From patchwork Fri Jun 16 12:57:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Borisov X-Patchwork-Id: 109119 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1334040vqr; Fri, 16 Jun 2023 06:14:20 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5UrQ03NLtIL3eS04jktYOJI0oTOWZlEFjgZoVIr6K55XpLB4+wsOEWnhPdLvnJb+kmzUjZ X-Received: by 2002:a05:6a20:958e:b0:112:bdd3:9b81 with SMTP id iu14-20020a056a20958e00b00112bdd39b81mr2092541pzb.15.1686921259757; Fri, 16 Jun 2023 06:14:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686921259; cv=none; d=google.com; s=arc-20160816; b=klwsQRKAkHP+N2yHsu31/PWeG78+35E5WwPJmFjBYaJjyA5Qbf6LHFCQDQI8ybjlG+ cm/UV2vBYTxVkO2gxT+sj905QrAQBN1ShXRkZvURpQ5MhkdB8GcrqE0yC3JciOu7H+kZ ihYuOp12VaXnVq4CYO1q0aZ7Q/DtyU4KOUGNy0j5u+vtqhL/sGsPT8ikT29bikSiUMp2 W6W8DA2xqdB42rHubW1se5pEK7YUpce983vE9kCTlH9oejIGEKb28dhbGWcem3ErMJZb 1JhPW1SrgWdtQTbG3+zQfTSjaQC0b+gSUqTCk6T7NufJPSimziXe+P1xP5P4d2GML6og iGdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=r5l0I7eBFBkp7pUTsqoXpH4MWyzhP0CIq3tLVPiIHsU=; b=dJHzatQBMP/pa9ONF/jRGjyP9aURpcsCGyyY0XUJPWwwSl+VKX3wxVwUavGGf+k0FC cSsnTbn2Sdds94hskcQ1VtccjCWs4aGzlLHSdyqadNKKMZkr4IAftdPq5iE0ZQ61aRG2 61rlU9uV7cKYWTyWNPAGGq5obJnKG/8XD/cN+OVCeCdHxF/ln4ufWNRwdHtRHH6FUV+E KWClYX21421UXXxXtjsNZPFbeY24iKchQx5Bq27OJMXT2MiQjkES26SNkX047IC8TT7/ co9tTDJvcH0v5Q8FRB0B1BNYkrulNpidrZ5a85CcU034aHuJ5XSBArc4g6MG02T6WfeK DAMA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=cvjqFwbI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a73-20020a63904c000000b0055386e1eba2si130976pge.676.2023.06.16.06.14.04; Fri, 16 Jun 2023 06:14:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=cvjqFwbI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345582AbjFPM6L (ORCPT + 99 others); Fri, 16 Jun 2023 08:58:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49022 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345514AbjFPM5y (ORCPT ); Fri, 16 Jun 2023 08:57:54 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BADAD358E for ; Fri, 16 Jun 2023 05:57:53 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 6E7D31F8B2; Fri, 16 Jun 2023 12:57:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1686920272; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=r5l0I7eBFBkp7pUTsqoXpH4MWyzhP0CIq3tLVPiIHsU=; b=cvjqFwbIX1EbCJBxsJDSHICFEY49CCSjHjsusezFZX0nf8PgWIwcdUmwr8BkGMiI/8Z3Om GMYT8BXRO8KlstTDTqOECV2KYZWP0yN/rfJF07NP2ZIIqScSVeUss66l9S3qf/gGGNWS1q biozn1b7AL5yTmeST4U4XgBfxYF5DhA= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 19CBA1330B; Fri, 16 Jun 2023 12:57:52 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id kEWaA1BcjGTjNwAAMHmgww (envelope-from ); Fri, 16 Jun 2023 12:57:52 +0000 From: Nikolay Borisov To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, mhocko@suse.com, jslaby@suse.cz, Nikolay Borisov Subject: [PATCH v3 5/5] x86/entry: Make IA32 syscalls' availability depend on ia32_enabled() Date: Fri, 16 Jun 2023 15:57:30 +0300 Message-Id: <20230616125730.1164989-6-nik.borisov@suse.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230616125730.1164989-1-nik.borisov@suse.com> References: <20230616125730.1164989-1-nik.borisov@suse.com> MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1768865146894278450?= X-GMAIL-MSGID: =?utf-8?q?1768865146894278450?= Another major aspect of supporting running of 32bit processes is the ability to access 32bit syscalls. Such syscalls are invoked either by using the legacy int 0x80 call gate interface or via the newer sysenter instruction. Ensure that if ia32 emulation is disabled (either at compile time or runtime) then those 2 syscall mechanisms are also disabled. Signed-off-by: Nikolay Borisov --- arch/x86/include/asm/proto.h | 3 +++ arch/x86/kernel/cpu/common.c | 37 ++++++++++++++++++------------------ arch/x86/kernel/idt.c | 10 ++++++++++ 3 files changed, 32 insertions(+), 18 deletions(-) diff --git a/arch/x86/include/asm/proto.h b/arch/x86/include/asm/proto.h index 12ef86b19910..1241d27fc4a6 100644 --- a/arch/x86/include/asm/proto.h +++ b/arch/x86/include/asm/proto.h @@ -36,6 +36,9 @@ void entry_INT80_compat(void); #ifdef CONFIG_XEN_PV void xen_entry_INT80_compat(void); #endif +#else /* #CONFIG_IA32_EMULATION */ +#define entry_SYSCALL_compat NULL +#define entry_SYSENTER_compat NULL #endif void x86_configure_nx(void); diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index b20774181e1a..aafb83d1b3a7 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -59,6 +59,7 @@ #include #include #include +#include #include #include #include @@ -2053,24 +2054,24 @@ void syscall_init(void) wrmsr(MSR_STAR, 0, (__USER32_CS << 16) | __KERNEL_CS); wrmsrl(MSR_LSTAR, (unsigned long)entry_SYSCALL_64); -#ifdef CONFIG_IA32_EMULATION - wrmsrl_cstar((unsigned long)entry_SYSCALL_compat); - /* - * This only works on Intel CPUs. - * On AMD CPUs these MSRs are 32-bit, CPU truncates MSR_IA32_SYSENTER_EIP. - * This does not cause SYSENTER to jump to the wrong location, because - * AMD doesn't allow SYSENTER in long mode (either 32- or 64-bit). - */ - wrmsrl_safe(MSR_IA32_SYSENTER_CS, (u64)__KERNEL_CS); - wrmsrl_safe(MSR_IA32_SYSENTER_ESP, - (unsigned long)(cpu_entry_stack(smp_processor_id()) + 1)); - wrmsrl_safe(MSR_IA32_SYSENTER_EIP, (u64)entry_SYSENTER_compat); -#else - wrmsrl_cstar((unsigned long)entry_SYSCALL32_ignore); - wrmsrl_safe(MSR_IA32_SYSENTER_CS, (u64)GDT_ENTRY_INVALID_SEG); - wrmsrl_safe(MSR_IA32_SYSENTER_ESP, 0ULL); - wrmsrl_safe(MSR_IA32_SYSENTER_EIP, 0ULL); -#endif + if (ia32_enabled()) { + wrmsrl_cstar((unsigned long)entry_SYSCALL_compat); + /* + * This only works on Intel CPUs. + * On AMD CPUs these MSRs are 32-bit, CPU truncates MSR_IA32_SYSENTER_EIP. + * This does not cause SYSENTER to jump to the wrong location, because + * AMD doesn't allow SYSENTER in long mode (either 32- or 64-bit). + */ + wrmsrl_safe(MSR_IA32_SYSENTER_CS, (u64)__KERNEL_CS); + wrmsrl_safe(MSR_IA32_SYSENTER_ESP, + (unsigned long)(cpu_entry_stack(smp_processor_id()) + 1)); + wrmsrl_safe(MSR_IA32_SYSENTER_EIP, (u64)entry_SYSENTER_compat); + } else { + wrmsrl_cstar((unsigned long)entry_SYSCALL32_ignore); + wrmsrl_safe(MSR_IA32_SYSENTER_CS, (u64)GDT_ENTRY_INVALID_SEG); + wrmsrl_safe(MSR_IA32_SYSENTER_ESP, 0ULL); + wrmsrl_safe(MSR_IA32_SYSENTER_EIP, 0ULL); + } /* * Flags to clear on syscall; clear as much as possible diff --git a/arch/x86/kernel/idt.c b/arch/x86/kernel/idt.c index a58c6bc1cd68..c76953656212 100644 --- a/arch/x86/kernel/idt.c +++ b/arch/x86/kernel/idt.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #define DPL0 0x0 @@ -116,6 +117,9 @@ static const __initconst struct idt_data def_idts[] = { #endif SYSG(X86_TRAP_OF, asm_exc_overflow), +}; + +static const struct idt_data ia32_idt[] __initconst = { #if defined(CONFIG_IA32_EMULATION) SYSG(IA32_SYSCALL_VECTOR, entry_INT80_compat), #elif defined(CONFIG_X86_32) @@ -226,6 +230,12 @@ void __init idt_setup_early_traps(void) void __init idt_setup_traps(void) { idt_setup_from_table(idt_table, def_idts, ARRAY_SIZE(def_idts), true); + + if (ia32_enabled()) { + idt_setup_from_table(idt_table, ia32_idt, ARRAY_SIZE(ia32_idt), + true); + } + } #ifdef CONFIG_X86_64