From: Borislav Petkov <bp@alien8.de>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Ingo Molnar <mingo@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Andy Lutomirski <luto@kernel.org>,
Dan Williams <dan.j.williams@intel.com>,
elliott@hpe.com, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, linux-nvdimm@ml01.01.org, x86@kernel.org
Subject: Re: [PATCH v6 1/4] x86: Clean up extable entry format (and free up a bit)
Date: Mon, 4 Jan 2016 13:07:51 +0100 [thread overview]
Message-ID: <20160104120751.GG22941@pd.tnic> (raw)
In-Reply-To: <968b4c079271431292fddfa49ceacff576be6849.1451869360.git.tony.luck@intel.com>
On Wed, Dec 30, 2015 at 09:59:29AM -0800, Andy Lutomirski wrote:
> This adds two bits of fixup class information to a fixup entry,
> generalizing the uaccess_err hack currently in place.
>
> Forward-ported-from-3.9-by: Tony Luck <tony.luck@intel.com>
> Signed-off-by: Andy Lutomirski <luto@amacapital.net>
> ---
> arch/x86/include/asm/asm.h | 70 ++++++++++++++++++++++++++++++----------------
> arch/x86/mm/extable.c | 21 ++++++++------
> 2 files changed, 59 insertions(+), 32 deletions(-)
>
> diff --git a/arch/x86/include/asm/asm.h b/arch/x86/include/asm/asm.h
> index 189679aba703..b64121ffb2da 100644
> --- a/arch/x86/include/asm/asm.h
> +++ b/arch/x86/include/asm/asm.h
> @@ -43,19 +43,47 @@
> #define _ASM_DI __ASM_REG(di)
>
> /* Exception table entry */
> -#ifdef __ASSEMBLY__
> -# define _ASM_EXTABLE(from,to) \
> - .pushsection "__ex_table","a" ; \
> - .balign 8 ; \
> - .long (from) - . ; \
> - .long (to) - . ; \
> - .popsection
>
> -# define _ASM_EXTABLE_EX(from,to) \
> - .pushsection "__ex_table","a" ; \
> - .balign 8 ; \
> - .long (from) - . ; \
> - .long (to) - . + 0x7ffffff0 ; \
> +/*
> + * An exception table entry is 64 bits. The first 32 bits are the offset
Two 32-bit ints, to be exact.
Also, there's text in arch/x86/include/asm/uaccess.h where the exception
table entry is defined so you probably should sync with it so that the
nomenclature is the same.
> + * from that entry to the potentially faulting instruction. sortextable
sortextable.c ?
> + * relies on that exact encoding. The second 32 bits encode the fault
> + * handler address.
> + *
> + * We want to stick two extra bits of handler class into the fault handler
> + * address. All of these are generated by relocations, so we can only
> + * rely on addition. We therefore emit:
> + *
> + * (target - here) + (class) + 0x20000000
I still don't understand that bit 29 thing.
Because the offset is negative?
The exception table currently looks like this here:
insn offset: 0xff91a7c4, fixup offset: 0xffffd57a
insn offset: 0xff91bac3, fixup offset: 0xffffd57e
insn offset: 0xff91bac0, fixup offset: 0xffffd57d
insn offset: 0xff91baba, fixup offset: 0xffffd57c
insn offset: 0xff91bfca, fixup offset: 0xffffd57c
insn offset: 0xff91bfff, fixup offset: 0xffffd57e
insn offset: 0xff91c049, fixup offset: 0xffffd580
insn offset: 0xff91c141, fixup offset: 0xffffd57f
insn offset: 0xff91c24e, fixup offset: 0xffffd581
insn offset: 0xff91c262, fixup offset: 0xffffd580
insn offset: 0xff91c261, fixup offset: 0xffffd57f
...
It probably will dawn on me when I look at the rest of the patch...
> + * This has the property that the two high bits are the class and the
> + * rest is easy to decode.
> + */
> +
> +/* There are two bits of extable entry class, added to a signed offset. */
> +#define _EXTABLE_CLASS_DEFAULT 0 /* standard uaccess fixup */
> +#define _EXTABLE_CLASS_EX 0x80000000 /* uaccess + set uaccess_err */
BIT(31) is more readable.
> +
> +/*
> + * The biases are the class constants + 0x20000000, as signed integers.
> + * This can't use ordinary arithmetic -- the assembler isn't that smart.
> + */
> +#define _EXTABLE_BIAS_DEFAULT 0x20000000
> +#define _EXTABLE_BIAS_EX 0x20000000 - 0x80000000
Ditto.
> +
> +#define _ASM_EXTABLE(from,to) \
> + _ASM_EXTABLE_CLASS(from, to, _EXTABLE_BIAS_DEFAULT)
> +
> +#define _ASM_EXTABLE_EX(from,to) \
> + _ASM_EXTABLE_CLASS(from, to, _EXTABLE_BIAS_EX)
> +
> +#ifdef __ASSEMBLY__
> +# define _EXPAND_EXTABLE_BIAS(x) x
> +# define _ASM_EXTABLE_CLASS(from,to,bias) \
> + .pushsection "__ex_table","a" ; \
> + .balign 8 ; \
> + .long (from) - . ; \
> + .long (to) - . + _EXPAND_EXTABLE_BIAS(bias) ; \
Why not simply:
.long (to) - . + (bias) ;
and
" .long (" #to ") - . + "(" #bias ") "\n"
below and get rid of that _EXPAND_EXTABLE_BIAS()?
> .popsection
>
> # define _ASM_NOKPROBE(entry) \
> @@ -89,18 +117,12 @@
> .endm
>
> #else
> -# define _ASM_EXTABLE(from,to) \
> - " .pushsection \"__ex_table\",\"a\"\n" \
> - " .balign 8\n" \
> - " .long (" #from ") - .\n" \
> - " .long (" #to ") - .\n" \
> - " .popsection\n"
> -
> -# define _ASM_EXTABLE_EX(from,to) \
> - " .pushsection \"__ex_table\",\"a\"\n" \
> - " .balign 8\n" \
> - " .long (" #from ") - .\n" \
> - " .long (" #to ") - . + 0x7ffffff0\n" \
> +# define _EXPAND_EXTABLE_BIAS(x) #x
> +# define _ASM_EXTABLE_CLASS(from,to,bias) \
> + " .pushsection \"__ex_table\",\"a\"\n" \
> + " .balign 8\n" \
> + " .long (" #from ") - .\n" \
> + " .long (" #to ") - . + " _EXPAND_EXTABLE_BIAS(bias) "\n" \
> " .popsection\n"
> /* For C file, we already have NOKPROBE_SYMBOL macro */
> #endif
> diff --git a/arch/x86/mm/extable.c b/arch/x86/mm/extable.c
> index 903ec1e9c326..95e2ede71206 100644
> --- a/arch/x86/mm/extable.c
> +++ b/arch/x86/mm/extable.c
> @@ -8,16 +8,24 @@ ex_insn_addr(const struct exception_table_entry *x)
> {
> return (unsigned long)&x->insn + x->insn;
> }
> +static inline unsigned int
> +ex_class(const struct exception_table_entry *x)
> +{
> + return (unsigned int)x->fixup & 0xC0000000;
> +}
> +
> static inline unsigned long
> ex_fixup_addr(const struct exception_table_entry *x)
> {
> - return (unsigned long)&x->fixup + x->fixup;
> + long offset = (long)((u32)x->fixup & 0x3fffffff) - (long)0x20000000;
So basically:
x->fixup & 0x1fffffff
Why the explicit subtraction of bit 29?
IOW, I was expecting something simpler for the whole scheme like:
ex_class:
return x->fixup & 0xC0000000;
ex_fixup_addr:
return x->fixup | 0xC0000000;
Why can't it be done this way?
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Borislav Petkov <bp@alien8.de>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Ingo Molnar <mingo@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Andy Lutomirski <luto@kernel.org>,
Dan Williams <dan.j.williams@intel.com>,
elliott@hpe.com, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, linux-nvdimm@ml01.01.org, x86@kernel.org
Subject: Re: [PATCH v6 1/4] x86: Clean up extable entry format (and free up a bit)
Date: Mon, 4 Jan 2016 13:07:51 +0100 [thread overview]
Message-ID: <20160104120751.GG22941@pd.tnic> (raw)
In-Reply-To: <968b4c079271431292fddfa49ceacff576be6849.1451869360.git.tony.luck@intel.com>
On Wed, Dec 30, 2015 at 09:59:29AM -0800, Andy Lutomirski wrote:
> This adds two bits of fixup class information to a fixup entry,
> generalizing the uaccess_err hack currently in place.
>
> Forward-ported-from-3.9-by: Tony Luck <tony.luck@intel.com>
> Signed-off-by: Andy Lutomirski <luto@amacapital.net>
> ---
> arch/x86/include/asm/asm.h | 70 ++++++++++++++++++++++++++++++----------------
> arch/x86/mm/extable.c | 21 ++++++++------
> 2 files changed, 59 insertions(+), 32 deletions(-)
>
> diff --git a/arch/x86/include/asm/asm.h b/arch/x86/include/asm/asm.h
> index 189679aba703..b64121ffb2da 100644
> --- a/arch/x86/include/asm/asm.h
> +++ b/arch/x86/include/asm/asm.h
> @@ -43,19 +43,47 @@
> #define _ASM_DI __ASM_REG(di)
>
> /* Exception table entry */
> -#ifdef __ASSEMBLY__
> -# define _ASM_EXTABLE(from,to) \
> - .pushsection "__ex_table","a" ; \
> - .balign 8 ; \
> - .long (from) - . ; \
> - .long (to) - . ; \
> - .popsection
>
> -# define _ASM_EXTABLE_EX(from,to) \
> - .pushsection "__ex_table","a" ; \
> - .balign 8 ; \
> - .long (from) - . ; \
> - .long (to) - . + 0x7ffffff0 ; \
> +/*
> + * An exception table entry is 64 bits. The first 32 bits are the offset
Two 32-bit ints, to be exact.
Also, there's text in arch/x86/include/asm/uaccess.h where the exception
table entry is defined so you probably should sync with it so that the
nomenclature is the same.
> + * from that entry to the potentially faulting instruction. sortextable
sortextable.c ?
> + * relies on that exact encoding. The second 32 bits encode the fault
> + * handler address.
> + *
> + * We want to stick two extra bits of handler class into the fault handler
> + * address. All of these are generated by relocations, so we can only
> + * rely on addition. We therefore emit:
> + *
> + * (target - here) + (class) + 0x20000000
I still don't understand that bit 29 thing.
Because the offset is negative?
The exception table currently looks like this here:
insn offset: 0xff91a7c4, fixup offset: 0xffffd57a
insn offset: 0xff91bac3, fixup offset: 0xffffd57e
insn offset: 0xff91bac0, fixup offset: 0xffffd57d
insn offset: 0xff91baba, fixup offset: 0xffffd57c
insn offset: 0xff91bfca, fixup offset: 0xffffd57c
insn offset: 0xff91bfff, fixup offset: 0xffffd57e
insn offset: 0xff91c049, fixup offset: 0xffffd580
insn offset: 0xff91c141, fixup offset: 0xffffd57f
insn offset: 0xff91c24e, fixup offset: 0xffffd581
insn offset: 0xff91c262, fixup offset: 0xffffd580
insn offset: 0xff91c261, fixup offset: 0xffffd57f
...
It probably will dawn on me when I look at the rest of the patch...
> + * This has the property that the two high bits are the class and the
> + * rest is easy to decode.
> + */
> +
> +/* There are two bits of extable entry class, added to a signed offset. */
> +#define _EXTABLE_CLASS_DEFAULT 0 /* standard uaccess fixup */
> +#define _EXTABLE_CLASS_EX 0x80000000 /* uaccess + set uaccess_err */
BIT(31) is more readable.
> +
> +/*
> + * The biases are the class constants + 0x20000000, as signed integers.
> + * This can't use ordinary arithmetic -- the assembler isn't that smart.
> + */
> +#define _EXTABLE_BIAS_DEFAULT 0x20000000
> +#define _EXTABLE_BIAS_EX 0x20000000 - 0x80000000
Ditto.
> +
> +#define _ASM_EXTABLE(from,to) \
> + _ASM_EXTABLE_CLASS(from, to, _EXTABLE_BIAS_DEFAULT)
> +
> +#define _ASM_EXTABLE_EX(from,to) \
> + _ASM_EXTABLE_CLASS(from, to, _EXTABLE_BIAS_EX)
> +
> +#ifdef __ASSEMBLY__
> +# define _EXPAND_EXTABLE_BIAS(x) x
> +# define _ASM_EXTABLE_CLASS(from,to,bias) \
> + .pushsection "__ex_table","a" ; \
> + .balign 8 ; \
> + .long (from) - . ; \
> + .long (to) - . + _EXPAND_EXTABLE_BIAS(bias) ; \
Why not simply:
.long (to) - . + (bias) ;
and
" .long (" #to ") - . + "(" #bias ") "\n"
below and get rid of that _EXPAND_EXTABLE_BIAS()?
> .popsection
>
> # define _ASM_NOKPROBE(entry) \
> @@ -89,18 +117,12 @@
> .endm
>
> #else
> -# define _ASM_EXTABLE(from,to) \
> - " .pushsection \"__ex_table\",\"a\"\n" \
> - " .balign 8\n" \
> - " .long (" #from ") - .\n" \
> - " .long (" #to ") - .\n" \
> - " .popsection\n"
> -
> -# define _ASM_EXTABLE_EX(from,to) \
> - " .pushsection \"__ex_table\",\"a\"\n" \
> - " .balign 8\n" \
> - " .long (" #from ") - .\n" \
> - " .long (" #to ") - . + 0x7ffffff0\n" \
> +# define _EXPAND_EXTABLE_BIAS(x) #x
> +# define _ASM_EXTABLE_CLASS(from,to,bias) \
> + " .pushsection \"__ex_table\",\"a\"\n" \
> + " .balign 8\n" \
> + " .long (" #from ") - .\n" \
> + " .long (" #to ") - . + " _EXPAND_EXTABLE_BIAS(bias) "\n" \
> " .popsection\n"
> /* For C file, we already have NOKPROBE_SYMBOL macro */
> #endif
> diff --git a/arch/x86/mm/extable.c b/arch/x86/mm/extable.c
> index 903ec1e9c326..95e2ede71206 100644
> --- a/arch/x86/mm/extable.c
> +++ b/arch/x86/mm/extable.c
> @@ -8,16 +8,24 @@ ex_insn_addr(const struct exception_table_entry *x)
> {
> return (unsigned long)&x->insn + x->insn;
> }
> +static inline unsigned int
> +ex_class(const struct exception_table_entry *x)
> +{
> + return (unsigned int)x->fixup & 0xC0000000;
> +}
> +
> static inline unsigned long
> ex_fixup_addr(const struct exception_table_entry *x)
> {
> - return (unsigned long)&x->fixup + x->fixup;
> + long offset = (long)((u32)x->fixup & 0x3fffffff) - (long)0x20000000;
So basically:
x->fixup & 0x1fffffff
Why the explicit subtraction of bit 29?
IOW, I was expecting something simpler for the whole scheme like:
ex_class:
return x->fixup & 0xC0000000;
ex_fixup_addr:
return x->fixup | 0xC0000000;
Why can't it be done this way?
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
next prev parent reply other threads:[~2016-01-04 12:08 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-04 1:02 [PATCH v6 0/4] Machine check recovery when kernel accesses poison Tony Luck
2016-01-04 1:02 ` Tony Luck
2015-12-30 17:59 ` [PATCH v6 1/4] x86: Clean up extable entry format (and free up a bit) Andy Lutomirski
2015-12-30 17:59 ` Andy Lutomirski
2016-01-04 1:37 ` Tony Luck
2016-01-04 1:37 ` Tony Luck
2016-01-04 7:49 ` Ingo Molnar
2016-01-04 7:49 ` Ingo Molnar
2016-01-04 12:07 ` Borislav Petkov [this message]
2016-01-04 12:07 ` Borislav Petkov
2016-01-04 17:26 ` Tony Luck
2016-01-04 17:26 ` Tony Luck
2016-01-04 18:08 ` Andy Lutomirski
2016-01-04 18:08 ` Andy Lutomirski
2016-01-04 18:59 ` Tony Luck
2016-01-04 18:59 ` Tony Luck
2016-01-04 19:05 ` Andy Lutomirski
2016-01-04 19:05 ` Andy Lutomirski
2016-01-04 21:02 ` Borislav Petkov
2016-01-04 21:02 ` Borislav Petkov
2016-01-04 22:29 ` Andy Lutomirski
2016-01-04 22:29 ` Andy Lutomirski
2016-01-04 23:02 ` Borislav Petkov
2016-01-04 23:02 ` Borislav Petkov
2016-01-04 23:04 ` Borislav Petkov
2016-01-04 23:04 ` Borislav Petkov
2016-01-04 23:25 ` Andy Lutomirski
2016-01-04 23:25 ` Andy Lutomirski
2016-01-05 11:20 ` Borislav Petkov
2016-01-05 11:20 ` Borislav Petkov
2016-01-04 23:11 ` Tony Luck
2016-01-04 23:11 ` Tony Luck
2015-12-30 18:56 ` [PATCH v6 2/4] x86: Cleanup and add a new exception class Tony Luck
2015-12-30 18:56 ` Tony Luck
2016-01-04 14:22 ` Borislav Petkov
2016-01-04 17:00 ` Luck, Tony
2016-01-04 17:00 ` Luck, Tony
2016-01-04 20:32 ` Borislav Petkov
2016-01-04 22:23 ` Andy Lutomirski
2016-01-04 22:23 ` Andy Lutomirski
2015-12-31 19:40 ` [PATCH v6 3/4] x86, mce: Check for faults tagged in EXTABLE_CLASS_FAULT exception table entries Tony Luck
2015-12-31 19:40 ` Tony Luck
2015-12-31 19:43 ` [PATCH v6 4/4] x86, mce: Add __mcsafe_copy() Tony Luck
2015-12-31 19:43 ` Tony Luck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160104120751.GG22941@pd.tnic \
--to=bp@alien8.de \
--cc=akpm@linux-foundation.org \
--cc=dan.j.williams@intel.com \
--cc=elliott@hpe.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-nvdimm@ml01.01.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mingo@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.