtual_mode(void) efi_sync_low_kernel_mappings(); + /* + * set_virtual_address_map is the only service located at lower + * addresses, so we have to temporarily disable LASS around it. + * Note that clearing EFLAGS.AC is not enough for this, the whole + * LASS needs to be disabled. + */ + if (cpu_feature_enabled(X86_FEATURE_LASS)) + cr4_clear_bits(X86_CR4_LASS); + status = efi_set_virtual_address_map(efi.memmap.desc_size * count, efi.memmap.desc_size, efi.memmap.desc_version, (efi_memory_desc_t *)pa, efi_systab_phys); + + if (cpu_feature_enabled(X86_FEATURE_LASS)) + cr4_set_bits(X86_CR4_LASS); + if (status != EFI_SUCCESS) { pr_err("Unable to switch EFI into virtual mode (status=%lx)!\n", status); From patchwork Wed Jul 10 16:06:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 812365 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 89A0E195381; Wed, 10 Jul 2024 16:11:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627913; cv=none; b=h66QqLSWsOQZnL3fwizuGAE9pyhJvfG6uTEwjtjuyMqMjle5xHmCWPHclcbLAkIn+nmnAgtSszNGDVBQi8X1Vrum6CxzjPwjWf50NZ5XXQtXBQlJ/EbFDZ2riIppMBLSk2I4CBKmP0XthcHgjTxDKuS8Pza8BTKrORHSI/3UT2M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1720627913; c=relaxed/simple; bh=iHli+zVp4z1gD0VVuhpl7g65NvHAppcAAPWbrqVKI+Q=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Q4CTIfmTdKUvY9oab3Yk+tp+o4qcVUbiD8l1bbflmwbnHghtMYd3srLGlhvkIbVJhEFz9zYpjowE9D4GH3KiB1m/nUI7UPYj6nxEi/MTGaAIk1RjCwhdRvaFXNIOYZ5+JrWJOwoc08WWzSKzm2WU//Znl4/ZhNAr74Bm04c8U4s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=AJeYUvcH; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="AJeYUvcH" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1720627911; x=1752163911; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=iHli+zVp4z1gD0VVuhpl7g65NvHAppcAAPWbrqVKI+Q=; b=AJeYUvcHPSKBf3dHXdv7UzTUDcnIxjCWnvMHJgPmwKPDjz7VWsrisnxR OsqnTemnjaEkRfYyX+spPyBP7eBPt1vcCtahJraP1LGVed5dYxjNBf2Gr rW1qGBz3qDfEn8v8lO7UU5wMxCOxBUFA+q0s7N78JEOT2gn9uuWpAJFf3 B3ljGvQoKThRUF7gbIM4SFnp5mGY7g6MkZKJyU29eI0BkuOwMr0j5Hb3x szO0FXtVtQle7APW5+M74yvf7mdY2zPwliyQdHtusTYBWiPrsWc0Pcm8k aNV+E5o2OmK0UiJX0w1Jy3lw8009TwSIlv2K4YPDoXNRop4UdXasYdSu0 Q==; X-CSE-ConnectionGUID: Grxx5/FfQ0yQJwE6iYBJHg== X-CSE-MsgGUID: igSXQCtkRZi+eJc8jMx5XQ== X-IronPort-AV: E=McAfee;i="6700,10204,11129"; a="18103566" X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="18103566" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jul 2024 09:11:51 -0700 X-CSE-ConnectionGUID: 1tNSTHVFQC6ZT2aH1yMOoA== X-CSE-MsgGUID: 8ej7wP1lSfeb+YrFgUAZKg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.09,198,1716274800"; d="scan'208";a="53085808" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orviesa003.jf.intel.com with ESMTP; 10 Jul 2024 09:11:38 -0700 From: Alexander Shishkin To: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Ard Biesheuvel , "Paul E. McKenney" , Josh Poimboeuf , Xiongwei Song , Xin Li , "Mike Rapoport (IBM)" , Brijesh Singh , Michael Roth , Tony Luck , "Kirill A. Shutemov" , Alexey Kardashevskiy Cc: Jonathan Corbet , Alexander Shishkin , Sohil Mehta , Ingo Molnar , Pawan Gupta , Daniel Sneddon , Kai Huang , Sandipan Das , Breno Leitao , Rick Edgecombe , Yian Chen , Alexei Starovoitov , Hou Tao , Juergen Gross , Vegard Nossum , Kees Cook , Eric Biggers , Jason Gunthorpe , "Masami Hiramatsu (Google)" , Andrew Morton , Luis Chamberlain , Yuntao Wang , Rasmus Villemoes , Christophe Leroy , Tejun Heo , Changbin Du , Huang Shijie , Geert Uytterhoeven , Namhyung Kim , Arnaldo Carvalho de Melo , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org Subject: [PATCH v4 16/16] x86/cpu: Make LAM depend on LASS Date: Wed, 10 Jul 2024 19:06:52 +0300 Message-ID: <20240710160655.3402786-17-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> References: <20240710160655.3402786-1-alexander.shishkin@linux.intel.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 To prevent exploits for Spectre based on LAM as demonstrated by the whitepaper [1], make LAM depend on LASS, which avoids this type of vulnerability. [1] https://download.vusec.net/papers/slam_sp24.pdf Signed-off-by: Alexander Shishkin --- arch/x86/kernel/cpu/cpuid-deps.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kernel/cpu/cpuid-deps.c b/arch/x86/kernel/cpu/cpuid-deps.c index 22612e01ec2e..8986e990beb0 100644 --- a/arch/x86/kernel/cpu/cpuid-deps.c +++ b/arch/x86/kernel/cpu/cpuid-deps.c @@ -85,6 +85,7 @@ static const struct cpuid_dep cpuid_deps[] = { { X86_FEATURE_FRED, X86_FEATURE_LKGS }, { X86_FEATURE_FRED, X86_FEATURE_WRMSRNS }, { X86_FEATURE_LASS, X86_FEATURE_SMAP }, + { X86_FEATURE_LAM, X86_FEATURE_LASS }, {} };