From: Frederic Weisbecker <frederic@kernel.org>
To: Valentin Schneider <vschneid@redhat.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, x86@kernel.org,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
Josh Poimboeuf <jpoimboe@kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Arnd Bergmann <arnd@arndb.de>,
"Paul E. McKenney" <paulmck@kernel.org>,
Jason Baron <jbaron@akamai.com>,
Steven Rostedt <rostedt@goodmis.org>,
Ard Biesheuvel <ardb@kernel.org>,
Sami Tolvanen <samitolvanen@google.com>,
"David S. Miller" <davem@davemloft.net>,
Neeraj Upadhyay <neeraj.upadhyay@kernel.org>,
Joel Fernandes <joelagnelf@nvidia.com>,
Josh Triplett <josh@joshtriplett.org>,
Boqun Feng <boqun.feng@gmail.com>,
Uladzislau Rezki <urezki@gmail.com>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
Mel Gorman <mgorman@suse.de>,
Andrew Morton <akpm@linux-foundation.org>,
Masahiro Yamada <masahiroy@kernel.org>,
Han Shen <shenhan@google.com>, Rik van Riel <riel@surriel.com>,
Jann Horn <jannh@google.com>,
Dan Carpenter <dan.carpenter@linaro.org>,
Oleg Nesterov <oleg@redhat.com>,
Juri Lelli <juri.lelli@redhat.com>,
Clark Williams <williams@redhat.com>,
Tomas Glozar <tglozar@redhat.com>,
Yair Podemsky <ypodemsk@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
Daniel Wagner <dwagner@suse.de>, Petr Tesarik <ptesarik@suse.com>,
Shrikanth Hegde <sshegde@linux.ibm.com>
Subject: Re: [RFC PATCH v8 08/10] x86/mm/pti: Introduce a kernel/user CR3 software signal
Date: Wed, 15 Apr 2026 14:02:51 +0200 [thread overview]
Message-ID: <ad9-a1OtQ9HwyuzP@localhost.localdomain> (raw)
In-Reply-To: <20260324094801.3092968-9-vschneid@redhat.com>
Le Tue, Mar 24, 2026 at 10:47:59AM +0100, Valentin Schneider a écrit :
> Later commits will rely on being able to check whether a remote CPU is
> using the kernel or the user CR3.
>
> This software signal needs to be updated before the actual CR3 write, IOW
> it always immediately precedes it:
>
> KERNEL_CR3_LOADED := 1
> SWITCH_TO_KERNEL_CR3
> [...]
> KERNEL_CR3_LOADED := 0
> SWITCH_TO_USER_CR3
>
> The variable also gets mapped into the user space visible pages.
> I tried really hard not to do that, and at some point had something mostly
> working with having an alias to it through the cpu_entry_area accessed like
> so before the switch to the kernel CR3:
>
> subq $10, %rsp
> sgdt (%rsp)
> movq 2(%rsp), \scratch_reg /* GDT address */
> addq $10, %rsp
>
> movl $1, CPU_ENTRY_AREA_kernel_cr3(\scratch_reg)
>
> however this explodes when running 64-bit user code that invokes SYSCALL,
> since the scratch reg is %rsp itself, and I figured this was enough headaches.
>
> This will only be really useful for NOHZ_FULL CPUs, but it should be
> cheaper to unconditionally update a never-used per-CPU variable living in
> its own cacheline than to check a shared cpumask such as
> housekeeping_cpumask(HK_TYPE_KERNEL_NOISE)
> at every entry.
>
> Signed-off-by: Valentin Schneider <vschneid@redhat.com>
> ---
> arch/x86/Kconfig | 14 +++++++++++++
> arch/x86/entry/calling.h | 13 ++++++++++++
> arch/x86/entry/syscall_64.c | 4 ++++
> arch/x86/include/asm/tlbflush.h | 3 +++
> arch/x86/mm/pti.c | 36 ++++++++++++++++++++++-----------
> 5 files changed, 58 insertions(+), 12 deletions(-)
>
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index 80527299f859a..f680e83cd5962 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -2192,6 +2192,20 @@ config ADDRESS_MASKING
> The capability can be used for efficient address sanitizers (ASAN)
> implementation and for optimizations in JITs.
>
> +config TRACK_CR3
> + def_bool n
> + prompt "Track which CR3 is in use"
> + depends on X86_64 && MITIGATION_PAGE_TABLE_ISOLATION && NO_HZ_FULL
> + help
> + This option adds a software signal that allows checking remotely
> + whether a CPU is using the user or the kernel page table.
> +
> + This allows further optimizations for NOHZ_FULL CPUs.
> +
> + This obviously makes the user<->kernel transition overhead even worse.
> +
> + If unsure, say N.
> +
> config HOTPLUG_CPU
> def_bool y
> depends on SMP
> diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h
> index 77e2d920a6407..4099b7d86efd9 100644
> --- a/arch/x86/entry/calling.h
> +++ b/arch/x86/entry/calling.h
> @@ -9,6 +9,7 @@
> #include <asm/ptrace-abi.h>
> #include <asm/msr.h>
> #include <asm/nospec-branch.h>
> +#include <asm/jump_label.h>
>
> /*
>
> @@ -170,8 +171,17 @@ For 32-bit we have the following conventions - kernel is built with
> andq $(~PTI_USER_PGTABLE_AND_PCID_MASK), \reg
> .endm
>
> +.macro NOTE_CR3_SWITCH scratch_reg:req in_kernel:req
> +#ifdef CONFIG_TRACK_CR3
> + STATIC_BRANCH_FALSE_LIKELY housekeeping_overridden, .Lend_\@
> + movl \in_kernel, PER_CPU_VAR(kernel_cr3_loaded)
Does this need full ordering of some sort? Like this should be LOCK xadd ?
Thanks.
--
Frederic Weisbecker
SUSE Labs
next prev parent reply other threads:[~2026-04-15 12:02 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-24 9:47 [RFC PATCH v8 00/10] context_tracking,x86: Defer some IPIs until a user->kernel transition Valentin Schneider
2026-03-24 9:47 ` [RFC PATCH v8 01/10] objtool: Make validate_call() recognize indirect calls to pv_ops[] Valentin Schneider
2026-03-24 9:47 ` [RFC PATCH v8 02/10] objtool: Flesh out warning related to pv_ops[] calls Valentin Schneider
2026-03-24 9:47 ` [RFC PATCH v8 03/10] objtool: Always pass a section to validate_unwind_hints() Valentin Schneider
2026-03-24 9:47 ` [RFC PATCH v8 04/10] x86/retpoline: Make warn_thunk_thunk .noinstr Valentin Schneider
2026-03-24 9:47 ` [RFC PATCH v8 05/10] sched/isolation: Mark housekeeping_overridden key as __ro_after_init Valentin Schneider
2026-03-24 15:17 ` Shrikanth Hegde
2026-03-24 19:46 ` Valentin Schneider
2026-03-24 9:47 ` [RFC PATCH v8 06/10] objtool: Add .entry.text validation for static branches Valentin Schneider
2026-03-24 9:47 ` [RFC PATCH v8 07/10] x86/jump_label: Add ASM support for static_branch_likely() Valentin Schneider
2026-03-24 9:47 ` [RFC PATCH v8 08/10] x86/mm/pti: Introduce a kernel/user CR3 software signal Valentin Schneider
2026-04-15 12:02 ` Frederic Weisbecker [this message]
2026-03-24 9:48 ` [RFC PATCH v8 09/10] context_tracking,x86: Defer kernel text patching IPIs when tracking CR3 switches Valentin Schneider
2026-04-15 12:11 ` Frederic Weisbecker
2026-03-24 9:48 ` [RFC PATCH v8 10/10] x86/mm, mm/vmalloc: Defer kernel TLB flush " Valentin Schneider
2026-03-24 15:01 ` [syzbot ci] Re: context_tracking,x86: Defer some IPIs until a user->kernel transition syzbot ci
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ad9-a1OtQ9HwyuzP@localhost.localdomain \
--to=frederic@kernel.org \
--cc=acme@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=boqun.feng@gmail.com \
--cc=bp@alien8.de \
--cc=dan.carpenter@linaro.org \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=dwagner@suse.de \
--cc=hpa@zytor.com \
--cc=jannh@google.com \
--cc=jbaron@akamai.com \
--cc=joelagnelf@nvidia.com \
--cc=josh@joshtriplett.org \
--cc=jpoimboe@kernel.org \
--cc=juri.lelli@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=masahiroy@kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mgorman@suse.de \
--cc=mingo@redhat.com \
--cc=mtosatti@redhat.com \
--cc=neeraj.upadhyay@kernel.org \
--cc=oleg@redhat.com \
--cc=paulmck@kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=ptesarik@suse.com \
--cc=riel@surriel.com \
--cc=rostedt@goodmis.org \
--cc=samitolvanen@google.com \
--cc=shenhan@google.com \
--cc=sshegde@linux.ibm.com \
--cc=tglozar@redhat.com \
--cc=tglx@linutronix.de \
--cc=urezki@gmail.com \
--cc=vschneid@redhat.com \
--cc=williams@redhat.com \
--cc=x86@kernel.org \
--cc=ypodemsk@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox