From: Rick Edgecombe <rick.p.edgecombe@intel.com>
To: x86@kernel.org, "H . Peter Anvin" <hpa@zytor.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>,
linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
linux-mm@kvack.org, linux-arch@vger.kernel.org,
linux-api@vger.kernel.org, Arnd Bergmann <arnd@arndb.de>,
Andy Lutomirski <luto@kernel.org>,
Balbir Singh <bsingharora@gmail.com>,
Borislav Petkov <bp@alien8.de>,
Cyrill Gorcunov <gorcunov@gmail.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Eugene Syromiatnikov <esyr@redhat.com>,
Florian Weimer <fweimer@redhat.com>,
"H . J . Lu" <hjl.tools@gmail.com>, Jann Horn <jannh@google.com>,
Jonathan Corbet <corbet@lwn.net>,
Kees Cook <keescook@chromium.org>,
Mike Kravetz <mike.kravetz@oracle.com>,
Nadav Amit <nadav.amit@gmail.com>,
Oleg Nesterov <oleg@redhat.com>, Pavel Machek <pavel@ucw.cz>,
Peter Zijlstra <peterz@infradead.org>,
Randy Dunlap <rdunlap@infradead.org>,
"Ravi V . Shankar" <ravi.v.shankar@intel.com>,
Dave Martin <Dave.Martin@arm.com>,
Weijiang Yang <weijiang.yang@intel.com>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
joao.moreira@intel.com, John Allen <john.allen@amd.com>,
kcc@google.com, eranian@google.com
Cc: rick.p.edgecombe@intel.com
Subject: [PATCH 27/35] x86/fpu: Add unsafe xsave buffer helpers
Date: Sun, 30 Jan 2022 13:18:30 -0800 [thread overview]
Message-ID: <20220130211838.8382-28-rick.p.edgecombe@intel.com> (raw)
In-Reply-To: <20220130211838.8382-1-rick.p.edgecombe@intel.com>
CET will need to modify the xsave buffer of a new FPU that was just
created in the process of copying a thread. In this case the normal
helpers will not work, because they operate on the current thread's FPU.
So add unsafe helpers to allow for this kind of modification. Make the
unsafe helpers operate on the MSR like the safe helpers for symmetry and
to avoid exposing the underling xsave structures. Don't add a read
helper because it is not needed at this time.
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
---
arch/x86/include/asm/fpu/api.h | 9 ++++++---
arch/x86/kernel/fpu/xstate.c | 27 ++++++++++++++++++++++-----
2 files changed, 28 insertions(+), 8 deletions(-)
diff --git a/arch/x86/include/asm/fpu/api.h b/arch/x86/include/asm/fpu/api.h
index 6aec27984b62..5cb557b9d118 100644
--- a/arch/x86/include/asm/fpu/api.h
+++ b/arch/x86/include/asm/fpu/api.h
@@ -167,7 +167,10 @@ extern long fpu_xstate_prctl(struct task_struct *tsk, int option, unsigned long
void *start_update_xsave_msrs(int xfeature_nr);
void end_update_xsave_msrs(void);
-int xsave_rdmsrl(void *state, unsigned int msr, unsigned long long *p);
-int xsave_wrmsrl(void *state, u32 msr, u64 val);
-int xsave_set_clear_bits_msrl(void *state, u32 msr, u64 set, u64 clear);
+int xsave_rdmsrl(void *xstate, unsigned int msr, unsigned long long *p);
+int xsave_wrmsrl(void *xstate, u32 msr, u64 val);
+int xsave_set_clear_bits_msrl(void *xstate, u32 msr, u64 set, u64 clear);
+
+void *get_xsave_buffer_unsafe(struct fpu *fpu, int xfeature_nr);
+int xsave_wrmsrl_unsafe(void *xstate, u32 msr, u64 val);
#endif /* _ASM_X86_FPU_API_H */
diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index 25b1b0c417fd..71b08026474c 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -1881,6 +1881,17 @@ static u64 *__get_xsave_member(void *xstate, u32 msr)
}
}
+/*
+ * Operate on the xsave buffer directly. It makes no gaurantees that the
+ * buffer will stay valid now or in the futre. This function is pretty
+ * much only useful when the caller knows the fpu's thread can't be
+ * scheduled or otherwise operated on concurrently.
+ */
+void *get_xsave_buffer_unsafe(struct fpu *fpu, int xfeature_nr)
+{
+ return get_xsave_addr(&fpu->fpstate->regs.xsave, xfeature_nr);
+}
+
/*
* Return a pointer to the xstate for the feature if it should be used, or NULL
* if the MSRs should be written to directly. To do this safely, using the
@@ -1971,14 +1982,11 @@ int xsave_rdmsrl(void *xstate, unsigned int msr, unsigned long long *p)
return 0;
}
-int xsave_wrmsrl(void *xstate, u32 msr, u64 val)
+
+int xsave_wrmsrl_unsafe(void *xstate, u32 msr, u64 val)
{
u64 *member_ptr;
- __xsave_msrl_prepare_write();
- if (!xstate)
- return wrmsrl_safe(msr, val);
-
member_ptr = __get_xsave_member(xstate, msr);
if (!member_ptr)
return 1;
@@ -1988,6 +1996,15 @@ int xsave_wrmsrl(void *xstate, u32 msr, u64 val)
return 0;
}
+int xsave_wrmsrl(void *xstate, u32 msr, u64 val)
+{
+ __xsave_msrl_prepare_write();
+ if (!xstate)
+ return wrmsrl_safe(msr, val);
+
+ return xsave_wrmsrl_unsafe(xstate, msr, val);
+}
+
int xsave_set_clear_bits_msrl(void *xstate, u32 msr, u64 set, u64 clear)
{
u64 val, new_val;
--
2.17.1
next prev parent reply other threads:[~2022-01-30 21:26 UTC|newest]
Thread overview: 152+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-30 21:18 [PATCH 00/35] Shadow stacks for userspace Rick Edgecombe
2022-01-30 21:18 ` [PATCH 01/35] Documentation/x86: Add CET description Rick Edgecombe
2022-01-30 21:18 ` [PATCH 02/35] x86/cet/shstk: Add Kconfig option for Shadow Stack Rick Edgecombe
2022-02-07 22:39 ` Dave Hansen
2022-02-08 8:41 ` Thomas Gleixner
2022-02-08 20:20 ` Edgecombe, Rick P
2022-02-08 8:39 ` Thomas Gleixner
2022-01-30 21:18 ` [PATCH 03/35] x86/cpufeatures: Add CET CPU feature flags for Control-flow Enforcement Technology (CET) Rick Edgecombe
2022-02-07 22:45 ` Dave Hansen
2022-02-08 20:23 ` Edgecombe, Rick P
2022-02-09 1:10 ` Kees Cook
2022-01-30 21:18 ` [PATCH 04/35] x86/cpufeatures: Introduce CPU setup and option parsing for CET Rick Edgecombe
2022-02-07 22:49 ` Dave Hansen
2022-02-08 20:29 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 05/35] x86/fpu/xstate: Introduce CET MSR and XSAVES supervisor states Rick Edgecombe
2022-02-07 23:28 ` Dave Hansen
2022-02-08 21:36 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 06/35] x86/cet: Add control-protection fault handler Rick Edgecombe
2022-02-07 23:56 ` Dave Hansen
2022-02-08 22:23 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 07/35] x86/mm: Remove _PAGE_DIRTY from kernel RO pages Rick Edgecombe
2022-02-08 0:13 ` Dave Hansen
2022-02-08 22:52 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 08/35] x86/mm: Move pmd_write(), pud_write() up in the file Rick Edgecombe
2022-01-30 21:18 ` [PATCH 09/35] x86/mm: Introduce _PAGE_COW Rick Edgecombe
2022-02-08 1:05 ` Dave Hansen
2022-01-30 21:18 ` [PATCH 10/35] drm/i915/gvt: Change _PAGE_DIRTY to _PAGE_DIRTY_BITS Rick Edgecombe
2022-02-09 16:58 ` Dave Hansen
2022-02-11 1:39 ` Edgecombe, Rick P
2022-02-11 7:13 ` Wang, Zhi A
2022-02-12 1:45 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 11/35] x86/mm: Update pte_modify for _PAGE_COW Rick Edgecombe
2022-02-09 18:00 ` Dave Hansen
2022-01-30 21:18 ` [PATCH 12/35] x86/mm: Update ptep_set_wrprotect() and pmdp_set_wrprotect() for transition from _PAGE_DIRTY to _PAGE_COW Rick Edgecombe
2022-02-09 18:30 ` Dave Hansen
2022-01-30 21:18 ` [PATCH 13/35] mm: Move VM_UFFD_MINOR_BIT from 37 to 38 Rick Edgecombe
2022-01-30 21:18 ` [PATCH 14/35] mm: Introduce VM_SHADOW_STACK for shadow stack memory Rick Edgecombe
2022-02-09 21:55 ` Dave Hansen
2022-01-30 21:18 ` [PATCH 15/35] x86/mm: Check Shadow Stack page fault errors Rick Edgecombe
2022-02-09 19:06 ` Dave Hansen
2022-01-30 21:18 ` [PATCH 16/35] x86/mm: Update maybe_mkwrite() for shadow stack Rick Edgecombe
2022-02-09 21:16 ` Dave Hansen
2022-01-30 21:18 ` [PATCH 17/35] mm: Fixup places that call pte_mkwrite() directly Rick Edgecombe
2022-02-09 21:51 ` Dave Hansen
2022-01-30 21:18 ` [PATCH 18/35] mm: Add guard pages around a shadow stack Rick Edgecombe
2022-02-09 22:23 ` Dave Hansen
2022-02-10 22:38 ` David Laight
2022-02-10 23:42 ` Edgecombe, Rick P
2022-02-11 9:08 ` David Laight
2022-02-10 22:43 ` Dave Hansen
2022-02-10 23:07 ` Andy Lutomirski
2022-02-10 23:40 ` Edgecombe, Rick P
2022-02-11 17:54 ` Andy Lutomirski
2022-02-12 0:10 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 19/35] mm/mmap: Add shadow stack pages to memory accounting Rick Edgecombe
2022-02-09 22:27 ` Dave Hansen
2022-01-30 21:18 ` [PATCH 20/35] mm: Update can_follow_write_pte() for shadow stack Rick Edgecombe
2022-02-09 22:50 ` Dave Hansen
2022-02-09 22:52 ` Dave Hansen
2022-02-10 22:45 ` David Laight
2022-01-30 21:18 ` [PATCH 21/35] mm/mprotect: Exclude shadow stack from preserve_write Rick Edgecombe
2022-02-10 19:27 ` Dave Hansen
2022-01-30 21:18 ` [PATCH 22/35] x86/mm: Prevent VM_WRITE shadow stacks Rick Edgecombe
2022-02-11 22:19 ` Dave Hansen
2022-02-12 1:44 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 23/35] x86/fpu: Add helpers for modifying supervisor xstate Rick Edgecombe
2022-02-08 8:51 ` Thomas Gleixner
2022-02-09 19:55 ` Edgecombe, Rick P
2022-02-12 0:27 ` Dave Hansen
2022-02-12 2:31 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 24/35] mm: Re-introduce vm_flags to do_mmap() Rick Edgecombe
2022-01-30 21:18 ` [PATCH 25/35] x86/cet/shstk: Add user-mode shadow stack support Rick Edgecombe
2022-02-11 23:37 ` Dave Hansen
2022-02-12 0:07 ` Andy Lutomirski
2022-02-12 0:11 ` Dave Hansen
2022-02-12 0:12 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 26/35] x86/process: Change copy_thread() argument 'arg' to 'stack_size' Rick Edgecombe
2022-02-08 8:38 ` Thomas Gleixner
2022-02-11 2:09 ` Edgecombe, Rick P
2022-02-14 12:33 ` Jann Horn
2022-02-15 1:22 ` Edgecombe, Rick P
2022-02-15 8:49 ` Christian Brauner
2022-01-30 21:18 ` Rick Edgecombe [this message]
2022-01-30 21:18 ` [PATCH 28/35] x86/cet/shstk: Handle thread shadow stack Rick Edgecombe
2022-01-30 21:18 ` [PATCH 29/35] x86/cet/shstk: Introduce shadow stack token setup/verify routines Rick Edgecombe
2022-01-30 21:18 ` [PATCH 30/35] x86/cet/shstk: Handle signals for shadow stack Rick Edgecombe
2022-01-30 21:18 ` [PATCH 31/35] x86/cet/shstk: Add arch_prctl elf feature functions Rick Edgecombe
2022-01-30 21:18 ` [PATCH 32/35] x86/cet/shstk: Introduce map_shadow_stack syscall Rick Edgecombe
2022-01-30 21:18 ` [PATCH 33/35] selftests/x86: Add map_shadow_stack syscall test Rick Edgecombe
2022-02-03 22:42 ` Dave Hansen
2022-02-04 1:22 ` Edgecombe, Rick P
2022-01-30 21:18 ` [PATCH 34/35] x86/cet/shstk: Support wrss for userspace Rick Edgecombe
2022-01-31 7:56 ` Florian Weimer
2022-01-31 18:26 ` H.J. Lu
2022-01-31 18:45 ` Florian Weimer
2022-01-30 21:18 ` [PATCH 35/35] x86/cpufeatures: Limit shadow stack to Intel CPUs Rick Edgecombe
2022-02-03 21:58 ` John Allen
2022-02-03 22:23 ` H.J. Lu
2022-02-04 22:21 ` John Allen
2022-02-03 21:07 ` [PATCH 00/35] Shadow stacks for userspace Thomas Gleixner
2022-02-04 1:08 ` Edgecombe, Rick P
2022-02-04 5:20 ` Andy Lutomirski
2022-02-04 20:23 ` Edgecombe, Rick P
2022-02-05 13:26 ` David Laight
2022-02-05 13:29 ` H.J. Lu
2022-02-05 20:15 ` Edgecombe, Rick P
2022-02-05 20:21 ` H.J. Lu
2022-02-06 13:19 ` Peter Zijlstra
2022-02-06 13:42 ` David Laight
2022-02-06 13:55 ` H.J. Lu
2022-02-07 10:22 ` Florian Weimer
2022-02-08 1:46 ` Edgecombe, Rick P
2022-02-08 1:31 ` Andy Lutomirski
2022-02-08 9:31 ` Thomas Gleixner
2022-02-08 16:15 ` Andy Lutomirski
2022-02-06 13:06 ` Peter Zijlstra
2022-02-06 18:42 ` Mike Rapoport
2022-02-07 7:20 ` Adrian Reber
2022-02-07 16:30 ` Dave Hansen
2022-02-08 9:16 ` Mike Rapoport
2022-02-08 9:29 ` Cyrill Gorcunov
2022-02-08 16:21 ` Andy Lutomirski
2022-02-08 17:02 ` Cyrill Gorcunov
2022-02-09 2:18 ` Edgecombe, Rick P
2022-02-09 6:43 ` Cyrill Gorcunov
2022-02-09 10:53 ` Mike Rapoport
2022-02-10 2:37 ` Andy Lutomirski
2022-02-10 2:53 ` H.J. Lu
2022-02-10 13:52 ` Willgerodt, Felix
2022-02-11 7:41 ` avagin
2022-02-11 8:04 ` Mike Rapoport
2022-02-28 20:27 ` Mike Rapoport
2022-02-28 20:30 ` Andy Lutomirski
2022-02-28 21:30 ` Mike Rapoport
2022-02-28 22:55 ` Andy Lutomirski
2022-03-03 19:40 ` Mike Rapoport
2022-03-03 23:00 ` Andy Lutomirski
2022-03-04 1:30 ` Edgecombe, Rick P
2022-03-04 19:13 ` Andy Lutomirski
2022-03-07 18:56 ` Mike Rapoport
2022-03-07 19:07 ` H.J. Lu
2022-05-31 11:59 ` Mike Rapoport
2022-05-31 16:25 ` Edgecombe, Rick P
2022-05-31 16:36 ` Mike Rapoport
2022-05-31 17:34 ` Edgecombe, Rick P
2022-05-31 18:00 ` H.J. Lu
2022-06-01 17:27 ` Edgecombe, Rick P
2022-06-01 19:27 ` H.J. Lu
2022-06-01 8:06 ` Mike Rapoport
2022-06-01 17:24 ` Edgecombe, Rick P
2022-06-09 18:04 ` Mike Rapoport
2022-03-07 22:21 ` David Laight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220130211838.8382-28-rick.p.edgecombe@intel.com \
--to=rick.p.edgecombe@intel.com \
--cc=Dave.Martin@arm.com \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=bsingharora@gmail.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=eranian@google.com \
--cc=esyr@redhat.com \
--cc=fweimer@redhat.com \
--cc=gorcunov@gmail.com \
--cc=hjl.tools@gmail.com \
--cc=hpa@zytor.com \
--cc=jannh@google.com \
--cc=joao.moreira@intel.com \
--cc=john.allen@amd.com \
--cc=kcc@google.com \
--cc=keescook@chromium.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mike.kravetz@oracle.com \
--cc=mingo@redhat.com \
--cc=nadav.amit@gmail.com \
--cc=oleg@redhat.com \
--cc=pavel@ucw.cz \
--cc=peterz@infradead.org \
--cc=ravi.v.shankar@intel.com \
--cc=rdunlap@infradead.org \
--cc=tglx@linutronix.de \
--cc=weijiang.yang@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).