Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1759638AbcDERky (ORCPT <rfc822;w@1wt.eu>);
	Tue, 5 Apr 2016 13:40:54 -0400
Received: from mail-db3on0078.outbound.protection.outlook.com ([157.55.234.78]:15264
	"EHLO emea01-db3-obe.outbound.protection.outlook.com"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S1759551AbcDERjm (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Tue, 5 Apr 2016 13:39:42 -0400
Authentication-Results: spf=fail (sender IP is 12.216.194.146)
 smtp.mailfrom=ezchip.com; mellanox.com; dkim=none (message not signed)
 header.d=none;mellanox.com; dmarc=fail action=none header.from=mellanox.com;
From: Chris Metcalf <cmetcalf@mellanox.com>
To: Gilad Ben Yossef <giladb@ezchip.com>, Steven Rostedt <rostedt@goodmis.org>,
        Ingo Molnar <mingo@kernel.org>, Peter Zijlstra <peterz@infradead.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        "Rik van Riel" <riel@redhat.com>, Tejun Heo <tj@kernel.org>,
        Frederic Weisbecker <fweisbec@gmail.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
        Christoph Lameter <cl@linux.com>,
        Viresh Kumar <viresh.kumar@linaro.org>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Will Deacon <will.deacon@arm.com>,
        Andy Lutomirski <luto@amacapital.net>,
        "H. Peter Anvin" <hpa@zytor.com>, <x86@kernel.org>,
        <linux-kernel@vger.kernel.org>
CC: Chris Metcalf <cmetcalf@mellanox.com>
Subject: [PATCH v12 10/13] arch/x86: enable task isolation functionality
Date: Tue, 5 Apr 2016 13:38:39 -0400
Message-ID: <1459877922-15512-11-git-send-email-cmetcalf@mellanox.com>
X-Mailer: git-send-email 2.7.2
In-Reply-To: <1459877922-15512-1-git-send-email-cmetcalf@mellanox.com>
References: <1459877922-15512-1-git-send-email-cmetcalf@mellanox.com>
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:12.216.194.146;IPV:NLI;CTRY:US;EFV:NLI;SFV:NSPM;SFS:(10009020)(6009001)(2980300002)(1110001)(1109001)(339900001)(199003)(189002)(1096002)(36756003)(19580395003)(5001770100001)(19580405001)(107886002)(33646002)(1220700001)(48376002)(47776003)(42186005)(5001970100001)(5003940100001)(50466002)(4001430100002)(92566002)(586003)(85426001)(11100500001)(50226001)(104016004)(5008740100001)(6806005)(76176999)(50986999)(4326007)(2950100001)(105606002)(2906002)(229853001)(2201001)(189998001)(106466001)(87936001)(86362001)(921003)(1121003);DIR:OUT;SFP:1101;SCL:1;SRVR:HE1PR05MB1531;H:ld-1.internal.tilera.com;FPR:;SPF:Fail;MLV:sfv;A:1;MX:1;LANG:en;
X-Microsoft-Exchange-Diagnostics: 1;AM1FFO11OLC006;1:BQji+/l+pz7LadZErdL79G3Dt2pRTKngYxFj56suNJrjz1ECNqKGTTTcmatXJdORQ41x1jiyVKMgliJPiRZlPd+DH7hDSj7Wnxfnj/jzClqNsn6kQJHZqQO+sNE2sMAKd9Zoq7EquVbdWuYgH2z434lW3248uhKOUXlV3Rgzx42Dqz1/EQmqoFpendUjKQ84nsWaIXyB+9jyMVeeZi9LLBCzOFMyvoGllJQXkpXL8KrjxqVuis08LQOyNCg5lgj8iTEK3S6hYHqXmFNA827UNZBFaZapzBfs6mapMkiZWCnGxPeBkWAEO6nNwsapdlRfpLGjIgOjyrM/gp39VX3eOXtBqGzr34xQaYFRT8nRZQRiNr8P0oM19RNQYGf80QYemPdL3zn5/zRKO9caT5VQxRDraLxZwyYzX936sDsYFypg3Mw/SHUKzn+QRF159Oq9xqDCoK6qsmW0qAlKJXWd/BzaGs64Nml4TBF+bi1wdG4q1oc4I1RDPCTi9FQ/ZfhbLkUTuGZqCzHKcXKV/NBBqoyBFNRS0pwSRwUwFCjQ7R5y4+qAgSzK1CzcOnNVCh4/FCZbDNvsPx02d6eZzwfN9f6Cmx805Bf+okWD53DSTnMU0HKeKOXVlIVOVJOQC4Qw
MIME-Version: 1.0
Content-Type: text/plain
X-MS-Office365-Filtering-Correlation-Id: fb8fa980-d948-44b2-6f38-08d35d793f13
X-Microsoft-Exchange-Diagnostics: 1;HE1PR05MB1531;2:Whw4osCq38u0V9REewh65E7TVOwFNORSYiYazEjtr680NhkXoLmpIQDprivrIDot0A6NqvISbBN69U4dpUUn3o1RSihzI+RxxOAldbhS2+MYy8lpvc1cuXop+vhM1mdC7Xc3clEGSaGA8pQdyXoshJkEfh6tq3vopdQwKQPvGSOT4+tm/+s/05oGb8Ly+J7N;3:6dzK2oMmtZlVyPG7CAdSQSkDzDOQR15p5aG5tA7BYq3AdvPxX03P6SiGTwtYdkqLr6lSDaVq9YfnI/eMWY4Eopds1QesCFsui7OsG/t86QaPp65NLledGzY7Ml3RLm58d0xhwqiyWFqr1n+MOekGaEwEVnsPU91KynbqbFBJv1VPBFRN7kEz6pLPDH8kaI0J2gEzgDr2uQMobJZaU1yV1DE/HxRr1ai8hPqwAddL75k=
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:HE1PR05MB1531;
X-Microsoft-Exchange-Diagnostics: 1;HE1PR05MB1531;25:hzDavP4lUGuooSyPWboZpMMD+Jx+Qs4IJ2a3r7kLA9xpSxk2hjvwgBALAwgg9Hw5AIR6OzHV/yAbjw1jnetvuTdSCb2M7O4IVoVKqK/BUclGzLRvvVn/FW55GVO1Z1JPpJFv92qNAyaOAem4iVae1vaBE7VxrPgcGpamWXusoB3Y5WBZdy/0F8BRdUx8NCap9pio6lQLLYGZFmjED0kfzOZ9N6meJFdarQf2LIljhvVA7E91gnUDrC82K7U8bB0zBdYKR3OdfjNabksXjVvr36LhvHSTH3FITgQDBQ8qZqgrpIJ6u9wgniacgIuJDh7gvEYlGjoB7JDtBAxLIkmIudk4KrQgiTTMW0wbxIV+Foq90zR1eXZ43w58wN+zOJJTJO79l01H7VysxuoC37oJG2/dXeBCsd+cqW+6zp8FyvcSmmGSG6pjoI6BFPWYoBILhi82TxGkRLh4U7jCrJRdx9mYupQej0XPqsiPkv0tfZ5WSCtdMFTX1aqd9K86Y+MNdiDxL9LeL+9BQ6wArXxrQbIbZ3pkXrcHP71OATUII0eB1EtNd+aoGDPEpI4an6ZBLJPSg31N9l7933lDscX/oXaipVllMKbZVybPdir0/YvGyZ6gN54rcjZw2I6KAClgSoUfDO4yIFs6ciopP1NusyhJU1Tm58LcIF3pjHKqkX6EgjD5vsZVwRf05Y5m1oNE0O6LAsRNPeApzYgJYhDnIA==
X-Microsoft-Exchange-Diagnostics: 1;HE1PR05MB1531;20:RT9zg7qBIc05XzjgmPEgiKm28BZdmq00JnVdcVdPbDNLoWTzPyGeuzCEXgEyAlrlJFN+5ZJNSUTHo+zExGKRYUhqrmVAd9hUOTG/58pEXJ16FxabGWeD0bTTyWNd/H+TqcxF0xG1wGOUD69AIZgqG283yvAF8NufgDe3IGtMig5bclgsyJFr7Xk8UaHZTr20O14EMvpHKJvPP1d5aZwTXCLNGBgsGBUu8jKIBptTIepgK/vC1FcOwWaG9FzU7J71Sqn+vV8MCzQ+KOZTOZfkDuZ+16P0BsIvDNrNjdDmKOx25k7YtP/bOY5FZFzRseE+yvzAg1MOxcr+GwoRs89WNFiyjl2CA6VJGPldxUUWANfcIP/ag/N2ett7NVK6wchrydJ6ttdPaJ3Kt+QLSkx5/UPbLPFh9ZcPZpHfZXuJ6bMS7BFVD2A4NBKVkSzUIqGQZmwy4I8KmiEiro8hqZCs33fGiFZ3jN3PYCBs+0VMrcFjBuX9N48FmBFt7mD/HwI+
X-Microsoft-Antispam-PRVS: <HE1PR05MB1531EA93FDCD19A489A17EC3B29E0@HE1PR05MB1531.eurprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(601004)(2401047)(5005006)(13023025)(13024025)(8121501046)(13018025)(13017025)(13015025)(10201501046)(3002001);SRVR:HE1PR05MB1531;BCL:0;PCL:0;RULEID:;SRVR:HE1PR05MB1531;
X-Microsoft-Exchange-Diagnostics: 1;HE1PR05MB1531;4:5zpv+kRq4Bp13N0sTXyx0x1PfWc1z/p3FAzosNI69Y0KkpgJ1KQEG7f8hZbObgXcpZncjr4lp0D30tNdSyQGiIHPlHFVWOkiTaYexyn5ogy6rrtqPf0bR319sbdQBdZ8oZjCKW9QRKH7kLE+hYLcij6DTHmyYjQkB2gui8M7QkY924gdfy2EHALf+qBY68Jw+a6NkZPrmFKuIf2bvj+MgcEsjgv1JzLgDvsTfoXXPjp1O0Y5uYWIOQD25dRVhLZIm8k7ioLXlxsoP+rMcSWM/sQY8lEaa/YsSS91UeIC+DYw9xmwl+cHwIpI7YeseFmRNNsuNAOfittSYYGEkrjbZarRZSsSAAGInie8lOz2K7o+sOYhLWPr5uQOSkAkUOg1Q+/sDJTvX2XnjC/AWuS/nb5jh/fhiqSLAONAxiw/nT/SdR9q1bfnfgdG/wvUWfRGHtxUnQ/UhcZZ4Fx95p96sw==
X-Forefront-PRVS: 0903DD1D85
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;HE1PR05MB1531;23:jJgL9KoUZh0DfFAhIZ+CnRRB9YtY7LXlOG8DH4G20?=
 =?us-ascii?Q?2DUo+O+i1rJsjTGB6pm+gQmMsdianqDXhhWqxkOfXxz5HuvL+Rrl+53+Zyjb?=
 =?us-ascii?Q?67mDNOrk77d7gwbMl7dulCdxl79M6IDEByc81d9anRYlnBsP9b1k4D8PWMDU?=
 =?us-ascii?Q?0RmOucjjmmCWM/FcD6TGfZmwkEoxCbKVq3TeR+y6YYNWRz3smnMUImcjCoUw?=
 =?us-ascii?Q?gJcOODgcS60NIC5jIK6rVHb6xAeZJL8ZK3jlVgWSAnU/PoDYSn2poeC4rAmo?=
 =?us-ascii?Q?TZSdDJISIMiYwF/G0zTT2SBBIUZuvRfBpNwzD719TCA1BiNRRTNYOWYYHlHm?=
 =?us-ascii?Q?eDMNiyTgDvDOKN8zUrk7icECcD4x3bI9CEUvch/S98BJTT6DjIZx6q0okD7w?=
 =?us-ascii?Q?29MYWF+ZsfjPQ++tGJcFNZHLzGpPmWtfqSZVc8Pz8haptTrgDnnvNzVsxfeK?=
 =?us-ascii?Q?KEf/aMSb3+lHH+dCOh2gMBbf16MvmFbUZbPgnASjrtZdrzW+8Xsgh+KaRFa8?=
 =?us-ascii?Q?JfCHq4mY7it7glqlN+N3fWDF7QUYU4FsmZkINbVwb4fKSycuXe4BjwxdhK6R?=
 =?us-ascii?Q?km5/vCqHmdHsnYGrK9BsyXYSaewNDMWbkPoT9Z4h6BdVS/4fbALixK+HC70D?=
 =?us-ascii?Q?PKq2hWW1W6YYPHHvIE5hNzqar42BxwGfekzihvujnqtKbPvZ5Yphq9mhOu74?=
 =?us-ascii?Q?658V1aGwWnbYqnA1PzQQIEektfmvBVltTs6+VuyQWhb1V1XHAnJfMM2dJdr6?=
 =?us-ascii?Q?0VKPYvL3lKe5ghQSwl/LPYQB5HAL7eQpNC3Y1Hi9zw7wVUJKnVl1Z/jjGWUA?=
 =?us-ascii?Q?6QYgtjhbM97Tb3hP2XL/6V8lBugVeHtvcubVA1cOm7gir6cMNGsTezoVdrzQ?=
 =?us-ascii?Q?9LdD7GKaZ9O8COVI2EhY0N3pMsTMkNG2yDF7ULSo3D9B9SoXM+tVcKvIgZvP?=
 =?us-ascii?Q?T2r4WluVPsk8h+P19nU/12NSXZpLMsWDQ4iOpI7JvqAF2kMlLAmOpOl9SVOz?=
 =?us-ascii?Q?FHY9KxfuE6q17ZlKMWBO0lPfNdm97xfXHQd63xsY6V3GrsCvmzMfekHqhxh5?=
 =?us-ascii?Q?Q/moL0jgs0jq9XZE0Xj5J6Qy2rAmdZbEv3vCpwDKszkDyu0Be0CUUoCyszmS?=
 =?us-ascii?Q?yKhKpl8gIMlYB/6yjgEXGjZ3I17SJjTFQJpnCMIrmpZyj199uK2Wg=3D=3D?=
X-Microsoft-Exchange-Diagnostics: 1;HE1PR05MB1531;5:U8GD98myBA9MeMxgstzjRQzX6phGS+40ntuctTskyorgvfZfodQbtIgf9bY+Rh9DHOR6gxxBOllMdXyfXAs0VwFVeblhco66ho8je+DodFc/CVTMdYbnQToaLPb4Ro0pW8GQUi++ky8XjRcfGagv3Q==;24:yVuiy4cjm0lJmZXvJXbnRe+Rrz+7GyLHVkxaOqmI7ZrbjT5fZ/DfvNLfhjGavosmgNF9V1EhC3axCsUiYJdiJsAparEVlXG9wsDsbuAD2us=
X-OriginatorOrg: Mellanox.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Apr 2016 17:39:31.5824
 (UTC)
X-MS-Exchange-CrossTenant-Id: a652971c-7d2e-4d9b-a6a4-d149256f461b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=a652971c-7d2e-4d9b-a6a4-d149256f461b;Ip=[12.216.194.146];Helo=[ld-1.internal.tilera.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR05MB1531
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 5558
Lines: 150

In prepare_exit_to_usermode(), call task_isolation_ready() for
TIF_TASK_ISOLATION tasks when we are checking the thread-info flags,
and after we've handled the other work, call task_isolation_enter()
for such tasks.

In syscall_trace_enter_phase1(), we add the necessary support for
strict-mode detection of syscalls.

We add strict reporting for the kernel exception types that do
not result in signals, namely non-signalling page faults and
non-signalling MPX fixups.

Signed-off-by: Chris Metcalf <cmetcalf@mellanox.com>
---
 arch/x86/Kconfig                   |  1 +
 arch/x86/entry/common.c            | 18 +++++++++++++++++-
 arch/x86/include/asm/thread_info.h |  2 ++
 arch/x86/kernel/traps.c            |  2 ++
 arch/x86/mm/fault.c                |  2 ++
 5 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 2dc18605831f..760401ba3df0 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -89,6 +89,7 @@ config X86
 	select HAVE_ARCH_MMAP_RND_COMPAT_BITS	if MMU && COMPAT
 	select HAVE_ARCH_SECCOMP_FILTER
 	select HAVE_ARCH_SOFT_DIRTY		if X86_64
+	select HAVE_ARCH_TASK_ISOLATION
 	select HAVE_ARCH_TRACEHOOK
 	select HAVE_ARCH_TRANSPARENT_HUGEPAGE
 	select HAVE_BPF_JIT			if X86_64
diff --git a/arch/x86/entry/common.c b/arch/x86/entry/common.c
index e79d93d44ecd..31dfe4ff8915 100644
--- a/arch/x86/entry/common.c
+++ b/arch/x86/entry/common.c
@@ -21,6 +21,7 @@
 #include <linux/context_tracking.h>
 #include <linux/user-return-notifier.h>
 #include <linux/uprobes.h>
+#include <linux/isolation.h>
 
 #include <asm/desc.h>
 #include <asm/traps.h>
@@ -87,6 +88,13 @@ unsigned long syscall_trace_enter_phase1(struct pt_regs *regs, u32 arch)
 
 	work = ACCESS_ONCE(ti->flags) & _TIF_WORK_SYSCALL_ENTRY;
 
+	/* In isolation mode, we may prevent the syscall from running. */
+	if (work & _TIF_TASK_ISOLATION) {
+		if (task_isolation_syscall(regs->orig_ax) == -1)
+			return -1;
+		work &= ~_TIF_TASK_ISOLATION;
+	}
+
 #ifdef CONFIG_SECCOMP
 	/*
 	 * Do seccomp first -- it should minimize exposure of other
@@ -202,7 +210,7 @@ long syscall_trace_enter(struct pt_regs *regs)
 
 #define EXIT_TO_USERMODE_LOOP_FLAGS				\
 	(_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_UPROBE |	\
-	 _TIF_NEED_RESCHED | _TIF_USER_RETURN_NOTIFY)
+	 _TIF_NEED_RESCHED | _TIF_USER_RETURN_NOTIFY | _TIF_TASK_ISOLATION)
 
 static void exit_to_usermode_loop(struct pt_regs *regs, u32 cached_flags)
 {
@@ -236,11 +244,19 @@ static void exit_to_usermode_loop(struct pt_regs *regs, u32 cached_flags)
 		if (cached_flags & _TIF_USER_RETURN_NOTIFY)
 			fire_user_return_notifiers();
 
+		if (cached_flags & _TIF_TASK_ISOLATION)
+			task_isolation_enter();
+
 		/* Disable IRQs and retry */
 		local_irq_disable();
 
 		cached_flags = READ_ONCE(pt_regs_to_thread_info(regs)->flags);
 
+		/* Clear task isolation from cached_flags manually. */
+		if ((cached_flags & _TIF_TASK_ISOLATION) &&
+		    task_isolation_ready())
+			cached_flags &= ~_TIF_TASK_ISOLATION;
+
 		if (!(cached_flags & EXIT_TO_USERMODE_LOOP_FLAGS))
 			break;
 
diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h
index 82866697fcf1..057176ae597f 100644
--- a/arch/x86/include/asm/thread_info.h
+++ b/arch/x86/include/asm/thread_info.h
@@ -97,6 +97,7 @@ struct thread_info {
 #define TIF_SECCOMP		8	/* secure computing */
 #define TIF_USER_RETURN_NOTIFY	11	/* notify kernel of userspace return */
 #define TIF_UPROBE		12	/* breakpointed or singlestepping */
+#define TIF_TASK_ISOLATION	13	/* task isolation enabled for task */
 #define TIF_NOTSC		16	/* TSC is not accessible in userland */
 #define TIF_IA32		17	/* IA32 compatibility process */
 #define TIF_FORK		18	/* ret_from_fork */
@@ -121,6 +122,7 @@ struct thread_info {
 #define _TIF_SECCOMP		(1 << TIF_SECCOMP)
 #define _TIF_USER_RETURN_NOTIFY	(1 << TIF_USER_RETURN_NOTIFY)
 #define _TIF_UPROBE		(1 << TIF_UPROBE)
+#define _TIF_TASK_ISOLATION	(1 << TIF_TASK_ISOLATION)
 #define _TIF_NOTSC		(1 << TIF_NOTSC)
 #define _TIF_IA32		(1 << TIF_IA32)
 #define _TIF_FORK		(1 << TIF_FORK)
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index 06cbe25861f1..b02205085571 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -36,6 +36,7 @@
 #include <linux/mm.h>
 #include <linux/smp.h>
 #include <linux/io.h>
+#include <linux/isolation.h>
 
 #ifdef CONFIG_EISA
 #include <linux/ioport.h>
@@ -382,6 +383,7 @@ dotraplinkage void do_bounds(struct pt_regs *regs, long error_code)
 	case 2:	/* Bound directory has invalid entry. */
 		if (mpx_handle_bd_fault())
 			goto exit_trap;
+		task_isolation_exception("bounds check");
 		break; /* Success, it was handled */
 	case 1: /* Bound violation. */
 		info = mpx_generate_siginfo(regs);
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index 5ce1ed02f7e8..025e9d2850c1 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -14,6 +14,7 @@
 #include <linux/prefetch.h>		/* prefetchw			*/
 #include <linux/context_tracking.h>	/* exception_enter(), ...	*/
 #include <linux/uaccess.h>		/* faulthandler_disabled()	*/
+#include <linux/isolation.h>		/* task_isolation_exception	*/
 
 #include <asm/cpufeature.h>		/* boot_cpu_has, ...		*/
 #include <asm/traps.h>			/* dotraplinkage, ...		*/
@@ -1259,6 +1260,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code,
 		local_irq_enable();
 		error_code |= PF_USER;
 		flags |= FAULT_FLAG_USER;
+		task_isolation_exception("page fault at %#lx", address);
 	} else {
 		if (regs->flags & X86_EFLAGS_IF)
 			local_irq_enable();
-- 
2.7.2