[PATCH] docs: Remove reference to syscall trampoline in PTI

public inbox for linux-doc@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] docs: Remove reference to syscall trampoline in PTI
@ 2023-11-02 13:02 Nikolay Borisov
  2023-12-09 11:57 ` Nikolay Borisov
  2024-01-18 16:03 ` Nikolay Borisov
  0 siblings, 2 replies; 6+ messages in thread
From: Nikolay Borisov @ 2023-11-02 13:02 UTC (permalink / raw)
  To: corbet; +Cc: tglx, bp, x86, linux-doc, linux-kernel, Nikolay Borisov

Commit bf904d2762ee ("x86/pti/64: Remove the SYSCALL64 entry trampoline")
removed the syscall trampoline and instead opted to enable using the
default syscall64 entry point by mapping the percpu TSS. Unfortunately
the PTI documentation wasn't updated when the respective changes were
made, so let's bring the doc up to speed.

Signed-off-by: Nikolay Borisov <nik.borisov@suse.com>
---
 Documentation/arch/x86/pti.rst | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/Documentation/arch/x86/pti.rst b/Documentation/arch/x86/pti.rst
index 4b858a9bad8d..e08d35177bc0 100644
--- a/Documentation/arch/x86/pti.rst
+++ b/Documentation/arch/x86/pti.rst
@@ -81,11 +81,9 @@ Protection against side-channel attacks is important.  But,
      and exit (it can be skipped when the kernel is interrupted,
      though.)  Moves to CR3 are on the order of a hundred
      cycles, and are required at every entry and exit.
-  b. A "trampoline" must be used for SYSCALL entry.  This
-     trampoline depends on a smaller set of resources than the
-     non-PTI SYSCALL entry code, so requires mapping fewer
-     things into the userspace page tables.  The downside is
-     that stacks must be switched at entry time.
+  b. Percpu TSS is mapped into the user page tables to allow SYSCALL64 path
+     to work under PTI. This doesn't have a direct runtime cost but it can
+     be argued it opens certain timing attack scenarios.
   c. Global pages are disabled for all kernel structures not
      mapped into both kernel and userspace page tables.  This
      feature of the MMU allows different processes to share TLB
@@ -167,7 +165,7 @@ that are worth noting here.
  * Failures of the selftests/x86 code.  Usually a bug in one of the
    more obscure corners of entry_64.S
  * Crashes in early boot, especially around CPU bringup.  Bugs
-   in the trampoline code or mappings cause these.
+   in the mappings cause these.
  * Crashes at the first interrupt.  Caused by bugs in entry_64.S,
    like screwing up a page table switch.  Also caused by
    incorrectly mapping the IRQ handler entry code.
--
2.34.1


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] docs: Remove reference to syscall trampoline in PTI
  2023-11-02 13:02 [PATCH] docs: Remove reference to syscall trampoline in PTI Nikolay Borisov
@ 2023-12-09 11:57 ` Nikolay Borisov
  2024-01-18 16:03 ` Nikolay Borisov
  1 sibling, 0 replies; 6+ messages in thread
From: Nikolay Borisov @ 2023-12-09 11:57 UTC (permalink / raw)
  To: corbet; +Cc: tglx, bp, x86, linux-doc, linux-kernel



On 2.11.23 г. 15:02 ч., Nikolay Borisov wrote:
> Commit bf904d2762ee ("x86/pti/64: Remove the SYSCALL64 entry trampoline")
> removed the syscall trampoline and instead opted to enable using the
> default syscall64 entry point by mapping the percpu TSS. Unfortunately
> the PTI documentation wasn't updated when the respective changes were
> made, so let's bring the doc up to speed.
> 
> Signed-off-by: Nikolay Borisov <nik.borisov@suse.com>

Ping?

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] docs: Remove reference to syscall trampoline in PTI
  2023-11-02 13:02 [PATCH] docs: Remove reference to syscall trampoline in PTI Nikolay Borisov
  2023-12-09 11:57 ` Nikolay Borisov
@ 2024-01-18 16:03 ` Nikolay Borisov
  2024-01-18 16:11   ` Jonathan Corbet
  1 sibling, 1 reply; 6+ messages in thread
From: Nikolay Borisov @ 2024-01-18 16:03 UTC (permalink / raw)
  To: corbet; +Cc: tglx, bp, x86, linux-doc, linux-kernel



On 2.11.23 г. 15:02 ч., Nikolay Borisov wrote:
> Commit bf904d2762ee ("x86/pti/64: Remove the SYSCALL64 entry trampoline")
> removed the syscall trampoline and instead opted to enable using the
> default syscall64 entry point by mapping the percpu TSS. Unfortunately
> the PTI documentation wasn't updated when the respective changes were
> made, so let's bring the doc up to speed.
> 
> Signed-off-by: Nikolay Borisov <nik.borisov@suse.com>

Ping

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] docs: Remove reference to syscall trampoline in PTI
  2024-01-18 16:03 ` Nikolay Borisov
@ 2024-01-18 16:11   ` Jonathan Corbet
  2024-01-18 16:41     ` Borislav Petkov
  0 siblings, 1 reply; 6+ messages in thread
From: Jonathan Corbet @ 2024-01-18 16:11 UTC (permalink / raw)
  To: Nikolay Borisov; +Cc: tglx, bp, x86, linux-doc, linux-kernel

Nikolay Borisov <nik.borisov@suse.com> writes:

> On 2.11.23 г. 15:02 ч., Nikolay Borisov wrote:
>> Commit bf904d2762ee ("x86/pti/64: Remove the SYSCALL64 entry trampoline")
>> removed the syscall trampoline and instead opted to enable using the
>> default syscall64 entry point by mapping the percpu TSS. Unfortunately
>> the PTI documentation wasn't updated when the respective changes were
>> made, so let's bring the doc up to speed.
>> 
>> Signed-off-by: Nikolay Borisov <nik.borisov@suse.com>
>
> Ping

Hmm...this has indeed languished for a while.  I was waiting for an ack
from x86land, but I guess I'll just apply it unless somebody screams.

Thanks,

jon

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] docs: Remove reference to syscall trampoline in PTI
  2024-01-18 16:11   ` Jonathan Corbet
@ 2024-01-18 16:41     ` Borislav Petkov
  2024-01-18 16:52       ` Nikolay Borisov
  0 siblings, 1 reply; 6+ messages in thread
From: Borislav Petkov @ 2024-01-18 16:41 UTC (permalink / raw)
  To: Jonathan Corbet; +Cc: Nikolay Borisov, tglx, x86, linux-doc, linux-kernel

On Thu, Jan 18, 2024 at 09:11:41AM -0700, Jonathan Corbet wrote:
> > Ping
> 
> Hmm...this has indeed languished for a while.  I was waiting for an ack
> from x86land, but I guess I'll just apply it unless somebody screams.

https://lore.kernel.org/all/170238995160.398.1051285467012003027.tip-bot2@tip-bot2

Jon wasn't CCed but Nik was.

Nik, you missed that tip-bot2 mail or you don't have it?

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] docs: Remove reference to syscall trampoline in PTI
  2024-01-18 16:41     ` Borislav Petkov
@ 2024-01-18 16:52       ` Nikolay Borisov
  0 siblings, 0 replies; 6+ messages in thread
From: Nikolay Borisov @ 2024-01-18 16:52 UTC (permalink / raw)
  To: Borislav Petkov, Jonathan Corbet; +Cc: tglx, x86, linux-doc, linux-kernel



On 18.01.24 г. 18:41 ч., Borislav Petkov wrote:
> On Thu, Jan 18, 2024 at 09:11:41AM -0700, Jonathan Corbet wrote:
>>> Ping
>>
>> Hmm...this has indeed languished for a while.  I was waiting for an ack
>> from x86land, but I guess I'll just apply it unless somebody screams.
> 
> https://lore.kernel.org/all/170238995160.398.1051285467012003027.tip-bot2@tip-bot2
> 
> Jon wasn't CCed but Nik was.
> 
> Nik, you missed that tip-bot2 mail or you don't have it?
> 


Ah, I must have missed it. Sorry for the noise...

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2024-01-18 16:52 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-02 13:02 [PATCH] docs: Remove reference to syscall trampoline in PTI Nikolay Borisov
2023-12-09 11:57 ` Nikolay Borisov
2024-01-18 16:03 ` Nikolay Borisov
2024-01-18 16:11   ` Jonathan Corbet
2024-01-18 16:41     ` Borislav Petkov
2024-01-18 16:52       ` Nikolay Borisov

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox