From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753426AbbJTUhc (ORCPT <rfc822;w@1wt.eu>);
	Tue, 20 Oct 2015 16:37:32 -0400
Received: from mail-am1on0093.outbound.protection.outlook.com ([157.56.112.93]:27456
	"EHLO emea01-am1-obe.outbound.protection.outlook.com"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S1753204AbbJTUhQ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Tue, 20 Oct 2015 16:37:16 -0400
Authentication-Results: spf=fail (sender IP is 12.216.194.146)
 smtp.mailfrom=ezchip.com; ezchip.com; dkim=none (message not signed)
 header.d=none;ezchip.com; dmarc=none action=none header.from=ezchip.com;
From: Chris Metcalf <cmetcalf@ezchip.com>
To: Gilad Ben Yossef <giladb@ezchip.com>, Steven Rostedt <rostedt@goodmis.org>,
        Ingo Molnar <mingo@kernel.org>, Peter Zijlstra <peterz@infradead.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        "Rik van Riel" <riel@redhat.com>, Tejun Heo <tj@kernel.org>,
        Frederic Weisbecker <fweisbec@gmail.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
        Christoph Lameter <cl@linux.com>,
        Viresh Kumar <viresh.kumar@linaro.org>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Will Deacon <will.deacon@arm.com>,
        Andy Lutomirski <luto@amacapital.net>,
        <linux-arm-kernel@lists.infradead.org>, <linux-kernel@vger.kernel.org>
CC: Chris Metcalf <cmetcalf@ezchip.com>
Subject: [PATCH v8 11/14] arch/arm64: enable task isolation functionality
Date: Tue, 20 Oct 2015 16:36:09 -0400
Message-ID: <1445373372-6567-12-git-send-email-cmetcalf@ezchip.com>
X-Mailer: git-send-email 2.1.2
In-Reply-To: <1445373372-6567-1-git-send-email-cmetcalf@ezchip.com>
References: <1445373372-6567-1-git-send-email-cmetcalf@ezchip.com>
X-EOPAttributedMessage: 0
X-Microsoft-Exchange-Diagnostics: 1;DB3FFO11FD005;1:28jRihBil9x+ZqKELHft+nxSnQ0ZLwyK5scBlfMbm9tPBMq0Rv7mBzHsVkAiV2zmFg1+VAc74UKh/UryeAWjj1RCUUlIE0Z98lxXjyqkDxvRkTVedjNr1ViJ3xiAE3WIV9/WUq3suQovAQa639NKunkZzj7F8baUuy/QO/EOaQdh1UduEYS2T0zs6Ly9qWnuQcactjOcsLRZrWSllAuOlm3ayWDy7E/jxgPcsd1IZtjdR3I/IFooRWN+wC/UAhPM4Q5uZxu0S/KJoTHXybsEJlb2lH6TtNEPAOaOMilZi0EYSFggaqssYtgp6cNa9L2t1fn0u8cEowsEWAQsWFb5pKJyrQVtgfh30ZpSskaF0Os=
X-Forefront-Antispam-Report: CIP:12.216.194.146;CTRY:US;IPV:NLI;EFV:NLI;SFV:NSPM;SFS:(10009020)(6009001)(2980300002)(1109001)(1110001)(339900001)(199003)(189002)(87936001)(46102003)(85426001)(50226001)(5001960100002)(2950100001)(11100500001)(92566002)(5007970100001)(104016004)(19580405001)(6806005)(50986999)(189998001)(36756003)(106466001)(33646002)(106356001)(107886002)(5008740100001)(105606002)(106476002)(50466002)(48376002)(5001920100001)(229853001)(2201001)(86362001)(97736004)(81156007)(5001770100001)(19580395003)(42186005)(64706001)(76176999)(47776003)(5003940100001)(9376005)(921003)(83996005)(4001430100001)(2101003)(1121003);DIR:OUT;SFP:1101;SCL:1;SRVR:AM2PR02MB0417;H:ld-1.internal.tilera.com;FPR:;SPF:Fail;PTR:InfoNoRecords;A:1;MX:1;LANG:en;
MIME-Version: 1.0
Content-Type: text/plain
X-Microsoft-Exchange-Diagnostics: 1;AM2PR02MB0417;2:s0KhCNP39Uh6ehBtheyW3Q4MyjhdpkbmhGJexT741dg5Ga+ibNzlNvSObLWs2YjKYPaAwyUsf4wKcXt7hLR69JFuxPnNU4M35uYZ36KXTHTLR936lPTgmjeWgn4lJfmAv0bdqp6nDEBPqt7BTpiQgat2Jpc3I6FCPSihjpUoj6o=;3:xPtUZC7Kgh04hvVwe//HXHeiY/8AT32DLZghpeaVNk2QXiN4fO6WDpdFSXDXEfbQ/jQFUCrnfGdlBCZyHVVvyNzrgFq0Hzl+JH09S/XSB2O9R9Tz3QKIZavVmg3dwPhCWQ2kQ8NPiRZhv52pO6z/ORUBmsgvIFPM2vAYeWXmmnjU0gV6bTp4NwWY0mMEnQ+fD74MP1UIt95/yifyowd4ZtTFwl+nhKjZyd3ycjUY+Wn7iN8VKVaYOP5JJ9g7JDcr;25:Mq3wsSXlDbF2ko23568qsGDfKNfylbwsXePh0x60GD9pPqm/RG5BSCnqQ/+jbUgck4tHQCXRPZ7wbNwtBxWmVyXMNoImabqhJs5/8bV67UmXiWLHVfTJzm22PzKZkvDACXYOzpKUUK7taV+POoVusF8of5snJ/Y4A4VIa+JEqop5k7oSRoVh8/zcUpLIFnh6yFS8WGYPkyQIfU3ZrxtE2N1ol2LBDy707oZd9Mq6YuzDCwDpUHemN9X5DAxOfWG5ViyEqqG5xNWe1FXTuYvsYg==;20:6l0jBHPnuQ4zSvP1JCAoLBvGZTg6sE10Zln5xHoybVmzoJUDjMvHBFhovXRgYdmGYYmdYcEvM3SjtRGId5e/SChmivBUmzVthLORT1NvwijbDV38WalVErvm6J5KtoofJeYxNJc2qZ30arN4OhtGWDg/Iw6/spx2hMBJOG9C/uA=
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AM2PR02MB0417;
X-Microsoft-Antispam-PRVS: <AM2PR02MB04170013BCF30C7EAB564ABFAF390@AM2PR02MB0417.eurprd02.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(121898900299872);
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(601004)(2401047)(520078)(5005006)(8121501046)(3002001);SRVR:AM2PR02MB0417;BCL:0;PCL:0;RULEID:;SRVR:AM2PR02MB0417;
X-Microsoft-Exchange-Diagnostics: 1;AM2PR02MB0417;4:Y8Yq9OKU4iGCivIfgXxLOq+v74IjKloeTShL9qbMWKxVttz/YMUjAMGyj1iQRmbdkeB+lib/9ud8zhAfTK27CYyAHhj+waT1x4JlIuCEcpPsq1iFXk/YdUALRpklTwkvObE/zwnJLTVb9BfMIch1W+EneIYnvHklsKQnW/rRYmRVNv2eCXTHC1tfq2MMJYZxrZQp2Ze5EsInekVzakjAQaqQM45/xrgo2XxOF9Bwz9niO0mOb5Bq4TG/9GFgKNtWn67Lvg/3Bg2Jo65qIWt+DsSUDSIn3S0pYAU/cHW8o6alGX9Vu925rl1lnRopaPdwnU86FSUZUlxVRSGZbErXjVAFcOg35vube/W1C2ZR0cQ=
X-Forefront-PRVS: 073515755F
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;AM2PR02MB0417;23:gOZYSNQ82SCSD03mMtOvqnbCv6ilvrhV8OqwsZtj/?=
 =?us-ascii?Q?e0bdCxybeHX29Nz+ou+B9aPHoAX3/MOeTiUc51n0zOOW5Cc3wuU6JKM7KK5K?=
 =?us-ascii?Q?VRqnkgD8Id9IoI06eE7tMi5WBIsHoF4W4u2oFS+yAPTrkgt8Q54SWz2hCDlE?=
 =?us-ascii?Q?wq03ja7yBhyUoG1xDeO8pN04P0N2miFe65slDnKSdwMcsU+ZaOQMfIXg1vsA?=
 =?us-ascii?Q?0JXns+8BuSgEZEBhRjsgWMcArovs8BCqSp4QhRi03vo7UogJLTx6BesrpeSM?=
 =?us-ascii?Q?2zL88FzE2pDu9j1kT1LDh6185B3zVBtBN3ecSJcma3jM+WdcpWZ40IVQz+NF?=
 =?us-ascii?Q?PzaqCxW3l4oUfyaNDukVIxMpGnakwCicFjjCzkghDBItnx71ouq858u+5Ft1?=
 =?us-ascii?Q?lCkcSL7B1aUlx39bEJaBD2kpNa1Z8oAXhTt14dn1ZOHgk3TV64CXf3UuV50J?=
 =?us-ascii?Q?uEdNaAsxYXKnVJZpbSQul+Yx0fT84yEWgbcypmCle7zjtijqdk1B8+vfpKzE?=
 =?us-ascii?Q?0tNwMeKxFqq8kzXy7D+L16oIHNuBNoHtBF3KlYfnJTcHAPcHy1bolR+nCZS2?=
 =?us-ascii?Q?nmFGq8jiCHZow6+oIypBoGmYjRZIdEKXVyF1LFcvWBmcSeMZucjNGcLVgAma?=
 =?us-ascii?Q?ZzKWTQFPERIaDpgdnbetHl6m/qw7f+4zjlThNsIJgL3BBbPnk4TN/3M0V+Ws?=
 =?us-ascii?Q?Y77hb9NOARKEBDkD7ZpFM7Gzi0aB3qNYcLhQpm7xsGf+d0FTUVBWB7cxnMsf?=
 =?us-ascii?Q?0HYJB2zJDpNG+/8MF16Qsm4V0ZhxNsPW3jFnzso5pLxP1MXrXlR64WnMr/Xy?=
 =?us-ascii?Q?pAhGW0q/xeH+Yf2oXAJiqCXIs/17AvizbOocObXmM4ol88bp7gjFDd25FioR?=
 =?us-ascii?Q?phxFrO5R+B3gn+0EnfIiEvH9DossbDy2koiZ/hb7ITpLd1E/oMh/tMXObGoT?=
 =?us-ascii?Q?1ycXXZRXdMwBbxuF2gSA6LldHROmzxRycuNdRfXRtnlK4Dwbk55x+PMr9mY3?=
 =?us-ascii?Q?O7OrOdf2WvLhOYAyrP3Xdlkm1+AVbd5ZOiQiEerKkffoVedkYhLaVKz5B0RU?=
 =?us-ascii?Q?+gwRjdO2DgS5bN0Z/RQjk5Kuz4eoyjSnIYz+XyvTLXl7MwN/GFBoOgoAoBju?=
 =?us-ascii?Q?7R/ZJNBais0GajsIALtLnOcRPX6RKiNCQ6Q4mG7LszX4r9muGNrba/epoNsY?=
 =?us-ascii?Q?WTkmXgiA7f/UDqnP0lHqeixCerb5AQatwdtp3xaGs4o17XD9RzYzmikePAif?=
 =?us-ascii?Q?H/fr/AB75silgzHg8nIueeke2KOV1n2zWa1m+D6gSepe9Gh6CKPkkYEz4I7Z?=
 =?us-ascii?Q?8N6gkUinjSCOo9RS64JQ8s=3D?=
X-Microsoft-Exchange-Diagnostics: 1;AM2PR02MB0417;5:p3ortoKZfzFUWE5KWIhseYMym001JVIpy0r9myFcyC6wW4obIgmfJx8ycK3/8Wcv7b5abX7XCOptP1PIzBELbxRG2M2H5epjNvgfACDq6t7zN7QAqf2TuYY+QC8vleUBEhfOhXospGn6wK9AXtcFUQ==;24:AJQM3ppqrswRl7DxvLXvxiqhOJF3n7Baou0fgtcZbL5HiwHjjBXY6JpsObK6ze46T1AhxsVJEu4+f4Mdk9C5DiO5TNM1xNblIakDqpHwvCk=;20:u90PJPkMsztiB8Yw/OQ6TRAhoBFsPmTxd/yD1nH1GyaOLYfTKP2vfo7URge7J0237SfupLacJPl/6j+qCrjU/g==
SpamDiagnosticOutput: 1:23
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: ezchip.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Oct 2015 20:37:12.7939
 (UTC)
X-MS-Exchange-CrossTenant-Id: 0fc16e0a-3cd3-4092-8b2f-0a42cff122c3
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=0fc16e0a-3cd3-4092-8b2f-0a42cff122c3;Ip=[12.216.194.146];Helo=[ld-1.internal.tilera.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM2PR02MB0417
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

We need to call task_isolation_enter() from prepare_exit_to_usermode(),
so that we can both ensure we do it last before returning to
userspace, and we also are able to re-run signal handling, etc.,
if something occurs while task_isolation_enter() has interrupts
enabled.  To do this we add _TIF_NOHZ to the _TIF_WORK_MASK if
we have CONFIG_TASK_ISOLATION enabled, which brings us into
prepare_exit_to_usermode() on all return to userspace.  But we
don't put _TIF_NOHZ in the flags that we use to loop back and
recheck, since we don't need to loop back only because the flag
is set.  Instead we unconditionally call task_isolation_enter()
at the end of the loop if any other work is done.

To make the assembly code continue to be as optimized as before,
we renumber the _TIF flags so that both _TIF_WORK_MASK and
_TIF_SYSCALL_WORK still have contiguous runs of bits in the
immediate operand for the "and" instruction, as required by the
ARM64 ISA.  Since TIF_NOHZ is in both masks, it must be the
middle bit in the contiguous run that starts with the
_TIF_WORK_MASK bits and ends with the _TIF_SYSCALL_WORK bits.

We tweak syscall_trace_enter() slightly to carry the "flags"
value from current_thread_info()->flags for each of the tests,
rather than doing a volatile read from memory for each one.  This
avoids a small overhead for each test, and in particular avoids
that overhead for TIF_NOHZ when TASK_ISOLATION is not enabled.

Finally, add an explicit check for STRICT mode in do_mem_abort()
to handle the case of page faults.

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
---
 arch/arm64/include/asm/thread_info.h | 18 ++++++++++++------
 arch/arm64/kernel/ptrace.c           | 12 +++++++++---
 arch/arm64/kernel/signal.c           |  7 +++++--
 arch/arm64/mm/fault.c                |  4 ++++
 4 files changed, 30 insertions(+), 11 deletions(-)

diff --git a/arch/arm64/include/asm/thread_info.h b/arch/arm64/include/asm/thread_info.h
index dcd06d18a42a..4c36c4ee3528 100644
--- a/arch/arm64/include/asm/thread_info.h
+++ b/arch/arm64/include/asm/thread_info.h
@@ -101,11 +101,11 @@ static inline struct thread_info *current_thread_info(void)
 #define TIF_NEED_RESCHED	1
 #define TIF_NOTIFY_RESUME	2	/* callback before returning to user */
 #define TIF_FOREIGN_FPSTATE	3	/* CPU's FP state is not current's */
-#define TIF_NOHZ		7
-#define TIF_SYSCALL_TRACE	8
-#define TIF_SYSCALL_AUDIT	9
-#define TIF_SYSCALL_TRACEPOINT	10
-#define TIF_SECCOMP		11
+#define TIF_NOHZ		4
+#define TIF_SYSCALL_TRACE	5
+#define TIF_SYSCALL_AUDIT	6
+#define TIF_SYSCALL_TRACEPOINT	7
+#define TIF_SECCOMP		8
 #define TIF_MEMDIE		18	/* is terminating due to OOM killer */
 #define TIF_FREEZE		19
 #define TIF_RESTORE_SIGMASK	20
@@ -124,9 +124,15 @@ static inline struct thread_info *current_thread_info(void)
 #define _TIF_SECCOMP		(1 << TIF_SECCOMP)
 #define _TIF_32BIT		(1 << TIF_32BIT)
 
-#define _TIF_WORK_MASK		(_TIF_NEED_RESCHED | _TIF_SIGPENDING | \
+#define _TIF_WORK_LOOP_MASK	(_TIF_NEED_RESCHED | _TIF_SIGPENDING | \
 				 _TIF_NOTIFY_RESUME | _TIF_FOREIGN_FPSTATE)
 
+#ifdef CONFIG_TASK_ISOLATION
+# define _TIF_WORK_MASK		(_TIF_WORK_LOOP_MASK | _TIF_NOHZ)
+#else
+# define _TIF_WORK_MASK		_TIF_WORK_LOOP_MASK
+#endif
+
 #define _TIF_SYSCALL_WORK	(_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \
 				 _TIF_SYSCALL_TRACEPOINT | _TIF_SECCOMP | \
 				 _TIF_NOHZ)
diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c
index 1971f491bb90..69ed3ba81650 100644
--- a/arch/arm64/kernel/ptrace.c
+++ b/arch/arm64/kernel/ptrace.c
@@ -37,6 +37,7 @@
 #include <linux/regset.h>
 #include <linux/tracehook.h>
 #include <linux/elf.h>
+#include <linux/isolation.h>
 
 #include <asm/compat.h>
 #include <asm/debug-monitors.h>
@@ -1240,14 +1241,19 @@ static void tracehook_report_syscall(struct pt_regs *regs,
 
 asmlinkage int syscall_trace_enter(struct pt_regs *regs)
 {
-	/* Do the secure computing check first; failures should be fast. */
+	unsigned long work = ACCESS_ONCE(current_thread_info()->flags);
+
+	if ((work & _TIF_NOHZ) && task_isolation_check_syscall(regs->syscallno))
+		return -1;
+
+	/* Do the secure computing check early; failures should be fast. */
 	if (secure_computing() == -1)
 		return -1;
 
-	if (test_thread_flag(TIF_SYSCALL_TRACE))
+	if (work & _TIF_SYSCALL_TRACE)
 		tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER);
 
-	if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
+	if (work & _TIF_SYSCALL_TRACEPOINT)
 		trace_sys_enter(regs, regs->syscallno);
 
 	audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1],
diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c
index fde59c1139a9..641c828653c7 100644
--- a/arch/arm64/kernel/signal.c
+++ b/arch/arm64/kernel/signal.c
@@ -25,6 +25,7 @@
 #include <linux/uaccess.h>
 #include <linux/tracehook.h>
 #include <linux/ratelimit.h>
+#include <linux/isolation.h>
 
 #include <asm/debug-monitors.h>
 #include <asm/elf.h>
@@ -419,10 +420,12 @@ asmlinkage void prepare_exit_to_usermode(struct pt_regs *regs,
 		if (thread_flags & _TIF_FOREIGN_FPSTATE)
 			fpsimd_restore_current_state();
 
+		task_isolation_enter();
+
 		local_irq_disable();
 
 		thread_flags = READ_ONCE(current_thread_info()->flags) &
-			_TIF_WORK_MASK;
+			_TIF_WORK_LOOP_MASK;
 
-	} while (thread_flags);
+	} while (thread_flags || !task_isolation_ready());
 }
diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
index 9fadf6d7039b..a726f9f3ef3c 100644
--- a/arch/arm64/mm/fault.c
+++ b/arch/arm64/mm/fault.c
@@ -29,6 +29,7 @@
 #include <linux/sched.h>
 #include <linux/highmem.h>
 #include <linux/perf_event.h>
+#include <linux/isolation.h>
 
 #include <asm/cpufeature.h>
 #include <asm/exception.h>
@@ -466,6 +467,9 @@ asmlinkage void __exception do_mem_abort(unsigned long addr, unsigned int esr,
 	const struct fault_info *inf = fault_info + (esr & 63);
 	struct siginfo info;
 
+	if (user_mode(regs))
+		task_isolation_check_exception("%s at %#lx", inf->name, addr);
+
 	if (!inf->fn(addr, esr, regs))
 		return;
 
-- 
2.1.2