| Message ID | 20230530114247.21821-10-alexander.shishkin@linux.intel.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp2123676vqr;
Tue, 30 May 2023 05:01:01 -0700 (PDT)
X-Google-Smtp-Source:
ACHHUZ4HyhF3lhIr98pvO9SZB28bV35O1yM1L5ejfEJBVsFeVjZ1Q/u0jBDhluDKVAjJriZqkJ24
X-Received: by 2002:a05:6a00:23ca:b0:643:6b94:374b with SMTP id
g10-20020a056a0023ca00b006436b94374bmr2706428pfc.1.1685448060148;
Tue, 30 May 2023 05:01:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1685448060; cv=none;
d=google.com; s=arc-20160816;
b=r3wbvIgN2leaMZ1PvdT0bjKAR07YIyxmbTpdyUdAFe3+ydqw2IgR+nz9Y3xVQpmOZb
HGm6TPpy83P0weJX9KWWdyM5Pe4svY+2IkEot9T+yDJxAiMZ9YGy5vgZh3Ze7V3IQcsR
9U3/nJ8suoc3ZAafRCRvY3E3TnFlZ86DwFB7cjxItDxMVcGpzqg4rBzGdtPUA7RjPkKI
TKSAEaNDESM/CgYzhVR/fcrIssfLMRNylujR7C9X+RtmUSEY7UYTRl+CsNy7m8aoEEH3
++It83OkX8F6P80II7aR1zBxDY65knWW80Ty74+w07eHQfqErIK/2/xTVaysc88FzvpU
1Vrw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:to:from
:dkim-signature;
bh=NrbQgNKvC+Km7rjL55qAjWx1ob3gwRNH/jH3SDy4wD4=;
b=A+n3dzdGhL+906ziSLn+uavgb0bG8lxjkZEQq/bIBEeCYzCgbJEFEg2KgGBH5M1u7v
upuqCahGXOCfrVEGsMvyB6xrWjkt6h55eVMrgP6r75FA5wDzGtbgcxbzxjTR8LNu/CRY
irztcRVSMblS9ET9+kAEJUT7zXp4MGMZ+Sl8UWP+js1SFPO8LcMUwQ+Kz/B7L6hNnyrD
P3IHiBge+HIbrffBgOKoEeszu9cAW+omCVPuXepCPzWgSdO8/9/o63AwijSl3hEE8lcm
C7js/OHeUbyue72e3nUPYI/XenBuZFdYbJu6u6jiCfpGTcGu0ouSJxjIgU+QlY7zeNS5
PL+Q==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=BSphozwy;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
g16-20020aa79f10000000b0064d5e97d4acsi1535033pfr.346.2023.05.30.05.00.45;
Tue, 30 May 2023 05:01:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=BSphozwy;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S231355AbjE3Loc (ORCPT <rfc822;andrewvogler123@gmail.com>
+ 99 others); Tue, 30 May 2023 07:44:32 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47062 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S231558AbjE3Lnx (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 30 May 2023 07:43:53 -0400
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 44206D9
for <linux-kernel@vger.kernel.org>;
Tue, 30 May 2023 04:43:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
t=1685447025; x=1716983025;
h=from:to:subject:date:message-id:in-reply-to:references:
mime-version:content-transfer-encoding;
bh=gvJTTiJQPueT57YJhcau7miaCzoaYCvVoo9At4Pni/s=;
b=BSphozwyPcGocoBFxHvJo5aOWSmGBQ6ZzVQ1uMeUEKp1cRd2X19aJkfl
Wf4YAhXsx8TBRNDzMccqvO7/cRNtexYmlynV5qNWt6PkCcXHbacsPXuSk
6FnPccwVKpI3UAr51P/ROkiUKFbWZ2i0cm3GrGasd4/sz8AXzDVqnxJcb
cQySVcqvFKr9qxgqMGUAXq2nANL27SiCCtLQekZhAHcz2I84XujggiBjk
I9yYLMLoIq6QymzjSjo5X+8sDNUpMRqPKD3e4UGqyOpp8a8vpSR+tQ4cf
FxwaK9oQ20KYxvgct2b3WGz6S8LKsZnFSix3LfNrT1iALOlddSKxBBaaE
Q==;
X-IronPort-AV: E=McAfee;i="6600,9927,10725"; a="383145391"
X-IronPort-AV: E=Sophos;i="6.00,204,1681196400";
d="scan'208";a="383145391"
Received: from orsmga007.jf.intel.com ([10.7.209.58])
by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
30 May 2023 04:43:20 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10725"; a="700588756"
X-IronPort-AV: E=Sophos;i="6.00,204,1681196400";
d="scan'208";a="700588756"
Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28])
by orsmga007.jf.intel.com with ESMTP; 30 May 2023 04:43:17 -0700
From: Alexander Shishkin <alexander.shishkin@linux.intel.com>
To: linux-kernel@vger.kernel.org, x86@kernel.org,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Ravi Shankar <ravi.v.shankar@intel.com>,
Tony Luck <tony.luck@intel.com>,
Sohil Mehta <sohil.mehta@intel.com>,
Paul Lai <paul.c.lai@intel.com>
Subject: [PATCH v2 09/12] x86/vsyscall: Disable LASS if vsyscall mode is set
to EMULATE
Date: Tue, 30 May 2023 14:42:44 +0300
Message-Id: <20230530114247.21821-10-alexander.shishkin@linux.intel.com>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20230530114247.21821-1-alexander.shishkin@linux.intel.com>
References: <20230530114247.21821-1-alexander.shishkin@linux.intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,
T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no
version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1767320385340243817?=
X-GMAIL-MSGID: =?utf-8?q?1767320385340243817?=
|
| Series |
Enable Linear Address Space Separation support
|
|
Commit Message
Alexander Shishkin
May 30, 2023, 11:42 a.m. UTC
From: Sohil Mehta <sohil.mehta@intel.com> The EMULATE mode of vsyscall maps the vsyscall page into user address space which can be read directly by the user application. This mode has been deprecated recently and can only be enabled from a special command line parameter vsyscall=emulate. See commit bf00745e7791 ("x86/vsyscall: Remove CONFIG_LEGACY_VSYSCALL_EMULATE") Fixing the LASS violations during the EMULATE mode would need complex instruction decoding since the resulting #GP fault does not include any useful error information and the vsyscall address is not readily available in the RIP. At this point, no one is expected to be using the insecure and deprecated EMULATE mode. The rare usages that need support probably don't care much about security anyway. Disable LASS when EMULATE mode is requested during command line parsing to avoid breaking user software. LASS will be supported if vsyscall mode is set to XONLY or NONE. Signed-off-by: Sohil Mehta <sohil.mehta@intel.com> --- arch/x86/entry/vsyscall/vsyscall_64.c | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c index 76e1344997d2..edd58eda8f50 100644 --- a/arch/x86/entry/vsyscall/vsyscall_64.c +++ b/arch/x86/entry/vsyscall/vsyscall_64.c @@ -36,6 +36,7 @@ #include <asm/vsyscall.h> #include <asm/unistd.h> #include <asm/fixmap.h> +#include <asm/tlbflush.h> #include <asm/traps.h> #include <asm/paravirt.h> @@ -63,6 +64,13 @@ static int __init vsyscall_setup(char *str) else return -EINVAL; + if (cpu_feature_enabled(X86_FEATURE_LASS) && + vsyscall_mode == EMULATE) { + cr4_clear_bits(X86_CR4_LASS); + setup_clear_cpu_cap(X86_FEATURE_LASS); + pr_info_once("x86/cpu: Disabling LASS support due to vsyscall=emulate\n"); + } + return 0; }