Re: [PATCH] arm64: KVM: VHE: reset PSTATE.UAO when switch to host

Linux KVM/arm64 development list
 help / color / mirror / Atom feed

From: gengdongjiu <gengdongjiu@huawei.com>
To: Marc Zyngier <marc.zyngier@arm.com>, James Morse <james.morse@arm.com>
Cc: christoffer.dall@linaro.org, vladimir.murzin@arm.com,
	rkrcmar@redhat.com, catalin.marinas@arm.com,
	shankerd@codeaurora.org, linux-arm-kernel@lists.infradead.org,
	kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org,
	linux-kernel@vger.kernel.org, zhanghaibin7@huawei.com,
	huangshaoyu@huawei.com
Subject: Re: [PATCH] arm64: KVM: VHE: reset PSTATE.UAO when switch to host
Date: Thu, 7 Sep 2017 19:49:43 +0800	[thread overview]
Message-ID: <eebc5831-79ff-c79c-34ff-37c852885bbe@huawei.com> (raw)
In-Reply-To: <ec27c833-c9f7-d144-3c6f-a87a3bf3d97f@arm.com>



On 2017/9/7 18:13, Marc Zyngier wrote:
> On 07/09/17 11:05, gengdongjiu wrote:
>> Hi James,
>>
>> On 2017/9/7 17:20, James Morse wrote:
>>> Hi Dongjiu Geng,
>>>
>>> On 07/09/17 06:54, Dongjiu Geng wrote:
>>>> In VHE mode, host kernel runs in the EL2 and can enable
>>>> 'User Access Override' when fs==KERNEL_DS so that it can
>>>> access kernel memory. However, PSTATE.UAO is set to 0 on
>>>> an exception taken from EL1 to EL2. Thus when VHE is used
>>>> and exception taken from a guest UAO will be disabled and
>>>> host will use the incorrect PSTATE.UAO. So check and reset
>>>> the PSTATE.UAO when switching to host.
>>>
>>> This would only be a problem if KVM were calling into world-switch with
>>> fs==KERNEL_DS. I can't see where this happens.
>>  Not only KVM, may also kernel sets the fs == KERNEL_DS before calling into world-switch
> 
> How? Please describe the exact sequence of event that lead to this
> situation with the current code base.

Hi Marc,

   Different tasks have different fs, such as USER_DS or KERNEL_DS. In the context switch, it will restore the
task's fs. Thus, that depends on task itself, as shown below code. UAO is different with PAN, PAN will be always enabled if
hardware CPU supports PAN feature, but UAO is dynamical change.

/*
 * Thread switching.
 */
__notrace_funcgraph struct task_struct *__switch_to(struct task_struct *prev,
				struct task_struct *next)
{
	struct task_struct *last;

	fpsimd_thread_switch(next);
	tls_thread_switch(next);
	hw_breakpoint_thread_switch(next);
	contextidr_thread_switch(next);
	entry_task_switch(next);
	uao_thread_switch(next);
 	..........
}

/* Restore the UAO state depending on next's addr_limit */
void uao_thread_switch(struct task_struct *next)
{
	if (IS_ENABLED(CONFIG_ARM64_UAO)) {
		if (task_thread_info(next)->addr_limit == KERNEL_DS)
			asm(ALTERNATIVE("nop", SET_PSTATE_UAO(1), ARM64_HAS_UAO));
		else
			asm(ALTERNATIVE("nop", SET_PSTATE_UAO(0), ARM64_HAS_UAO));
	}
}

> 
> 	M.
>

next prev parent reply	other threads:[~2017-09-07 11:49 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-09-07  5:54 [PATCH] arm64: KVM: VHE: reset PSTATE.UAO when switch to host Dongjiu Geng
2017-09-07  9:20 ` James Morse
2017-09-07 10:05   ` gengdongjiu
2017-09-07 10:13     ` Marc Zyngier
2017-09-07 11:49       ` gengdongjiu [this message]
2017-09-07 12:00         ` Marc Zyngier
  -- strict thread matches above, loose matches on Subject: below --
2017-09-07 15:03 gengdongjiu
2017-09-07 15:23 ` Marc Zyngier
2017-09-08  7:19   ` gengdongjiu
2017-09-08  8:21     ` Marc Zyngier
2017-09-08  9:05       ` gengdongjiu
2017-09-08 12:10         ` Marc Zyngier
2017-09-08 13:33 gengdongjiu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=eebc5831-79ff-c79c-34ff-37c852885bbe@huawei.com \
    --to=gengdongjiu@huawei.com \
    --cc=catalin.marinas@arm.com \
    --cc=christoffer.dall@linaro.org \
    --cc=huangshaoyu@huawei.com \
    --cc=james.morse@arm.com \
    --cc=kvm@vger.kernel.org \
    --cc=kvmarm@lists.cs.columbia.edu \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=marc.zyngier@arm.com \
    --cc=rkrcmar@redhat.com \
    --cc=shankerd@codeaurora.org \
    --cc=vladimir.murzin@arm.com \
    --cc=zhanghaibin7@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox