From patchwork Tue Dec 12 14:05:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tip-bot2 for Thomas Gleixner X-Patchwork-Id: 177371 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp7743671vqy; Tue, 12 Dec 2023 06:06:17 -0800 (PST) X-Google-Smtp-Source: AGHT+IFgIvFWFzk3nMcqDgO0/YbLSItlDm4GjsRM7RuR+NFM2i7XiZjPNniaNc3vnCaByL7Sij5Z X-Received: by 2002:a05:6a00:6596:b0:6ce:50d0:355f with SMTP id hd22-20020a056a00659600b006ce50d0355fmr5384237pfb.67.1702389976755; Tue, 12 Dec 2023 06:06:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702389976; cv=none; d=google.com; s=arc-20160816; b=mozCBP6U+5bxx0bkl5PCNI6A0hBe2SL4gLRv7bOvv9fZ4Xch+tiUrKLe+76liFk79D Z61/afg4V1uxQ1DKtkTFWhb8rPRhC8mlKa4vklNfJYG/vtppqKue4RqWOmVIqDwfjDFR t2U8LqqxDIZDSKpYO+p+aKGj+/c7a8rspxxrS7K+JS6i2JGum4+pSpwhnUVXlgjNilvw I2UEv6tZVazmlmafJp4uhg7udUZdaQd8Cgj3jT+uqQO+dEIyCAKZ/pvnQ2H39hCR3se9 JMlA1PoZNAnGT2utLesdRBtni4ELNxfJAo7EhdYptzY1yOtDCEOe3J5RBM7MGL7/lxN3 RuHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:robot-unsubscribe :robot-id:message-id:mime-version:references:in-reply-to:cc:subject :to:reply-to:sender:from:dkim-signature:dkim-signature:date; bh=UcMokWq25uAys5K3zaZ/+MW+ia8KqiqZhTtnTFZPKas=; fh=1RdzwlqYiPIxXYjoL6EzERuHN0iFlJHyxNK6b/EOM2U=; b=iiPDfabIn2sHSOe/4jZA+O/qpRFO4/LP0bmo1QgokalMKMt6ZHrRA5D2lI3Hn+lla3 ojUj1lcTJa6vhGadV5x/+KQv9kRF+C0hZKJp47w59K16RCZI0glju7J+2Q2HoAz5PGVP mI9eUz+EOyce+WWABymskbCjgJB3z9h7xsh0S6Qth8UsPZtCgSJKJSDt0ISrp06XKT+H N0ibHH9uLNhE0BaN3XHRN7qunQuZOkMES/C2jjEZPKjj14SP5NDKBGizzWcs5ZXISvHH AfLnndFjtIZRRG8xabqK2HqCb5LmBou6nF+edcJVNTXMo08uubgWDJurer45BOmmkYQ1 6Isg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=h+eOd3J2; dkim=neutral (no key) header.i=@linutronix.de header.b=vJ2cDEMl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2]) by mx.google.com with ESMTPS id gx10-20020a056a001e0a00b006ce82bd93e4si7742393pfb.139.2023.12.12.06.06.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 06:06:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=h+eOd3J2; dkim=neutral (no key) header.i=@linutronix.de header.b=vJ2cDEMl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 73ED58051A3D; Tue, 12 Dec 2023 06:06:09 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1376451AbjLLOFz (ORCPT + 99 others); Tue, 12 Dec 2023 09:05:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54234 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1376435AbjLLOFs (ORCPT ); Tue, 12 Dec 2023 09:05:48 -0500 Received: from galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74CA0AD; Tue, 12 Dec 2023 06:05:54 -0800 (PST) Date: Tue, 12 Dec 2023 14:05:51 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1702389952; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=UcMokWq25uAys5K3zaZ/+MW+ia8KqiqZhTtnTFZPKas=; b=h+eOd3J2g2Iyqj5Eg0ooxHw6XCGxHg4gvtqhaOe60A/Q3U+CHD/9yTaL8EWrsUuwEUAD8a H4ti4m8WIPSdIRFeWrM8ZDsUTdvMnTfk1ckQjydATknUkjO6JY7WJaPsI/WAxBi+IwUWLK MMF++VomQG7dr7D5XWUKBRcG6p/WmXPtaCRiPJ75edW30PzZfIwcMZsQ2OyA9D7ACU7+0T YKjuDGeqMtr6byemJazGY5G6fVUepJQchULJ7r9laoVeWK2cdMrf5pAk8DCfCfpFFpC7lo zwntlr8N9yob1WqLoV4f8xYEHSt06C5UiN4GhatC8EehqONEs55OZ3vhF2hUBA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1702389952; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=UcMokWq25uAys5K3zaZ/+MW+ia8KqiqZhTtnTFZPKas=; b=vJ2cDEMliaJe9AtMpEZrJRw5/yBFpnHSXG23r8BCDBOu4sKkWssnPvKmwkcwfSNddwxf6E 02AIrP/6dBc/pfCA== From: "tip-bot2 for Nikolay Borisov" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/cleanups] x86/docs: Remove reference to syscall trampoline in PTI Cc: Nikolay Borisov , "Borislav Petkov (AMD)" , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20231102130204.41043-1-nik.borisov@suse.com> References: <20231102130204.41043-1-nik.borisov@suse.com> MIME-Version: 1.0 Message-ID: <170238995160.398.1051285467012003027.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Tue, 12 Dec 2023 06:06:09 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785085272251050520 X-GMAIL-MSGID: 1785085272251050520 The following commit has been merged into the x86/cleanups branch of tip: Commit-ID: 7a0a6d55ed93fe064039c4e014d5cf3a97391bbb Gitweb: https://git.kernel.org/tip/7a0a6d55ed93fe064039c4e014d5cf3a97391bbb Author: Nikolay Borisov AuthorDate: Thu, 02 Nov 2023 15:02:04 +02:00 Committer: Borislav Petkov (AMD) CommitterDate: Tue, 12 Dec 2023 14:43:59 +01:00 x86/docs: Remove reference to syscall trampoline in PTI Commit bf904d2762ee ("x86/pti/64: Remove the SYSCALL64 entry trampoline") removed the syscall trampoline and instead opted to enable using the default SYSCALL64 entry point by mapping the percpu TSS. Unfortunately, the PTI documentation wasn't updated when the respective changes were made, so bring the doc up to speed. Signed-off-by: Nikolay Borisov Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20231102130204.41043-1-nik.borisov@suse.com --- Documentation/arch/x86/pti.rst | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/Documentation/arch/x86/pti.rst b/Documentation/arch/x86/pti.rst index 4b858a9..e08d351 100644 --- a/Documentation/arch/x86/pti.rst +++ b/Documentation/arch/x86/pti.rst @@ -81,11 +81,9 @@ this protection comes at a cost: and exit (it can be skipped when the kernel is interrupted, though.) Moves to CR3 are on the order of a hundred cycles, and are required at every entry and exit. - b. A "trampoline" must be used for SYSCALL entry. This - trampoline depends on a smaller set of resources than the - non-PTI SYSCALL entry code, so requires mapping fewer - things into the userspace page tables. The downside is - that stacks must be switched at entry time. + b. Percpu TSS is mapped into the user page tables to allow SYSCALL64 path + to work under PTI. This doesn't have a direct runtime cost but it can + be argued it opens certain timing attack scenarios. c. Global pages are disabled for all kernel structures not mapped into both kernel and userspace page tables. This feature of the MMU allows different processes to share TLB @@ -167,7 +165,7 @@ that are worth noting here. * Failures of the selftests/x86 code. Usually a bug in one of the more obscure corners of entry_64.S * Crashes in early boot, especially around CPU bringup. Bugs - in the trampoline code or mappings cause these. + in the mappings cause these. * Crashes at the first interrupt. Caused by bugs in entry_64.S, like screwing up a page table switch. Also caused by incorrectly mapping the IRQ handler entry code.