From: Andi Kleen <andi@firstfloor.org>
To: speck@linutronix.de
Cc: Andi Kleen <ak@linux.intel.com>
Subject: [MODERATED] [PATCH v4 23/28] MDSv4 13
Date: Fri, 11 Jan 2019 17:29:36 -0800 [thread overview]
Message-ID: <58a7542c400ba68502b17fc4ed84d3f83669cb4e.1547256470.git.ak@linux.intel.com> (raw)
In-Reply-To: <cover.1547256470.git.ak@linux.intel.com>
In-Reply-To: <cover.1547256470.git.ak@linux.intel.com>
From: Andi Kleen <ak@linux.intel.com>
Subject: mds: Instrument skb functions to clear cpu
automatically
Instrument some strategic skbuff functions that either touch
packet data directly, or are likely followed by a user
data touch like a memcpy, to schedule a cpu clear on next
kernel exit. This is only done inside interrupts,
outside we assume it only touches the current processes' data.
In principle network data should be encrypted anyways,
but it's better to not leak it.
This provides protection for the network softirq.
Needs more auditing.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
---
include/linux/skbuff.h | 2 ++
net/core/skbuff.c | 26 ++++++++++++++++++++++++++
2 files changed, 28 insertions(+)
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 93f56fddd92a..5e147afa07e4 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -40,6 +40,7 @@
#include <linux/in6.h>
#include <linux/if_packet.h>
#include <net/flow.h>
+#include <linux/clearcpu.h>
/* The interface for checksum offload between the stack and networking drivers
* is as follows...
@@ -2093,6 +2094,7 @@ static inline void *__skb_put(struct sk_buff *skb, unsigned int len)
SKB_LINEAR_ASSERT(skb);
skb->tail += len;
skb->len += len;
+ lazy_clear_cpu_interrupt();
return tmp;
}
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 37317ffec146..eda9ef0ff63d 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -1189,6 +1189,9 @@ int skb_copy_ubufs(struct sk_buff *skb, gfp_t gfp_mask)
if (!num_frags)
goto release;
+ /* Likely to copy user data */
+ lazy_clear_cpu_interrupt();
+
new_frags = (__skb_pagelen(skb) + PAGE_SIZE - 1) >> PAGE_SHIFT;
for (i = 0; i < new_frags; i++) {
page = alloc_page(gfp_mask);
@@ -1353,6 +1356,9 @@ struct sk_buff *skb_copy(const struct sk_buff *skb, gfp_t gfp_mask)
if (!n)
return NULL;
+ /* Copies user data */
+ lazy_clear_cpu_interrupt();
+
/* Set the data pointer */
skb_reserve(n, headerlen);
/* Set the tail pointer and length */
@@ -1588,6 +1594,9 @@ struct sk_buff *skb_copy_expand(const struct sk_buff *skb,
if (!n)
return NULL;
+ /* May copy user data */
+ lazy_clear_cpu_interrupt();
+
skb_reserve(n, newheadroom);
/* Set the tail pointer and length */
@@ -1676,6 +1685,8 @@ EXPORT_SYMBOL(__skb_pad);
void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len)
{
+ /* Likely to be followed by a user data copy */
+ lazy_clear_cpu_interrupt();
if (tail != skb) {
skb->data_len += len;
skb->len += len;
@@ -1701,6 +1712,8 @@ void *skb_put(struct sk_buff *skb, unsigned int len)
skb->len += len;
if (unlikely(skb->tail > skb->end))
skb_over_panic(skb, len, __builtin_return_address(0));
+ /* Likely to be followed by a user data copy */
+ lazy_clear_cpu_interrupt();
return tmp;
}
EXPORT_SYMBOL(skb_put);
@@ -1720,6 +1733,7 @@ void *skb_push(struct sk_buff *skb, unsigned int len)
skb->len += len;
if (unlikely(skb->data < skb->head))
skb_under_panic(skb, len, __builtin_return_address(0));
+ /* No clear cpu, assume this is only header data */
return skb->data;
}
EXPORT_SYMBOL(skb_push);
@@ -2026,6 +2040,9 @@ int skb_copy_bits(const struct sk_buff *skb, int offset, void *to, int len)
struct sk_buff *frag_iter;
int i, copy;
+ /* Copies user data */
+ lazy_clear_cpu_interrupt();
+
if (offset > (int)skb->len - len)
goto fault;
@@ -2387,6 +2404,9 @@ int skb_store_bits(struct sk_buff *skb, int offset, const void *from, int len)
struct sk_buff *frag_iter;
int i, copy;
+ /* Copies user data */
+ lazy_clear_cpu_interrupt();
+
if (offset > (int)skb->len - len)
goto fault;
@@ -2467,6 +2487,9 @@ __wsum __skb_checksum(const struct sk_buff *skb, int offset, int len,
struct sk_buff *frag_iter;
int pos = 0;
+ /* Reads packet data */
+ lazy_clear_cpu_interrupt();
+
/* Checksum header. */
if (copy > 0) {
if (copy > len)
@@ -2559,6 +2582,9 @@ __wsum skb_copy_and_csum_bits(const struct sk_buff *skb, int offset,
struct sk_buff *frag_iter;
int pos = 0;
+ /* Reads packet data */
+ lazy_clear_cpu_interrupt();
+
/* Copy header. */
if (copy > 0) {
if (copy > len)
--
2.17.2
next prev parent reply other threads:[~2019-01-12 1:42 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-12 1:29 [MODERATED] [PATCH v4 00/28] MDSv4 2 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 01/28] MDSv4 3 Andi Kleen
2019-01-15 14:11 ` [MODERATED] " Andrew Cooper
2019-01-12 1:29 ` [MODERATED] [PATCH v4 02/28] MDSv4 22 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 03/28] MDSv4 20 Andi Kleen
2019-01-14 18:50 ` [MODERATED] " Dave Hansen
2019-01-14 19:29 ` Andi Kleen
2019-01-14 19:38 ` Linus Torvalds
2019-01-12 1:29 ` [MODERATED] [PATCH v4 04/28] MDSv4 8 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 05/28] MDSv4 10 Andi Kleen
2019-01-14 19:20 ` [MODERATED] " Dave Hansen
2019-01-14 19:31 ` Andi Kleen
2019-01-18 7:33 ` [MODERATED] Encrypted Message Jon Masters
2019-01-14 23:39 ` Tim Chen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 06/28] MDSv4 11 Andi Kleen
2019-01-14 19:23 ` [MODERATED] " Dave Hansen
2019-01-15 12:01 ` Jiri Kosina
2019-01-12 1:29 ` [MODERATED] [PATCH v4 07/28] MDSv4 0 Andi Kleen
2019-01-14 4:03 ` [MODERATED] " Josh Poimboeuf
2019-01-14 4:38 ` Andi Kleen
2019-01-14 4:55 ` Josh Poimboeuf
2019-01-12 1:29 ` [MODERATED] [PATCH v4 08/28] MDSv4 19 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 09/28] MDSv4 16 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 10/28] MDSv4 24 Andi Kleen
2019-01-15 1:05 ` [MODERATED] Encrypted Message Tim Chen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 11/28] MDSv4 21 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 12/28] MDSv4 25 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 13/28] MDSv4 4 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 14/28] MDSv4 17 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 15/28] MDSv4 9 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 16/28] MDSv4 6 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 17/28] MDSv4 18 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 18/28] MDSv4 26 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 19/28] MDSv4 14 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 20/28] MDSv4 23 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 21/28] MDSv4 15 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 22/28] MDSv4 5 Andi Kleen
2019-01-12 1:29 ` Andi Kleen [this message]
2019-01-12 1:29 ` [MODERATED] [PATCH v4 24/28] MDSv4 28 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 25/28] MDSv4 1 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 26/28] MDSv4 27 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 27/28] MDSv4 7 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 28/28] MDSv4 12 Andi Kleen
2019-01-12 3:04 ` [MODERATED] Re: [PATCH v4 00/28] MDSv4 2 Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=58a7542c400ba68502b17fc4ed84d3f83669cb4e.1547256470.git.ak@linux.intel.com \
--to=andi@firstfloor.org \
--cc=ak@linux.intel.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.