From: "H. Peter Anvin, Intel" <h.peter.anvin@intel.com>
To: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Cc: "H. Peter Anvin" <hpa@linux.intel.com>,
"H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Andy Lutomirski <luto@kernel.org>,
"Chang S . Bae" <chang.seok.bae@intel.com>,
"Markus T . Metzger" <markus.t.metzger@intel.com>
Subject: [PATCH v3 1/7] x86/ldt: refresh %fs and %gs in refresh_ldt_segments()
Date: Thu, 21 Jun 2018 14:17:48 -0700 [thread overview]
Message-ID: <20180621211754.12757-2-h.peter.anvin@intel.com> (raw)
In-Reply-To: <20180621211754.12757-1-h.peter.anvin@intel.com>
From: "H. Peter Anvin" <hpa@linux.intel.com>
It is not only %ds and %es which contain cached user descriptor
information, %fs and %gs do as well.
To make sure we don't do something stupid that will affect processes
which wouldn't want this requalification, be more restrictive about
which selector numbers will be requalified: they need to be LDT
selectors (which by definition are never null), have an RPL of 3
(always the case in user space unless null), and match the updated
descriptor.
The infrastructure is set up to allow a range of descriptors; this
will be used in a subsequent patch.
Signed-off-by: H. Peter Anvin (Intel) <hpa@zytor.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Chang S. Bae <chang.seok.bae@intel.com>
Cc: Markus T. Metzger <markus.t.metzger@intel.com>
---
arch/x86/kernel/ldt.c | 70 +++++++++++++++++++++++++++++++++++++++------------
1 file changed, 54 insertions(+), 16 deletions(-)
diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c
index c9b14020f4dd..18e9f4c0633d 100644
--- a/arch/x86/kernel/ldt.c
+++ b/arch/x86/kernel/ldt.c
@@ -29,36 +29,68 @@
#include <asm/mmu_context.h>
#include <asm/syscalls.h>
-static void refresh_ldt_segments(void)
-{
+struct flush_ldt_info {
+ struct mm_struct *mm;
+ unsigned short first_desc;
+ unsigned short last_desc;
+};
+
#ifdef CONFIG_X86_64
+
+static inline bool
+need_requalify(unsigned short sel, const struct flush_ldt_info *info)
+{
+ /* Must be an LDT segment descriptor with an RPL of 3 */
+ if ((sel & (SEGMENT_TI_MASK|SEGMENT_RPL_MASK)) != (SEGMENT_LDT|3))
+ return false;
+
+ return sel >= info->first_desc && sel <= info->last_desc;
+}
+
+static void refresh_ldt_segments(const struct flush_ldt_info *info)
+{
unsigned short sel;
/*
- * Make sure that the cached DS and ES descriptors match the updated
- * LDT.
+ * Make sure that the cached DS/ES/FS/GS descriptors
+ * match the updated LDT, if the specific selectors point
+ * to LDT entries that have changed.
*/
savesegment(ds, sel);
- if ((sel & SEGMENT_TI_MASK) == SEGMENT_LDT)
+ if (need_requalify(sel, info))
loadsegment(ds, sel);
savesegment(es, sel);
- if ((sel & SEGMENT_TI_MASK) == SEGMENT_LDT)
+ if (need_requalify(sel, info))
loadsegment(es, sel);
-#endif
+
+ savesegment(fs, sel);
+ if (need_requalify(sel, info))
+ loadsegment(fs, sel);
+
+ savesegment(gs, sel);
+ if (need_requalify(sel, info))
+ load_gs_index(sel);
}
+#else
+/* On 32 bits, entry_32.S takes care of this on kernel exit */
+static void refresh_ldt_segments(const struct flush_ldt_info *info)
+{
+ (void)info;
+}
+#endif
+
/* context.lock is held by the task which issued the smp function call */
-static void flush_ldt(void *__mm)
+static void flush_ldt(void *_info)
{
- struct mm_struct *mm = __mm;
+ const struct flush_ldt_info *info = _info;
- if (this_cpu_read(cpu_tlbstate.loaded_mm) != mm)
+ if (this_cpu_read(cpu_tlbstate.loaded_mm) != info->mm)
return;
- load_mm_ldt(mm);
-
- refresh_ldt_segments();
+ load_mm_ldt(info->mm);
+ refresh_ldt_segments(info);
}
/* The caller must call finalize_ldt_struct on the result. LDT starts zeroed. */
@@ -223,15 +255,21 @@ static void finalize_ldt_struct(struct ldt_struct *ldt)
paravirt_alloc_ldt(ldt->entries, ldt->nr_entries);
}
-static void install_ldt(struct mm_struct *mm, struct ldt_struct *ldt)
+static void install_ldt(struct mm_struct *mm, struct ldt_struct *ldt,
+ unsigned short first_index, unsigned short last_index)
{
+ struct flush_ldt_info info;
+
mutex_lock(&mm->context.lock);
/* Synchronizes with READ_ONCE in load_mm_ldt. */
smp_store_release(&mm->context.ldt, ldt);
/* Activate the LDT for all CPUs using currents mm. */
- on_each_cpu_mask(mm_cpumask(mm), flush_ldt, mm, true);
+ info.mm = mm;
+ info.first_desc = (first_index << 3)|SEGMENT_LDT|3;
+ info.last_desc = (last_index << 3)|SEGMENT_LDT|3;
+ on_each_cpu_mask(mm_cpumask(mm), flush_ldt, &info, true);
mutex_unlock(&mm->context.lock);
}
@@ -436,7 +474,7 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode)
goto out_unlock;
}
- install_ldt(mm, new_ldt);
+ install_ldt(mm, new_ldt, ldt_info.entry_number, ldt_info.entry_number);
free_ldt_struct(old_ldt);
error = 0;
--
2.14.4
next prev parent reply other threads:[~2018-06-21 21:19 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-21 21:17 [PATCH v3 0/7] x86/ptrace: regset access to the GDT and LDT H. Peter Anvin, Intel
2018-06-21 21:17 ` H. Peter Anvin, Intel [this message]
2018-06-22 14:24 ` [PATCH v3 1/7] x86/ldt: refresh %fs and %gs in refresh_ldt_segments() Andy Lutomirski
2018-06-22 18:29 ` H. Peter Anvin
2018-06-22 18:47 ` Andy Lutomirski
2018-06-27 18:19 ` Andy Lutomirski
2018-06-27 18:22 ` hpa
2018-06-27 18:33 ` hpa
2018-06-28 20:33 ` Andy Lutomirski
2018-06-28 20:39 ` hpa
2018-06-21 21:17 ` [PATCH v3 2/7] x86/ldt: use a common value for read_default_ldt() H. Peter Anvin, Intel
2018-06-21 21:17 ` [PATCH v3 3/7] x86: move fill_user_desc() from tls.c to desc.h and add validity check H. Peter Anvin, Intel
2018-06-21 21:17 ` [PATCH v3 4/7] x86/tls: create an explicit config symbol for the TLS area in the GDT H. Peter Anvin, Intel
2018-06-21 21:17 ` [PATCH v3 5/7] x86/segment: add #define for the last user-visible GDT slot H. Peter Anvin, Intel
2018-06-21 21:17 ` [PATCH v3 6/7] x86/tls,ptrace: provide regset access to the GDT H. Peter Anvin, Intel
2018-06-22 14:43 ` Andy Lutomirski
2018-06-21 21:17 ` [PATCH v3 7/7] x86/ldt,ptrace: provide regset access to the LDT H. Peter Anvin, Intel
2018-06-22 14:49 ` Andy Lutomirski
2018-06-22 15:05 ` hpa
2018-06-22 15:30 ` Andy Lutomirski
2018-06-22 1:58 ` [PATCH v3 0/7] x86/ptrace: regset access to the GDT and LDT Ingo Molnar
2018-06-22 2:25 ` hpa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180621211754.12757-2-h.peter.anvin@intel.com \
--to=h.peter.anvin@intel.com \
--cc=chang.seok.bae@intel.com \
--cc=hpa@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=markus.t.metzger@intel.com \
--cc=mingo@kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox