From patchwork Wed Aug 2 22:19:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tip-bot2 for Thomas Gleixner X-Patchwork-Id: 130203 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp783087vqx; Wed, 2 Aug 2023 16:08:54 -0700 (PDT) X-Google-Smtp-Source: APBJJlHKtBJDbklJdO+ieOHp4fGh2CB954AEee7tcBDroYZKHMg13hb2Dlk58qVmcZ52QW9uhSY4 X-Received: by 2002:a17:902:e810:b0:1b3:d4bb:3515 with SMTP id u16-20020a170902e81000b001b3d4bb3515mr17565915plg.0.1691017734344; Wed, 02 Aug 2023 16:08:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691017734; cv=none; d=google.com; s=arc-20160816; b=Jn/ROtdot5LCcBGiSMszgg9yYCwzr88YCad3p+o69x0UhkUx7wwI4FT6foU5suJLM8 biwx4tD6A99k/2V40845KiEkZWysgYaPbL+kVOWsq3SIobpu4+DNPd1xuVd7T36ER3nd 5Ndw5LE/DzbTB4pRh55yZgD4eoX1JYp850Hrexdi8TYFxGZpL7FA70sGOOlaSDjWPhyA u4nsQ4pamLjJk1UriFbOW8z5BroeGj9MelA4wbit8OPWwi2lth6lZ+0LNEOY8J7rZ479 Ro00l4ZCvo0YGZLYEi/rN483WZV5lUX3lx46zEWg/1yLm4ivtnuyew0FUKksbPKuwhOK 9Ijg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:robot-unsubscribe :robot-id:message-id:mime-version:cc:subject:to:reply-to:sender:from :dkim-signature:dkim-signature:date; bh=LNRvVa6+ZCTmAy1D1RLwyuNTOalFwUFV4pzniqzVN0A=; fh=DErNX+FP1i15oz3qs87i1gR330nFAaK00aIY9hllqPU=; b=KYoMJcZnHaEfjy3bFM7D48ff57pCeinBkI4wGNFBdVyDuT5vkadxSETYztyWgalE6g LLrl6J2F960JnjVJYOp2YJaBy6HkKoUud23+/bHdka8plvqmVeomipJAh809KhmFdAa4 o/kV5AyB2EO0eiRz/fBpZLmWnM1QgHPHnyRQWe1wdDMA827UUjfUNzWuNtVbMkUiOQ91 w+vyTvuLyygGqBXT28n1SgUnve/0NVJ1rtlcM4jPzRuRPKfyTocKtpDWjKGKOnmmofz8 Y2fBqwMNhEe3WCnU29VQIAhKgNmXnsrrvGDPHtH67XQotbic/fGiyc52HPjsPta1BfZz l4rw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=ttWGX0FX; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=8azskVm0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p17-20020a170902ead100b001bb0ff2b354si11263389pld.425.2023.08.02.16.08.32; Wed, 02 Aug 2023 16:08:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=ttWGX0FX; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=8azskVm0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232504AbjHBWTf (ORCPT + 99 others); Wed, 2 Aug 2023 18:19:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60198 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229610AbjHBWT3 (ORCPT ); Wed, 2 Aug 2023 18:19:29 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B85072703; Wed, 2 Aug 2023 15:19:26 -0700 (PDT) Date: Wed, 02 Aug 2023 22:19:22 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1691014764; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LNRvVa6+ZCTmAy1D1RLwyuNTOalFwUFV4pzniqzVN0A=; b=ttWGX0FX7b/yFG9HQGkGA3VjOmysOUUqGgdoebCxR4d8fe4vPQDxCVuWFk63n7xZDcNa1b HTk+UOhY9x5BeqI5Wgx/oOjst4ruDl8hVuOwKnTB0YOsLtNmX22KkENuLHQFLGBy5okmFj keNdGWizqHd12Ah07YRy741/JYPvveZ3n90Buxz9+k7RiDuvNTkTj1P9s7V97bwPww/5zT q5c7mIn8cenYtWLVuhC2byNbL0wmaFgCg7OWdEzqU9lVfyLAzW2uAl+WT03hCF7MbgjxTk wVWGz6Yj0t+ZUpfS3Qa54lqwYkaA79Koyp0wk4YjjdgOXtIrSZ6yJje6UzD3iA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1691014764; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LNRvVa6+ZCTmAy1D1RLwyuNTOalFwUFV4pzniqzVN0A=; b=8azskVm0mzQZL+VVCmpqqgPXyblXCY7psZ/TP7jwzcU+q/bDIeTwuHH2Oe6QhQiFj5JwCZ CslYqtaWcrHGE/CQ== From: "tip-bot2 for Rick Edgecombe" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/shstk] x86/shstk: Don't retry vm_munmap() on -EINTR Cc: Rick Edgecombe , Dave Hansen , x86@kernel.org, linux-kernel@vger.kernel.org MIME-Version: 1.0 Message-ID: <169101476285.28540.9496788715875076111.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773160611627769463 X-GMAIL-MSGID: 1773160611627769463 The following commit has been merged into the x86/shstk branch of tip: Commit-ID: c6b53dcec07c842af75123d9b29684bdbd36a407 Gitweb: https://git.kernel.org/tip/c6b53dcec07c842af75123d9b29684bdbd36a407 Author: Rick Edgecombe AuthorDate: Thu, 06 Jul 2023 16:38:58 -07:00 Committer: Dave Hansen CommitterDate: Wed, 02 Aug 2023 15:01:51 -07:00 x86/shstk: Don't retry vm_munmap() on -EINTR The existing comment around handling vm_munmap() failure when freeing a shadow stack is wrong. It asserts that vm_munmap() returns -EINTR when the mmap lock is only being held for a short time, and so the caller should retry. Based on this wrong understanding, unmap_shadow_stack() will loop retrying vm_munmap(). What -EINTR actually means in this case is that the process is going away (see ae79878), and the whole MM will be torn down soon. In order to facilitate this, the task should not linger in the kernel, but actually do the opposite. So don't loop in this scenario, just abandon the operation and let exit_mmap() clean it up. Also, update the comment to reflect the actual meaning of the error code. Signed-off-by: Rick Edgecombe Signed-off-by: Dave Hansen Link: https://lore.kernel.org/all/20230706233858.446232-1-rick.p.edgecombe%40intel.com --- arch/x86/kernel/shstk.c | 38 +++++++++++++++++--------------------- 1 file changed, 17 insertions(+), 21 deletions(-) diff --git a/arch/x86/kernel/shstk.c b/arch/x86/kernel/shstk.c index 47f5204..cd10d07 100644 --- a/arch/x86/kernel/shstk.c +++ b/arch/x86/kernel/shstk.c @@ -134,28 +134,24 @@ static unsigned long adjust_shstk_size(unsigned long size) static void unmap_shadow_stack(u64 base, u64 size) { - while (1) { - int r; - - r = vm_munmap(base, size); - - /* - * vm_munmap() returns -EINTR when mmap_lock is held by - * something else, and that lock should not be held for a - * long time. Retry it for the case. - */ - if (r == -EINTR) { - cond_resched(); - continue; - } + int r; - /* - * For all other types of vm_munmap() failure, either the - * system is out of memory or there is bug. - */ - WARN_ON_ONCE(r); - break; - } + r = vm_munmap(base, size); + + /* + * mmap_write_lock_killable() failed with -EINTR. This means + * the process is about to die and have it's MM cleaned up. + * This task shouldn't ever make it back to userspace. In this + * case it is ok to leak a shadow stack, so just exit out. + */ + if (r == -EINTR) + return; + + /* + * For all other types of vm_munmap() failure, either the + * system is out of memory or there is bug. + */ + WARN_ON_ONCE(r); } static int shstk_setup(void)