From: peterz@infradead.org
To: Andy Lutomirski <luto@amacapital.net>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>,
Brian Gerst <brgerst@gmail.com>,
the arch/x86 maintainers <x86@kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Kyle Huey <me@kylehuey.com>,
Alexandre Chartre <alexandre.chartre@oracle.com>,
Robert O'Callahan <rocallahan@gmail.com>,
"Paul E. McKenney" <paulmck@kernel.org>,
Frederic Weisbecker <frederic@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <sean.j.christopherson@intel.com>,
Masami Hiramatsu <mhiramat@kernel.org>,
Petr Mladek <pmladek@suse.com>,
Steven Rostedt <rostedt@goodmis.org>,
Joel Fernandes <joel@joelfernandes.org>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Juergen Gross <jgross@suse.com>,
Andy Lutomirski <luto@kernel.org>
Subject: Re: [RFC][PATCH 4/7] x86/debug: Move historical SYSENTER junk into exc_debug_kernel()
Date: Thu, 20 Aug 2020 20:19:46 +0200 [thread overview]
Message-ID: <20200820181946.GF1362448@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <156769F5-0BCC-4FB8-A56D-0E92601F558A@amacapital.net>
On Thu, Aug 20, 2020 at 09:43:15AM -0700, Andy Lutomirski wrote:
> I’ve lost track of how many bugs QEMU and KVM have in this space.
> Let’s keep it as a warning, but a bug. But let’s get rid of the
> totally bogus TIF_SINGLESTEP manipulation.
OK, I've shuffled the series around to fix that ordering problem in
patch 4 and added the below patch at the end.
Although I'm not entirely sure it actually leaks a #DB or just wrecks
the state.. *shrug*.
---
Subject: x86/debug: Remove the historical junk
From: Peter Zijlstra <peterz@infradead.org>
Date: Thu Aug 20 18:28:37 CEST 2020
Suggested-by: Brian Gerst <brgerst@gmail.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
---
arch/x86/kernel/traps.c | 24 ++++++++++--------------
1 file changed, 10 insertions(+), 14 deletions(-)
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -839,22 +839,18 @@ static __always_inline void exc_debug_ke
goto out;
/*
- * Reload dr6, the notifier might have changed it.
+ * The kernel doesn't use TF single-step outside of:
+ *
+ * - Kprobes, consumed through kprobe_debug_handler()
+ * - KGDB, consumed through notify_debug()
+ *
+ * So if we get here with DR_STEP set, something is wonky.
+ *
+ * A known way to trigger this is through QEMU's GDB stub,
+ * which leaks #DB into the guest and causes IST recursion.
*/
- dr6 = current->thread.debugreg6;
-
- if (WARN_ON_ONCE(dr6 & DR_STEP)) {
- /*
- * Historical junk that used to handle SYSENTER single-stepping.
- * This should be unreachable now. If we survive for a while
- * without anyone hitting this warning, we'll turn this into
- * an oops.
- */
- dr6 &= ~DR_STEP;
- set_thread_flag(TIF_SINGLESTEP);
+ if (WARN_ON_ONCE(current->thread.debugreg6 & DR_STEP))
regs->flags &= ~X86_EFLAGS_TF;
- }
-
out:
instrumentation_end();
idtentry_exit_nmi(regs, irq_state);
next prev parent reply other threads:[~2020-08-20 18:20 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-20 10:38 [RFC][PATCH 0/7] x86/debug: Untangle handle_debug() Peter Zijlstra
2020-08-20 10:38 ` [PATCH 1/7] x86/debug: Allow a single level of #DB recursion Peter Zijlstra
2020-08-26 13:54 ` Sasha Levin
2020-08-20 10:38 ` [RFC][PATCH 2/7] x86/debug: Sync BTF earlier Peter Zijlstra
2020-08-21 2:25 ` Thomas Gleixner
2020-08-20 10:38 ` [RFC][PATCH 3/7] x86/debug: Move kprobe_debug_handler() into exc_debug_kernel() Peter Zijlstra
2020-08-21 13:54 ` Masami Hiramatsu
2020-08-20 10:38 ` [RFC][PATCH 4/7] x86/debug: Move historical SYSENTER junk " Peter Zijlstra
2020-08-20 14:45 ` Brian Gerst
2020-08-20 15:08 ` peterz
2020-08-20 15:16 ` Josh Poimboeuf
2020-08-20 15:21 ` peterz
2020-08-20 16:17 ` Josh Poimboeuf
2020-08-20 16:34 ` peterz
2020-08-20 16:43 ` Andy Lutomirski
2020-08-20 17:21 ` Josh Poimboeuf
2020-08-20 18:19 ` peterz [this message]
2020-08-20 15:28 ` Daniel Thompson
2020-08-20 15:51 ` peterz
2020-08-21 10:19 ` peterz
2020-08-21 13:31 ` Daniel Thompson
2020-08-20 10:38 ` [RFC][PATCH 5/7] x86/debug: Remove handle_debug(.user) argument Peter Zijlstra
2020-08-20 10:38 ` [RFC][PATCH 6/7] x86/debug: Simplify #DB signal code Peter Zijlstra
2020-08-20 10:38 ` [RFC][PATCH 7/7] x86/debug: Move cond_local_irq_enable() block into exc_debug_user() Peter Zijlstra
2020-08-21 2:29 ` [RFC][PATCH 0/7] x86/debug: Untangle handle_debug() Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200820181946.GF1362448@hirez.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=alexandre.chartre@oracle.com \
--cc=boris.ostrovsky@oracle.com \
--cc=brgerst@gmail.com \
--cc=frederic@kernel.org \
--cc=jgross@suse.com \
--cc=joel@joelfernandes.org \
--cc=jpoimboe@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=me@kylehuey.com \
--cc=mhiramat@kernel.org \
--cc=paulmck@kernel.org \
--cc=pbonzini@redhat.com \
--cc=pmladek@suse.com \
--cc=rocallahan@gmail.com \
--cc=rostedt@goodmis.org \
--cc=sean.j.christopherson@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.