From patchwork Mon Apr 10 08:14:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Li, Xin3" X-Patchwork-Id: 81410 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp1758319vqo; Mon, 10 Apr 2023 01:45:23 -0700 (PDT) X-Google-Smtp-Source: AKy350apesV0+MkEuSSToO2wUzNxU7gQK3Psoji7wGKBZIBCAlu1yzzbmwoP3/7KeehR462WkycI X-Received: by 2002:a05:6a20:671c:b0:d6:ba0b:c82c with SMTP id q28-20020a056a20671c00b000d6ba0bc82cmr10927315pzh.38.1681116323734; Mon, 10 Apr 2023 01:45:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681116323; cv=none; d=google.com; s=arc-20160816; b=wD3mvogqOQKPlJ40pS67Ru62ZyforcOY6P9UbGXj5XpvstP87IIbRsWfeNgbNY3wR0 4QWqSRDo1892Z1nSVtxJKJ7vXis+OA72TUxzINdhCmgjMqsqlcnja5bqKH2DvgkhN/eA nXxeKInP9zS+4bq9VbMAtRl8OG08RhohopRfYrFT3Y2HSWUIhFTvMk2g+RhobtNdHZ4c EUzz0E2G6V/z9W/V3y8kC7CrSa76ehcc4nCKpEs598DdOom4sjfS6Hu1e/7jiLliH5Ms pQwNAjCKJIVmgs2BdBF9gRnuaazPTKqLdN9aJZ/dUAc2RTUVZPhlcOjmcovYuiJgve04 aXhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=W7XedNztJ0mTK2b/JAIVrms4PBeui63Rn/5g9sSZqqs=; b=gsMiYfo7afxBCx8he/AaF9Yi1KErqsVxRqs/KWZnYepWjHSHwAPfLbsfzIlWBiOehO HC3KJr3YHjZbV+LcNcBK8anyXB8OnikYaSk2hsd3zHVVxxkeQGYYOHOSOxX8ewYlNmvc pECfhQ8QxlYyOtuuIebfOqF8Y2SrZ4Dzdp5sOAFXlUnyU+l8WFRo9oRgtHhfd1CuMHet Y4WnsNxz39YO6ZAW1/fNENYKWZkOw7mBTFeeOP/SPpIzbvafJAIzsB054fmK0HgpTfiX FVe+Bz53Oh34aeWzhPx5DwbbsRtDQ7shCzR8g9HnhNAc4ZBz65vlkWurRg2GzN/IIt/P kFLg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=F65AZPl4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l70-20020a638849000000b00519d96ec174si2398794pgd.411.2023.04.10.01.45.12; Mon, 10 Apr 2023 01:45:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=F65AZPl4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230077AbjDJInR (ORCPT + 99 others); Mon, 10 Apr 2023 04:43:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50624 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230000AbjDJIm3 (ORCPT ); Mon, 10 Apr 2023 04:42:29 -0400 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C1BEE5FCD; Mon, 10 Apr 2023 01:41:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1681116077; x=1712652077; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=YkOYUeaNmXvaQHTm0febRcu8lP7lpU11uM/4zVeP9Zg=; b=F65AZPl4n5TPU/WE2Y7862BqXmYW+iWW1XpaexFWFjJTS3EX8yks7xrd vtXRNgdDGqDJAr4/sg+vOpjBizujb3amHljVjsp+CSvNz24anmZrhYUKO ASMlmIgq3+on+VPoUfHCuHmp6Blck/70b+q+dIWO7aYhW3I2418n/nbY7 y254PTa8u9wJcGp3Pbvzro8ESSBAVKkIRoV/mwxO+/aKeJ+7/BVQBTuGX woi0f+InuUhsaH2fdddn67CJyFkkJIpo/2oEXXFUHb6yBgQ5mQ6P+3zkn Xi0Y9Bo7G+3xAu32N256l+fEyCO1GFJ2/gYxaV497LermEd6ihtsZxzik A==; X-IronPort-AV: E=McAfee;i="6600,9927,10675"; a="342078205" X-IronPort-AV: E=Sophos;i="5.98,333,1673942400"; d="scan'208";a="342078205" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Apr 2023 01:41:08 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10675"; a="799436365" X-IronPort-AV: E=Sophos;i="5.98,333,1673942400"; d="scan'208";a="799436365" Received: from unknown (HELO fred..) ([172.25.112.68]) by fmsmga002.fm.intel.com with ESMTP; 10 Apr 2023 01:41:08 -0700 From: Xin Li To: linux-kernel@vger.kernel.org, x86@kernel.org, kvm@vger.kernel.org Cc: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, hpa@zytor.com, peterz@infradead.org, andrew.cooper3@citrix.com, seanjc@google.com, pbonzini@redhat.com, ravi.v.shankar@intel.com, jiangshanlai@gmail.com, shan.kang@intel.com Subject: [PATCH v8 31/33] x86/fred: BUG() when ERETU with %rsp not equal to that when the ring 3 event was just delivered Date: Mon, 10 Apr 2023 01:14:36 -0700 Message-Id: <20230410081438.1750-32-xin3.li@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230410081438.1750-1-xin3.li@intel.com> References: <20230410081438.1750-1-xin3.li@intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.5 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1762778230108562661?= X-GMAIL-MSGID: =?utf-8?q?1762778230108562661?= A FRED stack frame generated by a ring 3 event should never be messed up, and the first thing we must make sure is that at the time an ERETU instruction is executed, %rsp must have the same address as that when the user level event was just delivered. However we don't want to bother the normal code path of ERETU because it's on the hotest code path, a good choice is to do this check when ERETU faults. Suggested-by: H. Peter Anvin (Intel) Tested-by: Shan Kang Signed-off-by: Xin Li --- arch/x86/mm/extable.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/mm/extable.c b/arch/x86/mm/extable.c index 9d82193adf3c..be297d4b137b 100644 --- a/arch/x86/mm/extable.c +++ b/arch/x86/mm/extable.c @@ -204,6 +204,14 @@ static bool ex_handler_eretu(const struct exception_table_entry *fixup, unsigned short ss = uregs->ss; unsigned short cs = uregs->cs; + /* + * A FRED stack frame generated by a ring 3 event should never be + * messed up, and the first thing we must make sure is that at the + * time an ERETU instruction is executed, %rsp must have the same + * address as that when the user level event was just delivered. + */ + BUG_ON(uregs != current->thread_info.user_pt_regs); + /* * Move the NMI bit from the invalid stack frame, which caused ERETU * to fault, to the fault handler's stack frame, thus to unblock NMI