From: Thomas Gleixner <tglx@linutronix.de>
To: LKML <linux-kernel@vger.kernel.org>
Cc: x86@kernel.org, Linus Torvalds <torvalds@linux-foundation.org>,
Andy Lutomirsky <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Dave Hansen <dave.hansen@intel.com>,
Borislav Petkov <bpetkov@suse.de>,
Greg KH <gregkh@linuxfoundation.org>,
keescook@google.com, hughd@google.com,
Brian Gerst <brgerst@gmail.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Denys Vlasenko <dvlasenk@redhat.com>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Juergen Gross <jgross@suse.com>,
David Laight <David.Laight@aculab.com>,
Eduardo Valentin <eduval@amazon.com>,
aliguori@amazon.com, Will Deacon <will.deacon@arm.com>,
linux-mm@kvack.org
Subject: [patch 00/16] x86/ldt: Use a VMA based read only mapping
Date: Tue, 12 Dec 2017 18:32:21 +0100 [thread overview]
Message-ID: <20171212173221.496222173@linutronix.de> (raw)
Peter and myself spent quite some time to figure out how to make CPUs cope
with a RO mapped LDT.
While the initial trick of writing the ACCESS bit in a special fault
handler covers most cases, the tricky problem of CS/SS in return to user
space (IRET ...) was giving us quite some headache.
Peter finally found a way to do so. Touching the CS/SS selectors with LAR
on the way out to user space makes it work w/o trouble.
Contrary to the approach Andy was taking with storing the LDT in a special
map area, the following series uses a special mapping which is mapped
without the user bit and read only. This just ties the LDT to the process
which is the most natural way to do it, removes the requirement for special
pagetable code and works independent of pagetable isolation.
This was tested on quite a range of Intel and AMD machines, but the test
coverage on 32bit is quite meager. I'll resurrect a few dust bricks
tomorrow.
The patch series also includes an updated version of the: do not inherit
LDT on exec changes.
There are some extensions to the VMA code, which need scrunity of the mm
folks.
Thanks,
tglx
---
arch/powerpc/include/asm/mmu_context.h | 5
arch/powerpc/platforms/Kconfig.cputype | 1
arch/s390/Kconfig | 1
arch/x86/entry/common.c | 8
arch/x86/include/asm/desc.h | 2
arch/x86/include/asm/mmu.h | 7
arch/x86/include/asm/thread_info.h | 4
arch/x86/include/uapi/asm/mman.h | 4
arch/x86/kernel/cpu/common.c | 4
arch/x86/kernel/ldt.c | 573 ++++++++++++++++++++++-------
arch/x86/mm/fault.c | 19
arch/x86/mm/tlb.c | 2
arch/x86/power/cpu.c | 2
b/arch/um/include/asm/mmu_context.h | 3
b/arch/unicore32/include/asm/mmu_context.h | 5
b/arch/x86/include/asm/mmu_context.h | 93 +++-
b/include/linux/mman.h | 4
include/asm-generic/mm_hooks.h | 5
include/linux/mm.h | 21 -
include/linux/mm_types.h | 3
kernel/fork.c | 3
mm/internal.h | 2
mm/mmap.c | 16
tools/testing/selftests/x86/ldt_gdt.c | 83 +++-
24 files changed, 673 insertions(+), 197 deletions(-)
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next reply other threads:[~2017-12-12 17:34 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-12 17:32 Thomas Gleixner [this message]
2017-12-12 17:32 ` [patch 01/16] arch: Allow arch_dup_mmap() to fail Thomas Gleixner
2017-12-12 17:32 ` [patch 02/16] x86/ldt: Rework locking Thomas Gleixner
2017-12-12 17:32 ` [patch 03/16] x86/ldt: Prevent ldt inheritance on exec Thomas Gleixner
2017-12-12 17:32 ` [patch 04/16] mm/softdirty: Move VM_SOFTDIRTY into high bits Thomas Gleixner
2017-12-12 17:32 ` [patch 05/16] mm: Allow special mappings with user access cleared Thomas Gleixner
2017-12-12 18:00 ` Andy Lutomirski
2017-12-12 18:05 ` Peter Zijlstra
2017-12-12 18:06 ` Andy Lutomirski
2017-12-12 18:25 ` Peter Zijlstra
2017-12-13 12:22 ` Peter Zijlstra
2017-12-13 12:57 ` Kirill A. Shutemov
2017-12-13 14:34 ` Peter Zijlstra
2017-12-13 14:43 ` Kirill A. Shutemov
2017-12-13 15:00 ` Peter Zijlstra
2017-12-13 15:04 ` Peter Zijlstra
2017-12-13 15:14 ` Dave Hansen
2017-12-13 15:32 ` Peter Zijlstra
2017-12-13 15:47 ` Dave Hansen
2017-12-13 15:54 ` Peter Zijlstra
2017-12-13 18:08 ` Linus Torvalds
2017-12-13 18:21 ` Dave Hansen
2017-12-13 18:23 ` Linus Torvalds
2017-12-13 18:31 ` Andy Lutomirski
2017-12-13 18:32 ` Peter Zijlstra
2017-12-13 18:35 ` Linus Torvalds
2017-12-14 4:53 ` Aneesh Kumar K.V
2017-12-13 21:50 ` Matthew Wilcox
2017-12-13 22:12 ` Peter Zijlstra
2017-12-14 0:10 ` Matthew Wilcox
2017-12-14 0:16 ` Andy Lutomirski
2017-12-12 17:32 ` [patch 06/16] mm: Provide vm_special_mapping::close Thomas Gleixner
2017-12-12 17:32 ` [patch 07/16] selftest/x86: Implement additional LDT selftests Thomas Gleixner
2017-12-12 17:32 ` [patch 08/16] selftests/x86/ldt_gdt: Prepare for access bit forced Thomas Gleixner
2017-12-12 17:32 ` [patch 09/16] mm: Make populate_vma_page_range() available Thomas Gleixner
2017-12-12 17:32 ` [patch 10/16] x86/ldt: Do not install LDT for kernel threads Thomas Gleixner
2017-12-12 17:57 ` Andy Lutomirski
2017-12-12 17:32 ` [patch 11/16] x86/ldt: Force access bit for CS/SS Thomas Gleixner
2017-12-12 18:03 ` Andy Lutomirski
2017-12-12 18:09 ` Peter Zijlstra
2017-12-12 18:10 ` Andy Lutomirski
2017-12-12 18:22 ` Andy Lutomirski
2017-12-12 18:29 ` Peter Zijlstra
2017-12-12 18:41 ` Thomas Gleixner
2017-12-12 19:04 ` Peter Zijlstra
2017-12-12 19:05 ` Linus Torvalds
2017-12-12 19:26 ` Andy Lutomirski
2017-12-19 12:10 ` David Laight
2017-12-12 17:32 ` [patch 12/16] x86/ldt: Reshuffle code Thomas Gleixner
2017-12-12 17:32 ` [patch 13/16] x86/ldt: Introduce LDT write fault handler Thomas Gleixner
2017-12-12 17:58 ` Andy Lutomirski
2017-12-12 18:19 ` Peter Zijlstra
2017-12-12 18:43 ` Thomas Gleixner
2017-12-12 19:01 ` Linus Torvalds
2017-12-12 19:21 ` Thomas Gleixner
2017-12-12 19:51 ` Linus Torvalds
2017-12-12 20:21 ` Dave Hansen
2017-12-12 20:37 ` Thomas Gleixner
2017-12-12 21:35 ` Andy Lutomirski
2017-12-12 21:42 ` Thomas Gleixner
2017-12-12 21:41 ` Thomas Gleixner
2017-12-12 21:46 ` Thomas Gleixner
2017-12-12 22:25 ` Peter Zijlstra
2017-12-12 17:32 ` [patch 14/16] x86/ldt: Prepare for VMA mapping Thomas Gleixner
2017-12-12 17:32 ` [patch 15/16] x86/ldt: Add VMA management code Thomas Gleixner
2017-12-12 17:32 ` [patch 16/16] x86/ldt: Make it read only VMA mapped Thomas Gleixner
2017-12-12 18:03 ` [patch 00/16] x86/ldt: Use a VMA based read only mapping Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171212173221.496222173@linutronix.de \
--to=tglx@linutronix.de \
--cc=David.Laight@aculab.com \
--cc=aliguori@amazon.com \
--cc=boris.ostrovsky@oracle.com \
--cc=bpetkov@suse.de \
--cc=brgerst@gmail.com \
--cc=dave.hansen@intel.com \
--cc=dvlasenk@redhat.com \
--cc=eduval@amazon.com \
--cc=gregkh@linuxfoundation.org \
--cc=hughd@google.com \
--cc=jgross@suse.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=peterz@infradead.org \
--cc=torvalds@linux-foundation.org \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox