| Message ID | 20230801083318.8363-8-xin3.li@intel.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp2567519vqg;
Tue, 1 Aug 2023 03:17:00 -0700 (PDT)
X-Google-Smtp-Source:
APBJJlEPvxEov02olv3WfVQXXawZPhgUhhpiy6/9aNgicm0A4Q4Dwre2G0Ojh8oT8V/JEn9ioDOi
X-Received: by 2002:a17:90b:3645:b0:268:7b9b:f23e with SMTP id
nh5-20020a17090b364500b002687b9bf23emr10030727pjb.24.1690885020501;
Tue, 01 Aug 2023 03:17:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690885020; cv=none;
d=google.com; s=arc-20160816;
b=ZDFUhOQSKcVEXLrq+1phauCmzEffseF9+3XLDAEAMEh8C2SbrOFiCQf+76EIlyghs6
8Q6jQlmURdI1Vk93l/53TUaUTGcUTgjqTrlWmZwTgx/N5gHZHAmRqwLAf7PYYWpp/bhG
mAuIN04QvU5eE3Kw4NV4awHrMXCyjdi8ZFtTWJu3N/rWbuNnR5whLmeck6xgaVuEHAJB
ebPo5n4qVSuUrD3lzwHDDrcxn7yvNiaeAt7clklP0XsL88db+ycS/rE2OoWvn0RON9OH
xHEe3YMs3ui7tl6ROmszDp6FJX01bjr1KOb6zJ/VSr+9kOLrzQY5nC6bPzJyOn70e3dY
ZVUg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:dkim-signature;
bh=p22hP0HEFwwSuYTq7VXyMIivtpI5lFGgw01GH5LH5G4=;
fh=nYO9ukkM7JnAAJZcChGC8UWBlCLXeJxIDT82cxoIaf0=;
b=Oe9Jo7zlLfXu2SuEh3RRtIQg95zwmmcnsWFSiGZ47sb+LF5HjDTLEJGBY+GGih9q4t
h2UjKRc20CJoA4WKHWOYAgeK+PxDJkMt1FdD6JjdqKU1iAzpAjZURR15Iz6OKhmnw4Q/
yeamzyf1Ttk8cpf0dn3wtsK4mor7o4zV2MgH8aeVwEtYy4UX2ptjl0bYrVIMo9nFTOJ5
aZ8OXYsBLIb10Shpp3mIWVsSWaHODLpIoawz8dc0bhzNcpb9d+pnkCjlmli/IZmuN3+7
UQSWvAb4T9JGIRB+8pSxUskrVHEJgIym07TkmnoAZQqLoTaxuQ9kzDQfsOjUTkVBx/p2
yxSA==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=I1loXoeE;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
oc17-20020a17090b1c1100b0025be132d177si10762172pjb.60.2023.08.01.03.16.47;
Tue, 01 Aug 2023 03:17:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=I1loXoeE;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S232299AbjHAJDz (ORCPT <rfc822;maxi.paulin@gmail.com>
+ 99 others); Tue, 1 Aug 2023 05:03:55 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59850 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S232476AbjHAJCx (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 1 Aug 2023 05:02:53 -0400
Received: from mgamail.intel.com (unknown [134.134.136.31])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5351A2D41;
Tue, 1 Aug 2023 02:02:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
t=1690880535; x=1722416535;
h=from:to:cc:subject:date:message-id:in-reply-to:
references:mime-version:content-transfer-encoding;
bh=ks9fQ3QR6UqRMocjQpLz+yk1iYvQPVTbiFl2BDd8yPg=;
b=I1loXoeE3vzkjwBPhU2sYpo5+qnRfwc6Og74gZvtkUr590rQAr353XX7
hsYwU03p/mAF+0QWv5SNFC+i457wFUd+Sq43pR8VYtB3onnBOPEXsDKk0
JJC6K+Oz+/PuaQNjD734bZSrALKbP/g0p22ehRiv0HrDI/GyCIQ7btKH7
8dXrSZ7a6ULfk/q0OvzSiJSOhy30AV3oD5Gc2ARiDZGejreAX4JQ9WcoZ
2Xn1fVhGBZHGHTZi+RpaRSzKr0cP+zzgfhcVU4mTniwPZ7HPF5jmEKI3N
BQqEZwZ2mzxVUSK7p6u6g6Bd+EcdszJa6U96dPhrQsIfvQl+StdC7tqj5
w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10788"; a="433082266"
X-IronPort-AV: E=Sophos;i="6.01,246,1684825200";
d="scan'208";a="433082266"
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
01 Aug 2023 02:01:57 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10788"; a="975216979"
X-IronPort-AV: E=Sophos;i="6.01,246,1684825200";
d="scan'208";a="975216979"
Received: from unknown (HELO fred..) ([172.25.112.68])
by fmsmga006.fm.intel.com with ESMTP; 01 Aug 2023 02:01:56 -0700
From: Xin Li <xin3.li@intel.com>
To: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-edac@vger.kernel.org, linux-hyperv@vger.kernel.org,
kvm@vger.kernel.org, xen-devel@lists.xenproject.org
Cc: Jonathan Corbet <corbet@lwn.net>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>, x86@kernel.org,
"H . Peter Anvin" <hpa@zytor.com>,
Andy Lutomirski <luto@kernel.org>,
Oleg Nesterov <oleg@redhat.com>,
Tony Luck <tony.luck@intel.com>,
"K . Y . Srinivasan" <kys@microsoft.com>,
Haiyang Zhang <haiyangz@microsoft.com>,
Wei Liu <wei.liu@kernel.org>, Dexuan Cui <decui@microsoft.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Sean Christopherson <seanjc@google.com>,
Peter Zijlstra <peterz@infradead.org>,
Juergen Gross <jgross@suse.com>,
Stefano Stabellini <sstabellini@kernel.org>,
Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>,
Josh Poimboeuf <jpoimboe@kernel.org>,
"Paul E . McKenney" <paulmck@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Randy Dunlap <rdunlap@infradead.org>,
Steven Rostedt <rostedt@goodmis.org>,
Kim Phillips <kim.phillips@amd.com>,
Xin Li <xin3.li@intel.com>,
Hyeonggon Yoo <42.hyeyoo@gmail.com>,
"Liam R . Howlett" <Liam.Howlett@Oracle.com>,
Sebastian Reichel <sebastian.reichel@collabora.com>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
Suren Baghdasaryan <surenb@google.com>,
Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Babu Moger <babu.moger@amd.com>,
Jim Mattson <jmattson@google.com>,
Sandipan Das <sandipan.das@amd.com>,
Lai Jiangshan <jiangshanlai@gmail.com>,
Hans de Goede <hdegoede@redhat.com>,
Reinette Chatre <reinette.chatre@intel.com>,
Daniel Sneddon <daniel.sneddon@linux.intel.com>,
Breno Leitao <leitao@debian.org>,
Nikunj A Dadhania <nikunj@amd.com>,
Brian Gerst <brgerst@gmail.com>,
Sami Tolvanen <samitolvanen@google.com>,
Alexander Potapenko <glider@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
Arnd Bergmann <arnd@arndb.de>,
"Eric W . Biederman" <ebiederm@xmission.com>,
Kees Cook <keescook@chromium.org>,
Masami Hiramatsu <mhiramat@kernel.org>,
Masahiro Yamada <masahiroy@kernel.org>,
Ze Gao <zegao2021@gmail.com>, Fei Li <fei1.li@intel.com>,
Conghui <conghui.chen@intel.com>,
Ashok Raj <ashok.raj@intel.com>,
"Jason A . Donenfeld" <Jason@zx2c4.com>,
Mark Rutland <mark.rutland@arm.com>,
Jacob Pan <jacob.jun.pan@linux.intel.com>,
Jiapeng Chong <jiapeng.chong@linux.alibaba.com>,
Jane Malalane <jane.malalane@citrix.com>,
David Woodhouse <dwmw@amazon.co.uk>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Arnaldo Carvalho de Melo <acme@redhat.com>,
Yantengsi <siyanteng@loongson.cn>,
Christophe Leroy <christophe.leroy@csgroup.eu>,
Sathvika Vasireddy <sv@linux.ibm.com>
Subject: [PATCH RESEND v9 07/36] x86/cpu: Add X86_CR4_FRED macro
Date: Tue, 1 Aug 2023 01:32:49 -0700
Message-Id: <20230801083318.8363-8-xin3.li@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20230801083318.8363-1-xin3.li@intel.com>
References: <20230801083318.8363-1-xin3.li@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED
autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1773021451042758891
X-GMAIL-MSGID: 1773021451042758891
|
| Series |
x86: enable FRED for x86-64
|
|
Commit Message
Li, Xin3
Aug. 1, 2023, 8:32 a.m. UTC
From: "H. Peter Anvin (Intel)" <hpa@zytor.com> Add X86_CR4_FRED macro for the FRED bit in %cr4. This bit should be a pinned bit, not to be changed after initialization. CR4 macros are defined in arch/x86/include/uapi/asm/processor-flags.h, which is uapi, and thus cannot depend on CONFIG_X86_64. Using _BITUL() causes build errors on 32 bits, and there is no guarantee that user space applications (e.g. something like Qemu) might not want to use this declaration even when building for i386 or x32. However, %cr4 is a machine word (unsigned long), so to avoid build warnings on 32 bits, explicitly cast the value to unsigned long, truncating upper 32 bits. The other alternative would be to use CONFIG_X86_64 around the definition of cr4_pinned_mask. It is probably not desirable to make cr4_pinned_mask non-const. Another option, which may be preferable, to be honest: explicitly enumerate the CR4 bits which *may* be changed (a whitelist), instead of the ones that may not. That would be a separate, pre-FRED, patch, and would automatically resolve this problem as a side effect. The following flags probably should have been in this set all along, as they are all controls affecting the kernel runtime environment as opposed to user space: X86_CR4_DE, X86_CR4_PAE, X86_CR4_PSE, X86_CR4_MCE, X86_CR4_PGE, X86_CR4_OSFXSR, X86_CR4_OSXMMEXCPT, X86_CR4_LA57, X86_CR4_PCIDE, X86_CR4_LAM_SUP Possibly X86_CR4_VMXE as well, which seems harmless even if KVM is not loaded; X86_CR4_PKE can be fixed as long as the PKE configuration registers are at least initialized to disabled. It is relatively simple to do an audit of which flags are allowed to be modified at runtime and whitelist only those. There is no reason why we should allow bits in CR4 to be toggled by default. Signed-off-by: H. Peter Anvin (Intel) <hpa@zytor.com> Tested-by: Shan Kang <shan.kang@intel.com> Signed-off-by: Xin Li <xin3.li@intel.com> --- arch/x86/include/uapi/asm/processor-flags.h | 2 ++ arch/x86/kernel/cpu/common.c | 5 +++-- 2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/uapi/asm/processor-flags.h b/arch/x86/include/uapi/asm/processor-flags.h index d898432947ff..ce08c2ca70b5 100644 --- a/arch/x86/include/uapi/asm/processor-flags.h +++ b/arch/x86/include/uapi/asm/processor-flags.h @@ -138,6 +138,8 @@ #define X86_CR4_CET _BITUL(X86_CR4_CET_BIT) #define X86_CR4_LAM_SUP_BIT 28 /* LAM for supervisor pointers */ #define X86_CR4_LAM_SUP _BITUL(X86_CR4_LAM_SUP_BIT) +#define X86_CR4_FRED_BIT 32 /* enable FRED kernel entry */ +#define X86_CR4_FRED _BITULL(X86_CR4_FRED_BIT) /* * x86-64 Task Priority Register, CR8 diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 0ba1067f4e5f..331b06d19f7f 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -402,8 +402,9 @@ static __always_inline void setup_umip(struct cpuinfo_x86 *c) /* These bits should not change their value after CPU init is finished. */ static const unsigned long cr4_pinned_mask = - X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_UMIP | - X86_CR4_FSGSBASE | X86_CR4_CET; + (unsigned long) + (X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_UMIP | + X86_CR4_FSGSBASE | X86_CR4_CET | X86_CR4_FRED); static DEFINE_STATIC_KEY_FALSE_RO(cr_pinning); static unsigned long cr4_pinned_bits __ro_after_init;