From: Peter Zijlstra <peterz@infradead.org>
To: linux-kernel@vger.kernel.org
Cc: Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>, Ingo Molnar <mingo@kernel.org>,
Borislav Petkov <bp@alien8.de>, Brian Gerst <brgerst@gmail.com>,
Denys Vlasenko <dvlasenk@redhat.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Rik van Riel <riel@redhat.com>,
daniel.gruss@iaik.tugraz.at, hughd@google.com,
keescook@google.com, linux-mm@kvack.org,
michael.schwarz@iaik.tugraz.at, moritz.lipp@iaik.tugraz.at,
richard.fellner@student.tugraz.at
Subject: [PATCH 1/5] x86/mm/kaiser: Alternative ESPFIX
Date: Mon, 27 Nov 2017 23:31:11 +0100 [thread overview]
Message-ID: <20171127223405.181647306@infradead.org> (raw)
In-Reply-To: <20171127223110.479550152@infradead.org>
[-- Attachment #1: peterz-kaiser-espfix.patch --]
[-- Type: text/plain, Size: 2602 bytes --]
Change the asm to do the CR3 switcheroo so we can remove the magic
mappings.
Since RDI is unused after SWAPGS we can use it as a scratch reg for
SWITCH_TO_KERNEL. And once we've computed the new RSP (in RAX) we no
longer need RDI and can again use it as scratch reg for
SWITCH_TO_USER.
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
---
arch/x86/entry/entry_64.S | 11 ++++++++---
arch/x86/kernel/espfix_64.c | 10 ++--------
2 files changed, 10 insertions(+), 11 deletions(-)
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -825,7 +825,9 @@ ENTRY(native_iret)
*/
pushq %rdi /* Stash user RDI */
- SWAPGS
+ SWAPGS /* to kernel GS */
+ SWITCH_TO_KERNEL_CR3 scratch_reg=%rdi /* to kernel CR3 */
+
movq PER_CPU_VAR(espfix_waddr), %rdi
movq %rax, (0*8)(%rdi) /* user RAX */
movq (1*8)(%rsp), %rax /* user RIP */
@@ -841,7 +843,6 @@ ENTRY(native_iret)
/* Now RAX == RSP. */
andl $0xffff0000, %eax /* RAX = (RSP & 0xffff0000) */
- popq %rdi /* Restore user RDI */
/*
* espfix_stack[31:16] == 0. The page tables are set up such that
@@ -852,7 +853,11 @@ ENTRY(native_iret)
* still points to an RO alias of the ESPFIX stack.
*/
orq PER_CPU_VAR(espfix_stack), %rax
- SWAPGS
+
+ SWITCH_TO_USER_CR3 scratch_reg=%rdi /* to user CR3 */
+ SWAPGS /* to user GS */
+ popq %rdi /* Restore user RDI */
+
movq %rax, %rsp
UNWIND_HINT_IRET_REGS offset=8
--- a/arch/x86/kernel/espfix_64.c
+++ b/arch/x86/kernel/espfix_64.c
@@ -61,8 +61,8 @@
#define PGALLOC_GFP (GFP_KERNEL | __GFP_NOTRACK | __GFP_ZERO)
/* This contains the *bottom* address of the espfix stack */
-DEFINE_PER_CPU_USER_MAPPED(unsigned long, espfix_stack);
-DEFINE_PER_CPU_USER_MAPPED(unsigned long, espfix_waddr);
+DEFINE_PER_CPU_READ_MOSTLY(unsigned long, espfix_stack);
+DEFINE_PER_CPU_READ_MOSTLY(unsigned long, espfix_waddr);
/* Initialization mutex - should this be a spinlock? */
static DEFINE_MUTEX(espfix_init_mutex);
@@ -226,10 +226,4 @@ void init_espfix_ap(int cpu)
per_cpu(espfix_stack, cpu) = addr;
per_cpu(espfix_waddr, cpu) = (unsigned long)stack_page
+ (addr & ~PAGE_MASK);
- /*
- * _PAGE_GLOBAL is not really required. This is not a hot
- * path, but we do it here for consistency.
- */
- kaiser_add_mapping((unsigned long)stack_page, PAGE_SIZE,
- __PAGE_KERNEL | _PAGE_GLOBAL);
}
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2017-11-27 22:35 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-27 22:31 [PATCH 0/5] KAISER fixlets Peter Zijlstra
2017-11-27 22:31 ` Peter Zijlstra [this message]
2017-11-27 22:39 ` [PATCH 1/5] x86/mm/kaiser: Alternative ESPFIX Peter Zijlstra
2017-11-27 22:41 ` Dave Hansen
2017-11-27 22:31 ` [PATCH 2/5] x86/mm/kaiser: Add a banner Peter Zijlstra
2017-11-28 3:36 ` Andy Lutomirski
2017-11-28 5:03 ` Josh Poimboeuf
2017-11-28 5:23 ` Andy Lutomirski
2017-11-28 12:54 ` Borislav Petkov
2017-11-27 22:31 ` [PATCH 3/5] x86/mm/kaiser: Revert ("Map the entry stack variables") Peter Zijlstra
2017-11-27 22:31 ` [PATCH 4/5] x86/mm/kaiser: Remove superfluous SWITCH_TO_KERNEL Peter Zijlstra
2017-11-27 22:47 ` Dave Hansen
2017-11-27 22:53 ` Peter Zijlstra
2017-11-27 22:31 ` [PATCH 5/5] x86/mm/kaiser: Disable the SYSCALL-64 trampoline along with KAISER Peter Zijlstra
2017-11-27 22:53 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171127223405.181647306@infradead.org \
--to=peterz@infradead.org \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=daniel.gruss@iaik.tugraz.at \
--cc=dave.hansen@linux.intel.com \
--cc=dvlasenk@redhat.com \
--cc=hpa@zytor.com \
--cc=hughd@google.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=michael.schwarz@iaik.tugraz.at \
--cc=mingo@kernel.org \
--cc=moritz.lipp@iaik.tugraz.at \
--cc=richard.fellner@student.tugraz.at \
--cc=riel@redhat.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox