From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mathieu Desnoyers Subject: [PATCH 07/11] x86: Implement sync_core_before_usermode (v3) Date: Tue, 23 Jan 2018 10:57:29 -0500 Message-ID: <20180123155733.3404-8-mathieu.desnoyers@efficios.com> References: <20180123155733.3404-1-mathieu.desnoyers@efficios.com> Return-path: In-Reply-To: <20180123155733.3404-1-mathieu.desnoyers-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org> Sender: linux-api-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Ingo Molnar , Peter Zijlstra , Thomas Gleixner Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Andy Lutomirski , "Paul E . McKenney" , Boqun Feng , Andrew Hunter , Maged Michael , Avi Kivity , Benjamin Herrenschmidt , Paul Mackerras , Michael Ellerman , Dave Watson , "H . Peter Anvin" , Andrea Parri , Russell King , Greg Hackmann , Will Deacon , David Sehr , Linus Torvalds , x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, Mathieu Desnoyers List-Id: linux-arch.vger.kernel.org Ensure that a core serializing instruction is issued before returning to user-mode. x86 implements return to user-space through sysexit, sysrel, and sysretq, which are not core serializing. Signed-off-by: Mathieu Desnoyers CC: Thomas Gleixner CC: Peter Zijlstra CC: Andy Lutomirski CC: Paul E. McKenney CC: Boqun Feng CC: Andrew Hunter CC: Maged Michael CC: Avi Kivity CC: Benjamin Herrenschmidt CC: Paul Mackerras CC: Michael Ellerman CC: Dave Watson CC: Ingo Molnar CC: "H. Peter Anvin" CC: Andrea Parri CC: Russell King CC: Greg Hackmann CC: Will Deacon CC: David Sehr CC: Linus Torvalds CC: Arnd Bergmann CC: x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org CC: linux-arch-u79uwXL29TY76Z2rM5mHXA@public.gmane.org --- Changes since v1: - Fix prototype of sync_core_before_usermode in generic code (missing return type). - Add linux/processor.h include to sched/core.c. - Add ARCH_HAS_SYNC_CORE_BEFORE_USERMODE to init/Kconfig. - Fix linux/processor.h ifdef to target CONFIG_ARCH_HAS_SYNC_CORE_BEFORE_USERMODE rather than ARCH_HAS_SYNC_CORE_BEFORE_USERMODE. - Move empty static inline in processor.h to generic patch. Changes since v2: - Introduce arch/x86/include/asm/sync_core.h - Don't sync_core when KPTI is enabled, and when invoked from irq and nmi context. - Note: v2 was reviewed by Thomas Gleixner, but changes were introduced since. --- arch/x86/Kconfig | 1 + arch/x86/include/asm/sync_core.h | 28 ++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 arch/x86/include/asm/sync_core.h diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 20da391b5f32..0b44c8dd0e95 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -61,6 +61,7 @@ config X86 select ARCH_HAS_SG_CHAIN select ARCH_HAS_STRICT_KERNEL_RWX select ARCH_HAS_STRICT_MODULE_RWX + select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE select ARCH_HAS_UBSAN_SANITIZE_ALL select ARCH_HAS_ZONE_DEVICE if X86_64 select ARCH_HAVE_NMI_SAFE_CMPXCHG diff --git a/arch/x86/include/asm/sync_core.h b/arch/x86/include/asm/sync_core.h new file mode 100644 index 000000000000..c67caafd3381 --- /dev/null +++ b/arch/x86/include/asm/sync_core.h @@ -0,0 +1,28 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_X86_SYNC_CORE_H +#define _ASM_X86_SYNC_CORE_H + +#include +#include +#include + +/* + * Ensure that a core serializing instruction is issued before returning + * to user-mode. x86 implements return to user-space through sysexit, + * sysrel, and sysretq, which are not core serializing. + */ +static inline void sync_core_before_usermode(void) +{ + /* With PTI, we unconditionally serialize before running user code. */ + if (static_cpu_has(X86_FEATURE_PTI)) + return; + /* + * Return from interrupt and NMI is done through iret, which is core + * serializing. + */ + if (in_irq() || in_nmi()) + return; + sync_core(); +} + +#endif /* _ASM_X86_SYNC_CORE_H */ -- 2.11.0 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.efficios.com ([167.114.142.141]:34799 "EHLO mail.efficios.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752332AbeAWP6L (ORCPT ); Tue, 23 Jan 2018 10:58:11 -0500 From: Mathieu Desnoyers Subject: [PATCH 07/11] x86: Implement sync_core_before_usermode (v3) Date: Tue, 23 Jan 2018 10:57:29 -0500 Message-ID: <20180123155733.3404-8-mathieu.desnoyers@efficios.com> In-Reply-To: <20180123155733.3404-1-mathieu.desnoyers@efficios.com> References: <20180123155733.3404-1-mathieu.desnoyers@efficios.com> Sender: linux-arch-owner@vger.kernel.org List-ID: To: Ingo Molnar , Peter Zijlstra , Thomas Gleixner Cc: linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, Andy Lutomirski , "Paul E . McKenney" , Boqun Feng , Andrew Hunter , Maged Michael , Avi Kivity , Benjamin Herrenschmidt , Paul Mackerras , Michael Ellerman , Dave Watson , "H . Peter Anvin" , Andrea Parri , Russell King , Greg Hackmann , Will Deacon , David Sehr , Linus Torvalds , x86@kernel.org, Mathieu Desnoyers , Arnd Bergmann , linux-arch@vger.kernel.org Message-ID: <20180123155729.FVXGHxiLC9YhJJYGpRTuMg7dKqNSEenC1Xm4wdO0FqI@z> Ensure that a core serializing instruction is issued before returning to user-mode. x86 implements return to user-space through sysexit, sysrel, and sysretq, which are not core serializing. Signed-off-by: Mathieu Desnoyers CC: Thomas Gleixner CC: Peter Zijlstra CC: Andy Lutomirski CC: Paul E. McKenney CC: Boqun Feng CC: Andrew Hunter CC: Maged Michael CC: Avi Kivity CC: Benjamin Herrenschmidt CC: Paul Mackerras CC: Michael Ellerman CC: Dave Watson CC: Ingo Molnar CC: "H. Peter Anvin" CC: Andrea Parri CC: Russell King CC: Greg Hackmann CC: Will Deacon CC: David Sehr CC: Linus Torvalds CC: Arnd Bergmann CC: x86@kernel.org CC: linux-arch@vger.kernel.org --- Changes since v1: - Fix prototype of sync_core_before_usermode in generic code (missing return type). - Add linux/processor.h include to sched/core.c. - Add ARCH_HAS_SYNC_CORE_BEFORE_USERMODE to init/Kconfig. - Fix linux/processor.h ifdef to target CONFIG_ARCH_HAS_SYNC_CORE_BEFORE_USERMODE rather than ARCH_HAS_SYNC_CORE_BEFORE_USERMODE. - Move empty static inline in processor.h to generic patch. Changes since v2: - Introduce arch/x86/include/asm/sync_core.h - Don't sync_core when KPTI is enabled, and when invoked from irq and nmi context. - Note: v2 was reviewed by Thomas Gleixner, but changes were introduced since. --- arch/x86/Kconfig | 1 + arch/x86/include/asm/sync_core.h | 28 ++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 arch/x86/include/asm/sync_core.h diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 20da391b5f32..0b44c8dd0e95 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -61,6 +61,7 @@ config X86 select ARCH_HAS_SG_CHAIN select ARCH_HAS_STRICT_KERNEL_RWX select ARCH_HAS_STRICT_MODULE_RWX + select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE select ARCH_HAS_UBSAN_SANITIZE_ALL select ARCH_HAS_ZONE_DEVICE if X86_64 select ARCH_HAVE_NMI_SAFE_CMPXCHG diff --git a/arch/x86/include/asm/sync_core.h b/arch/x86/include/asm/sync_core.h new file mode 100644 index 000000000000..c67caafd3381 --- /dev/null +++ b/arch/x86/include/asm/sync_core.h @@ -0,0 +1,28 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_X86_SYNC_CORE_H +#define _ASM_X86_SYNC_CORE_H + +#include +#include +#include + +/* + * Ensure that a core serializing instruction is issued before returning + * to user-mode. x86 implements return to user-space through sysexit, + * sysrel, and sysretq, which are not core serializing. + */ +static inline void sync_core_before_usermode(void) +{ + /* With PTI, we unconditionally serialize before running user code. */ + if (static_cpu_has(X86_FEATURE_PTI)) + return; + /* + * Return from interrupt and NMI is done through iret, which is core + * serializing. + */ + if (in_irq() || in_nmi()) + return; + sync_core(); +} + +#endif /* _ASM_X86_SYNC_CORE_H */ -- 2.11.0