From patchwork Fri Jun 9 18:36:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Shishkin X-Patchwork-Id: 105775 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1114201vqr; Fri, 9 Jun 2023 11:50:19 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6QhK1VSdsBC2sL0A78KzgjlFVkFnXTSvLEUpx1DBt6EDq9fpBlTHlosF14R80g3vvBXce4 X-Received: by 2002:a17:90a:d806:b0:259:9824:5cce with SMTP id a6-20020a17090ad80600b0025998245ccemr2936965pjv.18.1686336618999; Fri, 09 Jun 2023 11:50:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686336618; cv=none; d=google.com; s=arc-20160816; b=XhSRVqoflpWHnpCrHvano0sw1gkZnTtURfJAoZqv6I9gCtueplYnbJ1f1rKHcfSNF9 yWERfjU0MqcbXjwdrP6XsiOf//2tyy1mJfZhNsXCaKFdiu5bO8hVRSlDo0Hr5qZJVaaK flRlKC3dUJeWIC7BiVkUOyB3aid4Aw6aD6Ao/FRevqWha5Dw+htq2wbtWA4GAwX+5fxR BfcB2I+7NMwCBaMBdFworcWXqnQOLS5FTIIM2kF2UuJEdAAbmgkXSHN9IjuiWQ6Np+Ku MwcqAAHHPSeWdtb+AN2n1KPD9EWExozbomP1QaHCAYOov22z8LGa3HxMF8jZiDqZwLLW 7X+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=KQan61N+WsxmufcODP4Cy1ohq8JRc7obcF41zwo6j/A=; b=fNpw4kJtMdI/OS6bejdUhoBX49JZQeMEBhfegrC/8arDbgKKtvm96wdDfVnuQmCuFg 2Acl63rdG5Q13pCW/2HQLjYOirk8nHWj8+313kRdFeruy/MAwptMFYCgBUQy4+FcbNg8 FCYjS+FTn+LBLtLLLslks4rK1FQknGkjgABtyKOrwskZpCkZutpoxJKbeEZNvFSECqjA gtBxsH7beDeJpJcz2mv9L3LHp3z7gLWUTjYN2NV2S+gjTx1hAY4QdtiEH7rWoHuIfbwK rozuVALQT/gb8XAtLjI3LxEiO7xOG6x07q/o43UJk2QFjo8Mvz4wN87/ETFY18SS8rlq a7oA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=ZZXSZhko; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 29-20020a17090a195d00b0025870834638si4546766pjh.190.2023.06.09.11.50.04; Fri, 09 Jun 2023 11:50:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=ZZXSZhko; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231921AbjFIShx (ORCPT + 99 others); Fri, 9 Jun 2023 14:37:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50180 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231773AbjFIShb (ORCPT ); Fri, 9 Jun 2023 14:37:31 -0400 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B8DFE4208 for ; Fri, 9 Jun 2023 11:37:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1686335837; x=1717871837; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Kqqh5ha8khfs4wbhJ6L5qG6qGaL9WXdzS8FyENlo0gA=; b=ZZXSZhkoTInxPwLd8uHBteQJMYAoCgsZwGFkjjqKkiCaRjM5qi11p/1f hrYRVEiUIx8oua9XygkdkDTRJwL7+yE2wDVGUUZN/STlBka5wvXCWcx1u ocREf/n+Ys/KDI4FPHxxXLPuY352crIjwOO89CcAK/CjvUEEU4p6yGy1m cHnWPsOCfl67XpL55PJilWAdF47MwhJ3iFijrHZ01iIMKJJI4mraynmOZ RCEIm+oRxDqfkuaU2GWTByZTBjRVoJ0uWs5JfEcTAk5wvy5FjLf4yjclR 8Nfw6C1gdzxHZhI0gMebD19a+chY+Mznlq/eDRK3VLE8274Lqem6AKwPD w==; X-IronPort-AV: E=McAfee;i="6600,9927,10736"; a="338022190" X-IronPort-AV: E=Sophos;i="6.00,230,1681196400"; d="scan'208";a="338022190" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Jun 2023 11:37:17 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10736"; a="710444084" X-IronPort-AV: E=Sophos;i="6.00,230,1681196400"; d="scan'208";a="710444084" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orsmga002.jf.intel.com with ESMTP; 09 Jun 2023 11:37:14 -0700 From: Alexander Shishkin To: linux-kernel@vger.kernel.org, x86@kernel.org, Andy Lutomirski , Dave Hansen , Ravi Shankar , Tony Luck , Sohil Mehta Cc: Alexander Shishkin Subject: [PATCH v3 09/12] x86/vsyscall: Disable LASS if vsyscall mode is set to EMULATE Date: Fri, 9 Jun 2023 21:36:29 +0300 Message-Id: <20230609183632.48706-10-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230609183632.48706-1-alexander.shishkin@linux.intel.com> References: <20230609183632.48706-1-alexander.shishkin@linux.intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1768252106304584800?= X-GMAIL-MSGID: =?utf-8?q?1768252106304584800?= From: Sohil Mehta The EMULATE mode of vsyscall maps the vsyscall page into user address space which can be read directly by the user application. This mode has been deprecated recently and can only be enabled from a special command line parameter vsyscall=emulate. See commit bf00745e7791 ("x86/vsyscall: Remove CONFIG_LEGACY_VSYSCALL_EMULATE") Fixing the LASS violations during the EMULATE mode would need complex instruction decoding since the resulting #GP fault does not include any useful error information and the vsyscall address is not readily available in the RIP. At this point, no one is expected to be using the insecure and deprecated EMULATE mode. The rare usages that need support probably don't care much about security anyway. Disable LASS when EMULATE mode is requested during command line parsing to avoid breaking user software. LASS will be supported if vsyscall mode is set to XONLY or NONE. Signed-off-by: Sohil Mehta Signed-off-by: Alexander Shishkin --- arch/x86/entry/vsyscall/vsyscall_64.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c index 76e1344997d2..edd58eda8f50 100644 --- a/arch/x86/entry/vsyscall/vsyscall_64.c +++ b/arch/x86/entry/vsyscall/vsyscall_64.c @@ -36,6 +36,7 @@ #include #include #include +#include #include #include @@ -63,6 +64,13 @@ static int __init vsyscall_setup(char *str) else return -EINVAL; + if (cpu_feature_enabled(X86_FEATURE_LASS) && + vsyscall_mode == EMULATE) { + cr4_clear_bits(X86_CR4_LASS); + setup_clear_cpu_cap(X86_FEATURE_LASS); + pr_info_once("x86/cpu: Disabling LASS support due to vsyscall=emulate\n"); + } + return 0; }