Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753621AbbF3RIa (ORCPT ); Tue, 30 Jun 2015 13:08:30 -0400 Received: from mail-la0-f54.google.com ([209.85.215.54]:35951 "EHLO mail-la0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753821AbbF3RIV (ORCPT ); Tue, 30 Jun 2015 13:08:21 -0400 MIME-Version: 1.0 In-Reply-To: <20150630170103.GF23297@pd.tnic> References: <20150630170103.GF23297@pd.tnic> From: Andy Lutomirski Date: Tue, 30 Jun 2015 10:08:00 -0700 Message-ID: Subject: Re: [PATCH v4 07/17] x86/traps: Assert that we're in CONTEXT_KERNEL in exception entries To: Borislav Petkov Cc: Andy Lutomirski , X86 ML , "linux-kernel@vger.kernel.org" , =?UTF-8?B?RnLDqWTDqXJpYyBXZWlzYmVja2Vy?= , Rik van Riel , Oleg Nesterov , Denys Vlasenko , Kees Cook , Brian Gerst , Paul McKenney Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2917 Lines: 69 On Tue, Jun 30, 2015 at 10:01 AM, Borislav Petkov wrote: > On Mon, Jun 29, 2015 at 12:33:39PM -0700, Andy Lutomirski wrote: >> Other than the super-atomic exception entries, all exception entries >> are supposed to switch our context tracking state to CONTEXT_KERNEL. >> Assert that they do. These assertions appear trivial at this point, >> as exception_enter is the function responsible for switching >> context, but I'm planning on reworking x86's exception context >> tracking, and these assertions will help make sure that all of this >> code keeps working. >> >> Signed-off-by: Andy Lutomirski >> --- >> arch/x86/kernel/traps.c | 9 +++++++++ >> 1 file changed, 9 insertions(+) >> >> diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c >> index f5791927aa64..2a783c4fe0e9 100644 >> --- a/arch/x86/kernel/traps.c >> +++ b/arch/x86/kernel/traps.c >> @@ -292,6 +292,8 @@ static void do_error_trap(struct pt_regs *regs, long error_code, char *str, >> enum ctx_state prev_state = exception_enter(); >> siginfo_t info; >> >> + CT_WARN_ON(ct_state() != CONTEXT_KERNEL); >> + >> if (notify_die(DIE_TRAP, str, regs, error_code, trapnr, signr) != >> NOTIFY_STOP) { >> conditional_sti(regs); >> @@ -376,6 +378,7 @@ dotraplinkage void do_bounds(struct pt_regs *regs, long error_code) >> siginfo_t *info; >> >> prev_state = exception_enter(); >> + CT_WARN_ON(ct_state() != CONTEXT_KERNEL); >> if (notify_die(DIE_TRAP, "bounds", regs, error_code, >> X86_TRAP_BR, SIGSEGV) == NOTIFY_STOP) >> goto exit; >> @@ -457,6 +460,7 @@ do_general_protection(struct pt_regs *regs, long error_code) >> enum ctx_state prev_state; >> >> prev_state = exception_enter(); >> + CT_WARN_ON(ct_state() != CONTEXT_KERNEL); >> conditional_sti(regs); >> >> if (v8086_mode(regs)) { >> @@ -514,6 +518,7 @@ dotraplinkage void notrace do_int3(struct pt_regs *regs, long error_code) >> return; >> >> prev_state = ist_enter(regs); >> + CT_WARN_ON(ct_state() != CONTEXT_KERNEL); > > Yeah, so any chance those assertions can be moved at the end of both > ist_enter() and exception_enter()? > > Yeah, I read above that you're planning to rework it but it is cleaner > to have them at the end of the _enter() functions instead in all those > trap handlers, no...? > I would agree, except that I remove the exception_enter calls later in the series, so that wouldn't work. Maybe we should move them into common code outside the specific exception handlers (idtentry?) when the dust settles. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/