From patchwork Fri Jan 26 09:39:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tip-bot2 for Thomas Gleixner X-Patchwork-Id: 192503 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:e09d:b0:103:945f:af90 with SMTP id gm29csp564879dyb; Fri, 26 Jan 2024 02:23:30 -0800 (PST) X-Google-Smtp-Source: AGHT+IHFA2KtT9poij2HhwQYSr526fPn4eS3Xwcn/lGIF84h30Ktg32ZWNEDmH3MPQ4fDzUNs9OL X-Received: by 2002:ac8:4e82:0:b0:42a:721f:b149 with SMTP id 2-20020ac84e82000000b0042a721fb149mr1165850qtp.39.1706264609838; Fri, 26 Jan 2024 02:23:29 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706264609; cv=pass; d=google.com; s=arc-20160816; b=HEA9Jmd4DkYXLltfJCZc1FOXu++626xABKJ5X9p/5zJI0pqOj/rsp7xXOk7XsCvHSo p7l0Xb789b4wSj3SXGEeyYT9tN25mgWxr2Rx9lM0OXnx5yuePee50ND6g7fLaozMQebO V8NwHppZwau0tVRvPBW85NIlha//ix2v1IyrJNqUDLOH6pxEOGWMdeMjElK9pZwHZ/FC llhNSaapziEFP9+du/d/zqtS82cQsCnLpc6stQd1uvUqL7MNAtFR0nRjYPt9XW9g8/mj kkj3Wrvcm4exyAirzyRE1VoQcz30TBg0fWn60ntsgc8GDQI0rAhP7gIHV1MsZeJ5GCuq +TVg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:precedence:robot-unsubscribe:robot-id :message-id:mime-version:list-unsubscribe:list-subscribe:list-id :precedence:references:in-reply-to:cc:subject:to:reply-to:sender :from:dkim-signature:dkim-signature:date; bh=/kptBAk4WpxQXuqRz6AFSlDXWJzh5Pf1EtgT7ZTLVJY=; fh=wcRIgBTYN6IXuZPxFmfQKFP0GkUlXDrr01RhUzrgtyU=; b=tiS6XlToBb7qBazNZto0uYnOzHGrHqPUL3tuLfRnyZPcdNMu/GbYGAGZQ+PnW+lOcE 6Qa8BrQ228dkhfYc2WfdVdHhEpDP/c362cdrnsN5IY5dUVBKoOH9+T47cuKcTO6cO2ue dvVqwqSkyazbRLSHrj1Vez7JOizyTpEyO2bD+YBaW42N1T49NvyswDS2IGn6dKtPtVZs HmnvVmBEImpYwbTj9L5JJfxYaecK6/bRAa1IuaN4pSDEKg90mJOtQE7s6ji1ShangfJd aSlAITkT3q6iJgqjr/qA6MHbnMPiqr2sIOdTJ3Pdzp9N3yHoL4P0rcVHUtU1UnCy9HSc 7Syw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=vtwIJfrR; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e; arc=pass (i=1 spf=pass spfdomain=linutronix.de dkim=pass dkdomain=linutronix.de dmarc=pass fromdomain=linutronix.de); spf=pass (google.com: domain of linux-kernel+bounces-39945-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-39945-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id q13-20020a05622a030d00b0042a71b4ef87si899927qtw.162.2024.01.26.02.23.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 02:23:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-39945-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=vtwIJfrR; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e; arc=pass (i=1 spf=pass spfdomain=linutronix.de dkim=pass dkdomain=linutronix.de dmarc=pass fromdomain=linutronix.de); spf=pass (google.com: domain of linux-kernel+bounces-39945-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-39945-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 14C791C2D41B for ; Fri, 26 Jan 2024 10:17:37 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0F59C6D1CD; Fri, 26 Jan 2024 09:39:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="vtwIJfrR"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="SsMjlvWF" Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E56CD6A340; Fri, 26 Jan 2024 09:39:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.142.43.55 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706261961; cv=none; b=uQ/GioFzYstJVa61Yo8eXcIt3G+G26dfrUm1upGAxT+0tZ6NABOlKF7VkiVgDyUA8UGBToCcfQFPbnJczoqnXlsdO60BfzyTUgkMlRpZxDUf21FzfnXUelcW+BofTS66ie6ptMtgt8WXcZsy67YAbYcvwgn7RNAXW+Ej6S1idw8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706261961; c=relaxed/simple; bh=8/nGVc25hEsrpaBi3vcfC0ze3rFc+5uJq/40Iyl91Xg=; h=Date:From:To:Subject:Cc:In-Reply-To:References:MIME-Version: Message-ID:Content-Type; b=JBbpsZ8GbaXll/AO6vj6s02KEngTf98YaI/ievdoMtdIIbm3aCb50G74UKtOaovKLx2ZsrmswcSKB02iugqcErToHK7RBm6ddKdU2cjXIipti42BdA7gbZnR2NA5Y2sy0tedo747U96ENIDGJsv3q6YayUc/vIQEqMACFmFbAjk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de; spf=pass smtp.mailfrom=linutronix.de; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=vtwIJfrR; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=SsMjlvWF; arc=none smtp.client-ip=193.142.43.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linutronix.de Date: Fri, 26 Jan 2024 09:39:11 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1706261952; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/kptBAk4WpxQXuqRz6AFSlDXWJzh5Pf1EtgT7ZTLVJY=; b=vtwIJfrRDWFMvNnG76AyALe2O9fv0z5oPDVBCUavXX+cvvCFS8MxOQVHjBI43TH4qmJsd9 2oScwKTDMDsobsWiRV2r1/nvfwyRhIHDXJfKGpXl6Fi/poHg0DcE7Fa8+mxe78pmxKYNu2 qNWENxgZKQG8mn3NA9sJ4/zErPa8SX4NVTGS7xW4zJ8iCcOljwr3zcMHUifObYtAKrDTkq l/iwQiDeBcF9LqMtKcZa46m1/NfyFMc0dBNEC/Q3ZH+6X3htG8A+RhGB3JYS03Ar5/mSbm xHiwGoFzNJZOg3ra0PpOi9AcV8FaFBNkO+wQ63eonHC5P7WM1tOm7BZcAkSIUA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1706261952; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/kptBAk4WpxQXuqRz6AFSlDXWJzh5Pf1EtgT7ZTLVJY=; b=SsMjlvWFAIHic/Vbg1uBsR0+hgBQcTAiIlLX2TuCFW4UG8P8ypARN89MBIjY1DGZ0ggBKR 0RRV+uwsn3YzdvCg== From: "tip-bot2 for Linus Torvalds" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/mm] x86/mm: Get rid of conditional IF flag handling in page fault path Cc: Linus Torvalds , Ingo Molnar , Thomas Gleixner , Andy Lutomirski , Brian Gerst , Denys Vlasenko , "H. Peter Anvin" , Josh Poimboeuf , Uros Bizjak , Sean Christopherson , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20240125173457.1281880-1-torvalds@linux-foundation.org> References: <20240125173457.1281880-1-torvalds@linux-foundation.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-ID: <170626195136.398.16499632195121642580.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Precedence: bulk X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789148119631487501 X-GMAIL-MSGID: 1789148119631487501 The following commit has been merged into the x86/mm branch of tip: Commit-ID: 8f588afe6256c50b3d1f8a671828fc4aab421c05 Gitweb: https://git.kernel.org/tip/8f588afe6256c50b3d1f8a671828fc4aab421c05 Author: Linus Torvalds AuthorDate: Thu, 25 Jan 2024 09:34:57 -08:00 Committer: Ingo Molnar CommitterDate: Fri, 26 Jan 2024 10:27:54 +01:00 x86/mm: Get rid of conditional IF flag handling in page fault path We had this nonsensical code that would happily handle kernel page faults with interrupts disabled, which makes no sense at all. It turns out that this is legacy code that _used_ to make sense, back when we enabled IRQs as early as possible, and we used to have this code sequence essentially immediately after reading the faulting address from the %cr2 register. Back then, we could have kernel page faults to populate the vmalloc area with interrupts disabled, and they would need to stay disabled for that case. However, the code in question has been moved down in the page fault handling, and is now in the "handle faults in user addresses" section, and apparently nobody ever noticed that it no longer makes sense to handle these page faults with interrupts conditionally disabled. So replace the conditional IRQ enable: if (regs->flags & X86_EFLAGS_IF) local_irq_enable(); with an unconditional one, and add a temporary WARN_ON_ONCE() if some codepath actually does do page faults with interrupts disabled (without also doing a pagefault_disable(), of course). NOTE! We used to allow user space to disable interrupts with iopl(3). That is no longer true since commits: a24ca9976843 ("x86/iopl: Remove legacy IOPL option") b968e84b509d ("x86/iopl: Fake iopl(3) CLI/STI usage") so the WARN_ON_ONCE() is valid for both the kernel and user situation. For some of the history relevant to this code, see particularly commit 8c914cb704a1 ("x86_64: actively synchronize vmalloc area when registering certain callbacks"), which moved this below the vmalloc fault handling. Now that the user_mode() check is irrelevant, we can also move the FAULT_FLAG_USER flag setting down to where the other flag settings are done. Signed-off-by: Linus Torvalds Signed-off-by: Ingo Molnar Acked-by: Thomas Gleixner Cc: Andy Lutomirski Cc: Brian Gerst Cc: Denys Vlasenko Cc: H. Peter Anvin Cc: Josh Poimboeuf Cc: Uros Bizjak Cc: Sean Christopherson Link: https://lore.kernel.org/r/20240125173457.1281880-1-torvalds@linux-foundation.org --- arch/x86/mm/fault.c | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 679b09c..150e002 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -1302,21 +1302,14 @@ void do_user_addr_fault(struct pt_regs *regs, return; } - /* - * It's safe to allow irq's after cr2 has been saved and the - * vmalloc fault has been handled. - * - * User-mode registers count as a user access even for any - * potential system fault or CPU buglet: - */ - if (user_mode(regs)) { - local_irq_enable(); - flags |= FAULT_FLAG_USER; - } else { - if (regs->flags & X86_EFLAGS_IF) - local_irq_enable(); + /* Legacy check - remove this after verifying that it doesn't trigger */ + if (WARN_ON_ONCE(!(regs->flags & X86_EFLAGS_IF))) { + bad_area_nosemaphore(regs, error_code, address); + return; } + local_irq_enable(); + perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address); /* @@ -1332,6 +1325,14 @@ void do_user_addr_fault(struct pt_regs *regs, if (error_code & X86_PF_INSTR) flags |= FAULT_FLAG_INSTRUCTION; + /* + * We set FAULT_FLAG_USER based on the register state, not + * based on X86_PF_USER. User space accesses that cause + * system page faults are still user accesses. + */ + if (user_mode(regs)) + flags |= FAULT_FLAG_USER; + #ifdef CONFIG_X86_64 /* * Faults in the vsyscall page might need emulation. The