From: Sohil Mehta <sohil.mehta@intel.com>
To: Andy Lutomirski <luto@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
"the arch/x86 maintainers" <x86@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
"Ingo Molnar" <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>
Cc: Jonathan Corbet <corbet@lwn.net>,
Josh Poimboeuf <jpoimboe@kernel.org>,
"Peter Zijlstra (Intel)" <peterz@infradead.org>,
Ard Biesheuvel <ardb@kernel.org>,
"Kirill A . Shutemov" <kas@kernel.org>, Xin Li <xin@zytor.com>,
David Woodhouse <dwmw@amazon.co.uk>,
Sean Christopherson <seanjc@google.com>,
Rick P Edgecombe <rick.p.edgecombe@intel.com>,
"Vegard Nossum" <vegard.nossum@oracle.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Randy Dunlap <rdunlap@infradead.org>,
Geert Uytterhoeven <geert@linux-m68k.org>,
Kees Cook <kees@kernel.org>, Tony Luck <tony.luck@intel.com>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
<linux-doc@vger.kernel.org>,
"Linux Kernel Mailing List" <linux-kernel@vger.kernel.org>,
<linux-efi@vger.kernel.org>
Subject: Re: [PATCH v11 9/9] x86/cpu: Enable LASS by default during CPU initialization
Date: Thu, 30 Oct 2025 09:44:02 -0700 [thread overview]
Message-ID: <d1b5698e-94ab-45a2-a472-4488895d55bb@intel.com> (raw)
In-Reply-To: <13681100-ddc3-4ef0-bd13-744282324ff1@app.fastmail.com>
On 10/30/2025 8:45 AM, Andy Lutomirski wrote:
> On Thu, Oct 30, 2025, at 1:40 AM, H. Peter Anvin wrote:
>> Legacy vsyscalls have been obsolete for how long now?
>
> A looooong time.
>
> I would suggest defaulting LASS to on and *maybe* decoding just enough to log, once per boot, that a legacy vsyscall may have been attempted. It’s too bad that #GP doesn’t report the faulting address.
>
Unfortunately, CONFIG_X86_VSYSCALL_EMULATION defaults to y. Also, the
default Vsyscall mode is XONLY. So even if vsyscalls are deprecated,
there is a non-zero possibility someone would complain about it.
My primary goal here is to get the base LASS series merged (soonish)
with the simplest possible option.
I am planning to follow-up immediately with a vsyscall specific series
that relaxes *most* restrictions.
IIUC, supporting XONLY mode with LASS probably does not need complicated
decoding because the vsyscall address is available in the faulting RIP.
The spec says:
"LASS for instruction fetches applies when the linear address in RIP is
used to load an instruction from memory. Unlike canonicality checking
(see Section 4.5.2), LASS does not apply to branch instructions that
load RIP. A branch instruction can load RIP with an address that would
violate LASS. Only when the address is used to fetch an instruction will
a LASS violation occur, generating a #GP. (The return instruction
pointer of the #GP handler is the address that incurred the LASS
violation.)"
I attempted to do that in the last revision here:
https://lore.kernel.org/lkml/20251007065119.148605-9-sohil.mehta@intel.com/
https://lore.kernel.org/lkml/20251007065119.148605-11-sohil.mehta@intel.com/
On the other hand, supporting EMULATE mode during a #GP is a bit tricky,
which isn't worth the effort.
next prev parent reply other threads:[~2025-10-30 16:44 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-29 21:03 [PATCH v11 0/9] x86: Enable Linear Address Space Separation support Sohil Mehta
2025-10-29 21:03 ` [PATCH v11 1/9] x86/cpufeatures: Enumerate the LASS feature bits Sohil Mehta
2025-10-31 17:03 ` Dave Hansen
2025-10-29 21:03 ` [PATCH v11 2/9] x86/cpu: Add an LASS dependency on SMAP Sohil Mehta
2025-10-31 17:04 ` Dave Hansen
2025-10-29 21:03 ` [PATCH v11 3/9] x86/asm: Introduce inline memcpy and memset Sohil Mehta
2025-10-31 17:06 ` Dave Hansen
2025-10-29 21:03 ` [PATCH v11 4/9] x86/alternatives: Disable LASS when patching kernel code Sohil Mehta
2025-10-31 17:10 ` Dave Hansen
2025-11-10 18:15 ` Sohil Mehta
2025-11-10 19:09 ` H. Peter Anvin
2025-11-10 19:24 ` Borislav Petkov
2025-11-12 13:56 ` Ard Biesheuvel
2025-11-12 14:51 ` Dave Hansen
2025-11-12 14:57 ` H. Peter Anvin
2025-11-12 15:18 ` Ard Biesheuvel
2025-11-12 15:23 ` H. Peter Anvin
2025-11-12 15:28 ` Ard Biesheuvel
2025-11-12 15:47 ` H. Peter Anvin
2025-11-12 16:18 ` Sohil Mehta
2025-11-12 16:26 ` H. Peter Anvin
2025-11-12 16:29 ` H. Peter Anvin
2025-10-29 21:03 ` [PATCH v11 5/9] x86/efi: Disable LASS while mapping the EFI runtime services Sohil Mehta
2025-10-31 17:11 ` Dave Hansen
2025-10-31 17:38 ` Andy Lutomirski
2025-10-31 17:41 ` Dave Hansen
2025-10-31 18:03 ` Sohil Mehta
2025-10-31 18:12 ` Dave Hansen
2025-11-07 9:04 ` Peter Zijlstra
2025-11-07 9:22 ` Ard Biesheuvel
2025-11-07 9:27 ` H. Peter Anvin
2025-11-07 9:35 ` Ard Biesheuvel
2025-11-07 9:40 ` Peter Zijlstra
2025-11-07 10:09 ` Ard Biesheuvel
2025-11-07 10:27 ` Peter Zijlstra
2025-11-08 0:48 ` Andy Lutomirski
2025-11-08 16:18 ` H. Peter Anvin
2025-11-08 22:50 ` H. Peter Anvin
2025-11-07 10:10 ` Peter Zijlstra
2025-11-07 10:17 ` Ard Biesheuvel
2025-10-31 19:04 ` Sohil Mehta
2025-11-07 7:36 ` Sohil Mehta
2025-10-31 18:32 ` Sohil Mehta
2025-10-29 21:03 ` [PATCH v11 6/9] x86/kexec: Disable LASS during relocate kernel Sohil Mehta
2025-10-31 17:14 ` Dave Hansen
2025-10-29 21:03 ` [PATCH v11 7/9] x86/traps: Communicate a LASS violation in #GP message Sohil Mehta
2025-10-31 17:16 ` Dave Hansen
2025-10-31 19:59 ` Sohil Mehta
2025-10-31 20:03 ` Andy Lutomirski
2025-10-31 20:56 ` Dave Hansen
2025-10-29 21:03 ` [PATCH v11 8/9] selftests/x86: Update the negative vsyscall tests to expect a #GP Sohil Mehta
2025-10-31 17:20 ` Dave Hansen
2025-10-29 21:03 ` [PATCH v11 9/9] x86/cpu: Enable LASS by default during CPU initialization Sohil Mehta
2025-10-30 8:40 ` H. Peter Anvin
2025-10-30 15:45 ` Andy Lutomirski
2025-10-30 16:44 ` Sohil Mehta [this message]
2025-10-30 16:53 ` Andy Lutomirski
2025-10-30 17:24 ` Sohil Mehta
2025-10-30 17:31 ` Andy Lutomirski
2025-10-30 21:13 ` David Laight
2025-10-31 6:41 ` H. Peter Anvin
2025-10-31 16:55 ` Dave Hansen
2025-10-30 16:27 ` Dave Hansen
2025-11-07 8:01 ` H. Peter Anvin
2025-11-07 20:08 ` Sohil Mehta
2025-10-31 17:21 ` Dave Hansen
2025-10-31 20:04 ` Sohil Mehta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d1b5698e-94ab-45a2-a472-4488895d55bb@intel.com \
--to=sohil.mehta@intel.com \
--cc=alexander.shishkin@linux.intel.com \
--cc=andrew.cooper3@citrix.com \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=dwmw@amazon.co.uk \
--cc=geert@linux-m68k.org \
--cc=hpa@zytor.com \
--cc=jpoimboe@kernel.org \
--cc=kas@kernel.org \
--cc=kees@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rdunlap@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=vegard.nossum@oracle.com \
--cc=x86@kernel.org \
--cc=xin@zytor.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).