From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 73300C433EF
	for <linux-mm@archiver.kernel.org>; Sat,  8 Jan 2022 16:44:39 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 478FE6B0082; Sat,  8 Jan 2022 11:44:31 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 427CD6B0083; Sat,  8 Jan 2022 11:44:31 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 119B76B0085; Sat,  8 Jan 2022 11:44:31 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0211.hostedemail.com [216.40.44.211])
	by kanga.kvack.org (Postfix) with ESMTP id E4DA06B0082
	for <linux-mm@kvack.org>; Sat,  8 Jan 2022 11:44:30 -0500 (EST)
Received: from smtpin30.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay03.hostedemail.com (Postfix) with ESMTP id AD34180FD981
	for <linux-mm@kvack.org>; Sat,  8 Jan 2022 16:44:30 +0000 (UTC)
X-FDA: 79007693100.30.364CF2A
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
	by imf18.hostedemail.com (Postfix) with ESMTP id 3DE771C000B
	for <linux-mm@kvack.org>; Sat,  8 Jan 2022 16:44:30 +0000 (UTC)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 8836360DD0;
	Sat,  8 Jan 2022 16:44:29 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3914AC36AED;
	Sat,  8 Jan 2022 16:44:29 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1641660269;
	bh=6qfndroNSvS0PIjgZS5xp09UQvoV+Yf5NN9ZzmIhrIQ=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=LMeO/k5pF7lBmYkpUKME1r7Y5oNUYFq/iwsij2I8eVxJi2tdPS2zI9IGMIU0GE0oU
	 Kp7yLce8Y8unoowsw8vYLycwt5QPkQbUsU/pJC2zVt7G0e7/0ej+MjGXXyAA+As8T2
	 /eQIgeEcTkClLIINypGIvv3g8UyKQOGSbIVtosrPGbq66FUsx1pfb6vmQD03IdCc+H
	 e8eGvUz+8Eah4ApSmNIO4TYL3M08jd8NBw0r7xP3/knCaFOnTVadFP93khGD+GhXaD
	 8qDMF4ZFAz2/FK7pl7iB1h6sJ9g8HqrJztV0RgSKf/WcwAhbRfzDcKyCslUESX9xvl
	 wDEj07Lyuq/OQ==
From: Andy Lutomirski <luto@kernel.org>
To: Andrew Morton <akpm@linux-foundation.org>,
	Linux-MM <linux-mm@kvack.org>
Cc: Nicholas Piggin <npiggin@gmail.com>,
	Anton Blanchard <anton@ozlabs.org>,
	Benjamin Herrenschmidt <benh@kernel.crashing.org>,
	Paul Mackerras <paulus@ozlabs.org>,
	Randy Dunlap <rdunlap@infradead.org>,
	linux-arch <linux-arch@vger.kernel.org>,
	x86@kernel.org,
	Rik van Riel <riel@surriel.com>,
	Dave Hansen <dave.hansen@intel.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Nadav Amit <nadav.amit@gmail.com>,
	Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
	Andy Lutomirski <luto@kernel.org>,
	Woody Lin <woodylin@google.com>,
	Valentin Schneider <valentin.schneider@arm.com>,
	Sami Tolvanen <samitolvanen@google.com>
Subject: [PATCH 11/23] sched/scs: Initialize shadow stack on idle thread bringup, not shutdown
Date: Sat,  8 Jan 2022 08:43:56 -0800
Message-Id: <233d81a0a1e7b8eca1907998152ee848159b8774.1641659630.git.luto@kernel.org>
X-Mailer: git-send-email 2.33.1
In-Reply-To: <cover.1641659630.git.luto@kernel.org>
References: <cover.1641659630.git.luto@kernel.org>
MIME-Version: 1.0
X-Rspamd-Queue-Id: 3DE771C000B
X-Stat-Signature: emxo5614g8nagxwci7iqdd3i79maupc7
Authentication-Results: imf18.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b="LMeO/k5p";
	spf=pass (imf18.hostedemail.com: domain of luto@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=luto@kernel.org;
	dmarc=pass (policy=none) header.from=kernel.org
X-Rspamd-Server: rspam10
X-HE-Tag: 1641660270-850782
Content-Transfer-Encoding: quoted-printable
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

Starting with commit 63acd42c0d49 ("sched/scs: Reset the shadow stack whe=
n
idle_task_exit"), the idle thread's shadow stack was reset from the idle
task's context during CPU hot-unplug.  This was fragile: between resettin=
g
the shadow stack and actually stopping the idle task, the shadow stack
did not match the actual call stack.

Clean this up by resetting the idle task's SCS in bringup_cpu().

init_idle() still does scs_task_reset() -- see the comments there.  I
leave this to an SCS maintainer to untangle further.

Cc: Woody Lin <woodylin@google.com>
Cc: Valentin Schneider <valentin.schneider@arm.com>
Cc: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
 kernel/cpu.c        | 3 +++
 kernel/sched/core.c | 9 ++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/kernel/cpu.c b/kernel/cpu.c
index 192e43a87407..be16816bb87c 100644
--- a/kernel/cpu.c
+++ b/kernel/cpu.c
@@ -33,6 +33,7 @@
 #include <linux/slab.h>
 #include <linux/percpu-rwsem.h>
 #include <linux/cpuset.h>
+#include <linux/scs.h>
=20
 #include <trace/events/power.h>
 #define CREATE_TRACE_POINTS
@@ -587,6 +588,8 @@ static int bringup_cpu(unsigned int cpu)
 	struct task_struct *idle =3D idle_thread_get(cpu);
 	int ret;
=20
+	scs_task_reset(idle);
+
 	/*
 	 * Some architectures have to walk the irq descriptors to
 	 * setup the vector space for the cpu which comes online.
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 917068b0a145..acd52a7d1349 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -8621,7 +8621,15 @@ void __init init_idle(struct task_struct *idle, in=
t cpu)
 	idle->flags |=3D PF_IDLE | PF_KTHREAD | PF_NO_SETAFFINITY;
 	kthread_set_per_cpu(idle, cpu);
=20
+	/*
+	 * NB: This is called from sched_init() on the *current* idle thread.
+	 * This seems fragile if not actively incorrect.
+	 *
+	 * Initializing SCS for about-to-be-brought-up CPU idle threads
+	 * is in bringup_cpu(), but that does not cover the boot CPU.
+	 */
 	scs_task_reset(idle);
+
 	kasan_unpoison_task_stack(idle);
=20
 #ifdef CONFIG_SMP
@@ -8779,7 +8787,6 @@ void idle_task_exit(void)
 		finish_arch_post_lock_switch();
 	}
=20
-	scs_task_reset(current);
 	/* finish_cpu(), as ran on the BP, will clean up the active_mm state */
 }
=20
--=20
2.33.1