From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id A212941C309
	for <linux-kernel@vger.kernel.org>; Thu, 19 Mar 2026 23:24:59 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1773962699; cv=none; b=BfINnD4SDgtyEZQnPwFTTnI1aJvaRbxuLjokGW8PbWIOvc4GphvdGZ53xdzqDDJZAmqXLadaSKjQSPFLZyiW9zIdaD2Sgb080p+BCI95Rsel6cmh/Rc9IJAnKi2qEZthTGegb3i+HiAWIcBHhfKop6dUKbxHVo57RwPaUrU+6j0=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1773962699; c=relaxed/simple;
	bh=R7PFVCXRBeNYm+7dXASa6YT3au+vjSXvGEHWHImbiWk=;
	h=Date:Message-ID:From:To:Cc:Subject:References:MIME-Version:
	 Content-Type; b=nZYsqzYapP9taIW15eoAAHIPZ+Sfb/YCKVhK+FhdpBsbcRgbH4RIuCZIc6sLQmtx9G3yrPhaWF4E+71poEm3QuQUz8Ws63MKq4wNS0TVKoPSCuVDyAj9NPUTvYsoIEv9g2lXpbqIgeWFQKKo7BJSwu+mggmHxmiXOUhDODSax2o=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=CLgDoW5Q; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="CLgDoW5Q"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id A2223C19424;
	Thu, 19 Mar 2026 23:24:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1773962699;
	bh=R7PFVCXRBeNYm+7dXASa6YT3au+vjSXvGEHWHImbiWk=;
	h=Date:From:To:Cc:Subject:References:From;
	b=CLgDoW5Qawji1As96IC29VRXz/cWn4lkDmfBA/+6ojP2zrjfLp00DH11uLlnQCaEP
	 IxWaxvTGwDKK7BK9BtVxx8IqZppYlhSx1yE9rVk1aKAHyBQ1TxBTmotIxisN8RxDic
	 J+RMxMSgO1AkECxtRvWYb4DQ87YDpHBs03Hlh1yoEi37qwDQAC8t9FZrNB/ktjgoHJ
	 8vXbeECjEMlf79Xo05sgPKaSNXdoDQx9x7n/5RKknBQH8AOfPs8EomaNNTb+0gZKEJ
	 iwjKW96eCpHk53dZoSogBVRST2z3LnLCo10yiI5nKpFCa3bcAoHq4gLL/rXo5+vQ/U
	 pcPnz8JIeFqxQ==
Date: Fri, 20 Mar 2026 00:24:56 +0100
Message-ID: <20260319231239.816157361@kernel.org>
User-Agent: quilt/0.68
From: Thomas Gleixner <tglx@kernel.org>
To: LKML <linux-kernel@vger.kernel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
 =?UTF-8?q?Andr=C3=A9=20Almeida?= <andrealmeid@igalia.com>,
 Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
 Carlos O'Donell <carlos@redhat.com>,
 Peter Zijlstra <peterz@infradead.org>,
 Florian Weimer <fweimer@redhat.com>,
 Rich Felker <dalias@aerifal.cx>,
 Torvald Riegel <triegel@redhat.com>,
 Darren Hart <dvhart@infradead.org>,
 Ingo Molnar <mingo@kernel.org>,
 Davidlohr Bueso <dave@stgolabs.net>,
 Arnd Bergmann <arnd@arndb.de>,
 "Liam R . Howlett" <Liam.Howlett@oracle.com>,
 Uros Bizjak <ubizjak@gmail.com>,
 =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <linux@weissschuh.net>
Subject: [patch v2 10/11] x86/vdso: Prepare for robust futex unlock support
References: <20260319225224.853416463@kernel.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8

There will be a VDSO function to unlock non-contended robust futexes in
user space. The unlock sequence is racy vs. clearing the list_pending_op
pointer in the task's robust list head. To plug this race the kernel needs
to know the critical section window so it can clear the pointer when the
task is interrupted within that race window. The window is determined by
labels in the inline assembly.

Add these symbols to the vdso2c generator and use them in the VDSO VMA code
to update the critical section addresses in mm_struct::futex on (re)map().

The symbols are not exported to user space, but available in the debug
version of the vDSO.

Signed-off-by: Thomas Gleixner <tglx@kernel.org>
---
V2: Rename the symbols
---
 arch/x86/entry/vdso/vma.c   |   35 +++++++++++++++++++++++++++++++++++
 arch/x86/include/asm/vdso.h |    6 ++++++
 arch/x86/tools/vdso2c.c     |   20 +++++++++++++-------
 3 files changed, 54 insertions(+), 7 deletions(-)

--- a/arch/x86/entry/vdso/vma.c
+++ b/arch/x86/entry/vdso/vma.c
@@ -73,6 +73,38 @@ static void vdso_fix_landing(const struc
 		regs->ip = new_vma->vm_start + ipoffset;
 }
 
+#ifdef CONFIG_FUTEX_ROBUST_UNLOCK
+static void vdso_futex_robust_unlock_update_ips(void)
+{
+	const struct vdso_image *image = current->mm->context.vdso_image;
+	unsigned long vdso = (unsigned long) current->mm->context.vdso;
+	struct futex_mm_data *fd = &current->mm->futex;
+	struct futex_unlock_cs_range *csr = fd->unlock_cs_ranges;
+
+	fd->unlock_cs_num_ranges = 0;
+#ifdef CONFIG_X86_64
+	if (image->sym_x86_64_futex_try_unlock_cs_start) {
+		csr->start_ip = vdso + image->sym_x86_64_futex_try_unlock_cs_start;
+		csr->end_ip = vdso + image->sym_x86_64_futex_try_unlock_cs_end;
+		csr->pop_size32 = 0;
+		csr++;
+		fd->unlock_cs_num_ranges++;
+	}
+#endif /* CONFIG_X86_64 */
+
+#if defined(CONFIG_X86_32) || defined(CONFIG_COMPAT)
+	if (image->sym_x86_32_futex_try_unlock_cs_start) {
+		csr->start_ip = vdso + image->sym_x86_32_futex_try_unlock_cs_start;
+		csr->end_ip = vdso + image->sym_x86_32_futex_try_unlock_cs_end;
+		csr->pop_size32 = 1;
+		fd->unlock_cs_num_ranges++;
+	}
+#endif /* CONFIG_X86_32 || CONFIG_COMPAT */
+}
+#else
+static inline void vdso_futex_robust_unlock_update_ips(void) { }
+#endif
+
 static int vdso_mremap(const struct vm_special_mapping *sm,
 		struct vm_area_struct *new_vma)
 {
@@ -80,6 +112,7 @@ static int vdso_mremap(const struct vm_s
 
 	vdso_fix_landing(image, new_vma);
 	current->mm->context.vdso = (void __user *)new_vma->vm_start;
+	vdso_futex_robust_unlock_update_ips();
 
 	return 0;
 }
@@ -189,6 +222,8 @@ static int map_vdso(const struct vdso_im
 	current->mm->context.vdso = (void __user *)text_start;
 	current->mm->context.vdso_image = image;
 
+	vdso_futex_robust_unlock_update_ips();
+
 up_fail:
 	mmap_write_unlock(mm);
 	return ret;
--- a/arch/x86/include/asm/vdso.h
+++ b/arch/x86/include/asm/vdso.h
@@ -25,6 +25,12 @@ struct vdso_image {
 	long sym_int80_landing_pad;
 	long sym_vdso32_sigreturn_landing_pad;
 	long sym_vdso32_rt_sigreturn_landing_pad;
+	long sym_x86_64_futex_try_unlock_cs_start;
+	long sym_x86_64_futex_try_unlock_cs_end;
+	long sym_x86_64_compat_futex_try_unlock_cs_start;
+	long sym_x86_64_compat_futex_try_unlock_cs_end;
+	long sym_x86_32_futex_try_unlock_cs_start;
+	long sym_x86_32_futex_try_unlock_cs_end;
 };
 
 extern const struct vdso_image vdso64_image;
--- a/arch/x86/tools/vdso2c.c
+++ b/arch/x86/tools/vdso2c.c
@@ -75,13 +75,19 @@ struct vdso_sym {
 };
 
 struct vdso_sym required_syms[] = {
-	{"VDSO32_NOTE_MASK", true},
-	{"__kernel_vsyscall", true},
-	{"__kernel_sigreturn", true},
-	{"__kernel_rt_sigreturn", true},
-	{"int80_landing_pad", true},
-	{"vdso32_rt_sigreturn_landing_pad", true},
-	{"vdso32_sigreturn_landing_pad", true},
+	{"VDSO32_NOTE_MASK",				true},
+	{"__kernel_vsyscall",				true},
+	{"__kernel_sigreturn",				true},
+	{"__kernel_rt_sigreturn",			true},
+	{"int80_landing_pad",				true},
+	{"vdso32_rt_sigreturn_landing_pad",		true},
+	{"vdso32_sigreturn_landing_pad",		true},
+	{"x86_64_futex_try_unlock_cs_start",		true},
+	{"x86_64_futex_try_unlock_cs_end",		true},
+	{"x86_64_compat_futex_try_unlock_cs_start",	true},
+	{"x86_64_compat_futex_try_unlock_cs_end",	true},
+	{"x86_32_futex_try_unlock_cs_start",		true},
+	{"x86_32_futex_try_unlock_cs_end",		true},
 };
 
 __attribute__((format(printf, 1, 2))) __attribute__((noreturn))