Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1755779AbcCBUKy (ORCPT <rfc822;w@1wt.eu>);
	Wed, 2 Mar 2016 15:10:54 -0500
Received: from mail-am1on0076.outbound.protection.outlook.com ([157.56.112.76]:39376
	"EHLO emea01-am1-obe.outbound.protection.outlook.com"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S1754238AbcCBUKq (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Wed, 2 Mar 2016 15:10:46 -0500
Authentication-Results: spf=fail (sender IP is 12.216.194.146)
 smtp.mailfrom=ezchip.com; ezchip.com; dkim=none (message not signed)
 header.d=none;ezchip.com; dmarc=none action=none header.from=ezchip.com;
From: Chris Metcalf <cmetcalf@ezchip.com>
To: Gilad Ben Yossef <giladb@ezchip.com>, Steven Rostedt <rostedt@goodmis.org>,
        Ingo Molnar <mingo@kernel.org>, Peter Zijlstra <peterz@infradead.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        "Rik van Riel" <riel@redhat.com>, Tejun Heo <tj@kernel.org>,
        Frederic Weisbecker <fweisbec@gmail.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
        Christoph Lameter <cl@linux.com>,
        Viresh Kumar <viresh.kumar@linaro.org>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Will Deacon <will.deacon@arm.com>,
        Andy Lutomirski <luto@amacapital.net>,
        Mark Rutland <mark.rutland@arm.com>,
        <linux-arm-kernel@lists.infradead.org>, <linux-kernel@vger.kernel.org>
CC: Chris Metcalf <cmetcalf@ezchip.com>
Subject: [PATCH v10 12/12] arch/arm64: enable task isolation functionality
Date: Wed, 2 Mar 2016 15:09:36 -0500
Message-ID: <1456949376-4910-13-git-send-email-cmetcalf@ezchip.com>
X-Mailer: git-send-email 2.1.2
In-Reply-To: <1456949376-4910-1-git-send-email-cmetcalf@ezchip.com>
References: <1456949376-4910-1-git-send-email-cmetcalf@ezchip.com>
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CPI:12.216.194.146;IPV:NLI;CTRY:US;EFV:NLI;SFV:NSPM;SFS:(10009020)(6009001)(2980300002)(1109001)(339900001)(189002)(199003)(5003940100001)(33646002)(19580405001)(2201001)(189998001)(19580395003)(50226001)(5001970100001)(107886002)(5008740100001)(85426001)(50466002)(81156011)(2950100001)(48376002)(11100500001)(104016004)(229853001)(6806005)(5001770100001)(2906002)(1096002)(106466001)(87936001)(50986999)(76176999)(4326007)(586003)(42186005)(105606002)(36756003)(47776003)(92566002)(4001430100002)(1220700001)(921003)(42882005)(1121003)(83996005)(2101003);DIR:OUT;SFP:1101;SCL:1;SRVR:VI1PR05MB1696;H:ld-1.internal.tilera.com;FPR:;SPF:Fail;MLV:sfv;MX:1;A:1;LANG:en;
X-Microsoft-Exchange-Diagnostics: 1;DB3FFO11FD033;1:32qWnNWm4vXtDacRF7VdKIRK/EexsUW1oC1hRd9R1i98YXpOThiPf7UJwzdEhLklw98N1sJ6IVCLe89cFw//P8YuLDC2UMs+oCIJIJ7b/pcWkZED2XfOKhlguba5/HR4egg6ygH+ajjZk+3Lj4+sPJQf6NrkaM53EiATNyrzN+QpJjodQH6lWWNAumrRctAKECHMJXg+oToyk2RCCeBSFP7mIhavuTLRjnOxznFKOn5cYAFx+upGir9mQcV/rTyv1Q28TP3XzEjncBFj/cpl1hxFL3oqte1Cex/t3IPKyJnDR+BSzy9HZ/mXSFjPVae7bmyv23XsdH216UZegCZjs+HkCN0Cc1iKPoBIiIVUwMYBNBrHe19Of8B8wGMUwqAYzntKySe3+2ZzlrHM+BpJCLPBvCTEbligWrC4mvk2e/wVUXHRgL9BJzyJVKAEpTFUUoOMf8Uzt6dUX9xjWR/fHdRa6YAABqRPoQ49yl3F4RtnuVrWWc2T9ZzFszqu1HuN
MIME-Version: 1.0
Content-Type: text/plain
X-MS-Office365-Filtering-Correlation-Id: 800fd8ac-40ba-458d-8194-08d342d6ba87
X-Microsoft-Exchange-Diagnostics: 1;VI1PR05MB1696;2:eX9mgQbuhRNHxrNlk24Ae8yBW0Mrddc6QzvOflKpI6794O+A/bw5X+eBu7KSj7tjqM8C4O2Ff1zkZ9CWbgwtuRDB7BmkRlxgtRFx0rAggMa//Ksi7Wq/IsFq3nE288s/cCyq4oU383RlaKMWOox6/F+rTyFnD9xFmmNuvuDI4EmVsQoVnK0yQCIqEy+NEZe0;3:PRpjvI/23Yk/asCsRj301StaF4Rca/I/zhT7MgVo57V4V4qg5ni6vAatHHDsHRxX4uYtQWp3Qe2Pq4VP5nI6j5E3Oev7jm+lGoQk7hX4USzWT+8rJmCBB0U0PVsKT/60pC19aL5J+poFX+HWuQEWVNtx07s80M/ofbLIx7T4uav9sl4Zd5Ujo1OaRoPE+obv;25:dpCCA0WU/uTQ+YsSX1Gi5eZMbuCb+DQmlDH0Tt2ZQ1xAct+RCKjMsTS/8dk6HIEJzfDDkSUoWWFbdxcrb2Yib5rd6xYkbEjQrxV5HiJGz8y6sd7gdEwO1rH4eSbKA8nvw5yuDcp+/xO+sfMmHZrY4o00qXodVdo7xiV4D2i3VhKR4CLiHCa3hx8MDnORBZjp322SK3yKYtu492uszmXBg5nB3rWBuYkFbMCxfZkdM8iZI1KRVvti9HmEZw/OK2YJfnTf4665ZiN5J+W+7kMRl8ZuPCI2NY/PoNrvs5gPwwn92iGWeeoG3kivl0DBuasKz+XZMY0Qo3MZz83K++GcFQ==
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:VI1PR05MB1696;
X-MLNXRule-EZCH-Linux: Rule triggered
X-MLNXRule-Acc-Dom-4: Rule triggered
X-Microsoft-Exchange-Diagnostics: 1;VI1PR05MB1696;20:U/4tteu14pVe13MqIZyQFk7o1lUbxSkLmVRnGjpKmLofXvwf0WkSrJopMX1jWUCZtXujhEbVWo2dJv29pzi5GA34ikNTmdu8IkqOYsJ+zaCJxopy+lZQMTurbP/ODeiosvKkdHUAljeRA3RqFdfDUm/21HqWhp/DcmRNh3Dn82YdQ8W7l8lowHaEyyDsZTYB7MLbiwhLc7czGOZVFDPe4V2xA23L7WqLbHbO89XL0fRlSD8m7+SNU5nWWLeNUNIQX7jXNYvffr+A0OuTa2JK6eJ/Rm/sdrDQ2E7i7eCtLA1IlXunvpSByMQtg3bb892V1lQq1XSUrM0vl7umy45ujWu8Ep3jDn7nTXKY389ij0bB+3JGnW3kIr7cmIMjji+ZlLrLj0Clt98jtzKqv2bNIVr0bqvlAzkYF0KJhvMxTjGBQ2FzgArh1EutjluInubdfpPHRtPm06dbGXHgshxtbu6PU672rRgNZHn/oNLGY+23SdF4UsCKtfLG2aXkUXU44m8U4cKDeOPwdPTNyYzxrIew/uFN58G+bY7qrhwTCi1GXzWgkpJ6r2GQnm5TJgnnbsNVIA3ER5mQ8x4ypLMeG4Ci0k6sZ3727rq6VTwQqSo=
X-Microsoft-Antispam-PRVS: <VI1PR05MB16960F46D4959BC0F36FE9B0B2BC0@VI1PR05MB1696.eurprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(601004)(2401047)(13015025)(13017025)(13023025)(13024025)(5005006)(8121501046)(13018025)(3002001)(10201501046);SRVR:VI1PR05MB1696;BCL:0;PCL:0;RULEID:;SRVR:VI1PR05MB1696;
X-Microsoft-Exchange-Diagnostics: 1;VI1PR05MB1696;4:XKodbG7LaxAoLcg3/NkTaPeZ57w8+IwJuM7A8TnmyaykAtHdTauR3ZZl9sk5iHJnyTsmL4JSv+pHxRD0vXjCYoOQ2eUonb5lVY+uvE6Q8dtZtxxkGxeTOa8cQIgaOSpq+R7aScj2bx4bQFimYLeyICAQVmd4CwPqknOj3Cwjb1GVEsZtPKAi1hJn9JvOttsXbijpS8RJJtguR9DBzt9+fodkJ75R9wtkrEGB1UltIIaWxWyNQNynfxlSU+yCy65FQwcMVdGy+l3oraIHqN64zcjS7Z0Xi6sx6XYLYsPG7HuBF5F0SJbGH+aElUY1k2iRh0VTrjNmnlq+01jSZDbHWV0v7Jj71nw4KxGCImvG0V/XMxoI80fvkxSMksrvZtAjs4xAgT/X2NyZrdOWzgF8MRcQtL1ytcPConvV9sMBql1JJ9isakvCEt1OJ4RZs14w8E4GGWjySP/BbuZYYPHZHg==
X-Forefront-PRVS: 086943A159
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;VI1PR05MB1696;23:DvWk+3Ew3oPRyYbe3znWSFHpB9vFcw7MLkHoLEdgh?=
 =?us-ascii?Q?RbE3nKCmd834OfTPuxfZcXVF+bmQ9CI9g+RBgS0MR1ujt+MzhLEqulTKNMPA?=
 =?us-ascii?Q?2aJiTma+xNyB2MESvg86zxAB/YEhsi8gljBsT4iRcAOskJaOBZ9TBrX4vQJh?=
 =?us-ascii?Q?k5jpm1GVlWEfzkFlp5Ov7maLwGj9fHv+tu9QaVwFNvCnBHPvO+hfWazCzG6t?=
 =?us-ascii?Q?Zmel+pmA+6outDeOsNwdz2gQfvjpGQ01aWqZbk10ECQPEzuHnXPPi/xTR4si?=
 =?us-ascii?Q?1h4RjTQWVY4EEwabIrCr1Yu3kXkz6EEil9mFgqcYsj//OrVevLznNQfrV9CX?=
 =?us-ascii?Q?AwNM6X/h30axLQSDulkMEmQogr9w6aNkdTg9IEmzszGe2NAPAk8Fzlt4W+it?=
 =?us-ascii?Q?h7s6oWtIeoq5wt8PCQ+TYPJb63Nnji1aXL0b9GHGC+ka4A/s8Ah/IMOMdhMM?=
 =?us-ascii?Q?6R2/eoe5xA3Yc2b8dVbNhlUk29ArrDYGuK7+5+8TUw7HIU64OKaENvKpAbuE?=
 =?us-ascii?Q?LzOHZJ/qqA2RzeYzs9YYRW5xSYVn3vefijzm9Wcr/MwtgHGj+4bId4BxQqCB?=
 =?us-ascii?Q?6qX9DBsEDo0ufJJBeU1RQJ4umiEj7XNkjOuLqQbafwLzW0fivpncFSh/iPyK?=
 =?us-ascii?Q?FYcpIPLP7uEXryqOgOIQCb+bwogyp/7RQ/g9aUaoPsBLdtVt7nM7KyC2Q4lh?=
 =?us-ascii?Q?Ceq/ujyBtKlKiiE/zodvRvbhGxUNdVFYOn/U1akWpdewCJQ0j7BYol4ga7aR?=
 =?us-ascii?Q?0dnUcNBZP28QfPv1B5CnASS/RQhItR0CDLnDCtaY4/qmCC8szQcG5zatFcr7?=
 =?us-ascii?Q?QZlCYsIrSM/LCgnLMpMwe/Kj2aoJQh6BNK2aSt3P67vEDlhfzGWrjCtNzOBc?=
 =?us-ascii?Q?LKqfseQk5tSkIRiDK83whsaowAAgYU2C+MVVt1P5bBjuOS3h58gCU1beslzA?=
 =?us-ascii?Q?3hmbRagbSqhxMFtfUvvSmnEcHU6i8MXwXj9oaLtLNDV5awbuj0a0Cuydd+zs?=
 =?us-ascii?Q?1Te4DWvvlJ7Z26QYeLAWIcUDvKYuoIj+jQliLpYgSOQ+D8L5aEzT8u+yW/8/?=
 =?us-ascii?Q?84osfOfye0KKr6oMjSa/W7D3CoXsh2YfRM8VDEmP1fmG9k10joyOfctStUQO?=
 =?us-ascii?Q?15zv8j56DxlgmGdnpwtPPiJHqt/JN+9jJg8A6tmADdCdEEHVaowhG6+uJzk/?=
 =?us-ascii?Q?oyonQ6xporqDfx9oN8A5pfv6XKK8k7a209M?=
X-Microsoft-Exchange-Diagnostics: 1;VI1PR05MB1696;5:sHR8vNSqGTVJlQsDvIk30EHBlMuiqhSxWgRxtTAUmeoXKUeTxExrNjxrrJuSX1+JKSjuSHDLiiqpq5YpDVCbfboz/44TI6wj6ibIEDJLmw6qFOLzOHhRWsPt9QKtWLHAg4NNrTZPWD5LtMq1chrGiw==;24:G1svPK6jvjbwmR1bFKnqVrRwOm0p+z0FFlay58OhoXrHYbWeTAYW67ahJCVcw63HFaEhWXuFjJPFEhFJ9W1ZaehYNIPjui5u81Ojzn33hX0=
X-OriginatorOrg: ezchip.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Mar 2016 20:10:40.4569
 (UTC)
X-MS-Exchange-CrossTenant-Id: a652971c-7d2e-4d9b-a6a4-d149256f461b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=a652971c-7d2e-4d9b-a6a4-d149256f461b;Ip=[12.216.194.146];Helo=[ld-1.internal.tilera.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR05MB1696
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 5473
Lines: 158

In do_notify_resume(), call task_isolation_ready() when we are
checking the thread-info flags; and after we've handled the other
work, call task_isolation_enter() unconditionally.  To ensure we
always call task_isolation_enter() when returning to userspace,
modify _TIF_WORK_MASK to be _TIF_NOHZ, which is set in every task,
when we build with TASK_ISOLATION configured.

We tweak syscall_trace_enter() slightly to carry the "flags"
value from current_thread_info()->flags for each of the tests,
rather than doing a volatile read from memory for each one.  This
avoids a small overhead for each test, and in particular avoids
that overhead for TIF_NOHZ when TASK_ISOLATION is not enabled.

We instrument the smp_cross_call() routine so that it checks for
isolated tasks and generates a suitable warning if we are about
to disturb one of them in strict or debug mode.

Finally, add an explicit check for STRICT mode in do_mem_abort()
to handle the case of page faults.

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
---
 arch/arm64/include/asm/thread_info.h |  8 +++++++-
 arch/arm64/kernel/ptrace.c           | 12 +++++++++---
 arch/arm64/kernel/signal.c           |  6 +++++-
 arch/arm64/kernel/smp.c              |  2 ++
 arch/arm64/mm/fault.c                |  4 ++++
 5 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/arch/arm64/include/asm/thread_info.h b/arch/arm64/include/asm/thread_info.h
index abd64bd1f6d9..89c72888cb54 100644
--- a/arch/arm64/include/asm/thread_info.h
+++ b/arch/arm64/include/asm/thread_info.h
@@ -131,9 +131,15 @@ static inline struct thread_info *current_thread_info(void)
 #define _TIF_SECCOMP		(1 << TIF_SECCOMP)
 #define _TIF_32BIT		(1 << TIF_32BIT)
 
-#define _TIF_WORK_MASK		(_TIF_NEED_RESCHED | _TIF_SIGPENDING | \
+#define _TIF_WORK_LOOP_MASK	(_TIF_NEED_RESCHED | _TIF_SIGPENDING | \
 				 _TIF_NOTIFY_RESUME | _TIF_FOREIGN_FPSTATE)
 
+#ifdef CONFIG_TASK_ISOLATION
+# define _TIF_WORK_MASK		_TIF_NOHZ  /* always set */
+#else
+# define _TIF_WORK_MASK		_TIF_WORK_LOOP_MASK
+#endif
+
 #define _TIF_SYSCALL_WORK	(_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \
 				 _TIF_SYSCALL_TRACEPOINT | _TIF_SECCOMP | \
 				 _TIF_NOHZ)
diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c
index ff7f13239515..43aa6d016f46 100644
--- a/arch/arm64/kernel/ptrace.c
+++ b/arch/arm64/kernel/ptrace.c
@@ -37,6 +37,7 @@
 #include <linux/regset.h>
 #include <linux/tracehook.h>
 #include <linux/elf.h>
+#include <linux/isolation.h>
 
 #include <asm/compat.h>
 #include <asm/debug-monitors.h>
@@ -1246,14 +1247,19 @@ static void tracehook_report_syscall(struct pt_regs *regs,
 
 asmlinkage int syscall_trace_enter(struct pt_regs *regs)
 {
-	/* Do the secure computing check first; failures should be fast. */
+	unsigned long work = ACCESS_ONCE(current_thread_info()->flags);
+
+	if ((work & _TIF_NOHZ) && task_isolation_check_syscall(regs->syscallno))
+		return -1;
+
+	/* Do the secure computing check early; failures should be fast. */
 	if (secure_computing() == -1)
 		return -1;
 
-	if (test_thread_flag(TIF_SYSCALL_TRACE))
+	if (work & _TIF_SYSCALL_TRACE)
 		tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER);
 
-	if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
+	if (work & _TIF_SYSCALL_TRACEPOINT)
 		trace_sys_enter(regs, regs->syscallno);
 
 	audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1],
diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c
index 3432e14b7d6e..53fcd6c305d6 100644
--- a/arch/arm64/kernel/signal.c
+++ b/arch/arm64/kernel/signal.c
@@ -25,6 +25,7 @@
 #include <linux/uaccess.h>
 #include <linux/tracehook.h>
 #include <linux/ratelimit.h>
+#include <linux/isolation.h>
 
 #include <asm/debug-monitors.h>
 #include <asm/elf.h>
@@ -419,12 +420,15 @@ asmlinkage void do_notify_resume(struct pt_regs *regs,
 
 			if (thread_flags & _TIF_FOREIGN_FPSTATE)
 				fpsimd_restore_current_state();
+
+			task_isolation_enter();
 		}
 
 		local_irq_disable();
 
 		thread_flags = READ_ONCE(current_thread_info()->flags);
-		if (!(thread_flags & _TIF_WORK_MASK))
+		if (!(thread_flags & _TIF_WORK_LOOP_MASK) &&
+		    task_isolation_ready())
 			break;
 	}
 }
diff --git a/arch/arm64/kernel/smp.c b/arch/arm64/kernel/smp.c
index b1adc51b2c2e..dcb3282d04a2 100644
--- a/arch/arm64/kernel/smp.c
+++ b/arch/arm64/kernel/smp.c
@@ -37,6 +37,7 @@
 #include <linux/completion.h>
 #include <linux/of.h>
 #include <linux/irq_work.h>
+#include <linux/isolation.h>
 
 #include <asm/alternative.h>
 #include <asm/atomic.h>
@@ -632,6 +633,7 @@ static const char *ipi_types[NR_IPI] __tracepoint_string = {
 static void smp_cross_call(const struct cpumask *target, unsigned int ipinr)
 {
 	trace_ipi_raise(target, ipi_types[ipinr]);
+	task_isolation_debug_cpumask(target);
 	__smp_cross_call(target, ipinr);
 }
 
diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
index abe2a9542b3a..644cd634dd1d 100644
--- a/arch/arm64/mm/fault.c
+++ b/arch/arm64/mm/fault.c
@@ -29,6 +29,7 @@
 #include <linux/sched.h>
 #include <linux/highmem.h>
 #include <linux/perf_event.h>
+#include <linux/isolation.h>
 
 #include <asm/cpufeature.h>
 #include <asm/exception.h>
@@ -473,6 +474,9 @@ asmlinkage void __exception do_mem_abort(unsigned long addr, unsigned int esr,
 	const struct fault_info *inf = fault_info + (esr & 63);
 	struct siginfo info;
 
+	if (user_mode(regs))
+		task_isolation_check_exception("%s at %#lx", inf->name, addr);
+
 	if (!inf->fn(addr, esr, regs))
 		return;
 
-- 
2.1.2