Received: by 10.223.176.46 with SMTP id f43csp2640538wra;
        Thu, 25 Jan 2018 12:55:41 -0800 (PST)
X-Google-Smtp-Source: AH8x226ddRryEKy/65BcVDE0jmQbmDxhPmXk3zm85HJzh7ToZZVqcaOeBuMmK3bLNSNM2PC96puP
X-Received: by 10.99.125.70 with SMTP id m6mr13939377pgn.415.1516913741873;
        Thu, 25 Jan 2018 12:55:41 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516913741; cv=none;
        d=google.com; s=arc-20160816;
        b=sSbT6+PCL8tVKVhaHDlIg3dBD5fp9jhshLp+ztXz49XeVH8Sbmk26oQkio4xvtvqI9
         88ilKZpONWVMtk8QTisyC+QOkoLn9Geh1LarrJiUspjqgpFKfreqDiv+1aBQJ/OnlhRh
         MT6R60ok7Fs4vKDwIIPqpOqh0GOEFYQQL4oHNhbOz7TsdzmN6Y1YK+HAokMItK4r5ons
         dgwELAWYVk1SWJxtvFztr884HhCL500Ej2pD3Bvha2nUfzPz1J1g7wWu+a4y/gOLgvpq
         Tg+4TGDcz87rBEhi5i4O/Yu8aeumAKdeXBdayCGHKUtNEE4zx3nUCiwlnr9xtawfc2oJ
         A/1w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=JMdkAQ9duL+zHhyQRChzA/15Wq+WwXP9oDXUvwTK6Wg=;
        b=rusY6YBv3sXq3ktu3NELwGqughTX61giIAj9CqWVfDxirgFgOF42AVqpMLRbZOEF1f
         eCFscOc2YvXYRYLgg8fQ9EtV4DFjDU8LlLi0xs1jEUsmRH/eX4kNmZeGNWOkeU3rCMAg
         rgSMw6cCIn6KM1KDu0lU67F9pRunr3uHQcqk0SrGH3NZ74lA9vClt8StmWboUDJ22E68
         y+xTWoPUEmlEx9WyNJP1kprq3PPvzrKQ/hmy68utLH0jWmB6TZv20GojDM1Q9xIir6L2
         LWFhW+Spv8yRp4SWRTKTrx1BMA8YefhTPLkIVC2uiKSpc4r0tqLTkehrVmEU/lF/zNBG
         u2Kg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=Ca3jcnt5;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id r3-v6si2531842plo.432.2018.01.25.12.55.24;
        Thu, 25 Jan 2018 12:55:41 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=Ca3jcnt5;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751241AbeAYUy7 (ORCPT <rfc822;zffurovfq63@gmail.com>
        + 99 others); Thu, 25 Jan 2018 15:54:59 -0500
Received: from mail-oi0-f45.google.com ([209.85.218.45]:42906 "EHLO
        mail-oi0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751174AbeAYUy5 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 25 Jan 2018 15:54:57 -0500
Received: by mail-oi0-f45.google.com with SMTP id c8so6246010oiy.9
        for <linux-kernel@vger.kernel.org>; Thu, 25 Jan 2018 12:54:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=JMdkAQ9duL+zHhyQRChzA/15Wq+WwXP9oDXUvwTK6Wg=;
        b=Ca3jcnt5Mp6odqYeEdbzqeMB0pBMx6H+Xxa6R0WLBi07GzB/Bvq+7tMwTje9wxBUuW
         TemTEXLWnbZZY5r22IquhBT791ge1x4VnIGnxrtIdFbZcOfKJXCbJnYInaEFn6rQRZwG
         JGYSjd6biOqAIqpL1/QyBPSc84qLUzpcruIlc8itGo6DcYAHVrlMNawt/FZkx1RXo9QX
         B1m8jxA+e7VhYqs6CjBkG7/BOnC3IzSsCuyYdMfjA/SMWAyHaZcGLSd/EN3TPQ8z2TPN
         dX5CFJXLvgl7YzQVOhxTFxRT+PT8ZfPuw6obZZGM94cd2O7SBXH8T91cIdMWArtYcY3C
         ZxFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=JMdkAQ9duL+zHhyQRChzA/15Wq+WwXP9oDXUvwTK6Wg=;
        b=AQxH9LY+sWdSUIn6DP4YtsgApgaudRlJlc2Llo34Rw5f2O8c5IP+SStNAxGxV9PwoE
         12gDW5jA4FGKLkYfamQTTiTLndP/dfc5MRUlBnlEB5rFU6/wvUdQk9rfhO6idOW35wJJ
         5azDYaubF3No08qra8IQPWVus/ZXQIENtOZy9U7sfMOnJWlcrCgf05OkX8RGf8nA+oxN
         yiQ0vDEV/hPz6okLjSMFyJnxk+ISuCBKodFoWvCGjkoXxBqRJWglzeTeOvFqfLhKthtU
         jCCANyyhVVk9AKvpZ8Vl9xu7vL8/dCBgBCzv6wR0XGsN87hTf+LkExpQHmYBjdjXv2h9
         9Y4w==
X-Gm-Message-State: AKwxytdf1m13FO7w2PZlPGa9u6hpxLX5RKMzV4IK5dqTOmfvc7XxROlA
        HTKi8wLhwABPoycbvjMWKYLCaenIyn5aDNTFxYs=
X-Received: by 10.36.204.85 with SMTP id x82mr13662270itf.21.1516913696767;
 Thu, 25 Jan 2018 12:54:56 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.59.196 with HTTP; Thu, 25 Jan 2018 12:54:49 -0800 (PST)
In-Reply-To: <CAMzpN2h5_4yMQaKhvLw+eNuifVafpqRPcwzq81O4KvYGrcXFKg@mail.gmail.com>
References: <503224b776b9513885453756e44bab235221124e.1516644136.git.luto@kernel.org>
 <CA+55aFwcU_hHz+S9ZDphBDRQLw6pMsd+6Yp_=mQA8kTcmTzWcQ@mail.gmail.com>
 <CA+55aFyONQeyHit6LcQz_JM5+C9pr61fcWFSpdn=7K_2mZN+oA@mail.gmail.com>
 <CA+55aFxMDAaQ-d3ktWCjcob8OQARcE=OWFXNJtQnW62rF-XY0g@mail.gmail.com> <CAMzpN2h5_4yMQaKhvLw+eNuifVafpqRPcwzq81O4KvYGrcXFKg@mail.gmail.com>
From:   Linus Torvalds <torvalds@linux-foundation.org>
Date:   Thu, 25 Jan 2018 12:54:49 -0800
X-Google-Sender-Auth: q-byY-oXWLAhgbEwykhCrki4KRI
Message-ID: <CA+55aFy7YA_Zw-uY2JACL_jqGuXMeycSvJVSZdNEFPCyQV2xWg@mail.gmail.com>
Subject: Re: [PATCH] x86/retpoline/entry: Disable the entire SYSCALL64 fast
 path with retpolines on
To:     Brian Gerst <brgerst@gmail.com>
Cc:     Andy Lutomirski <luto@kernel.org>,
        "the arch/x86 maintainers" <x86@kernel.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Alan Cox <alan@linux.intel.com>, Jann Horn <jannh@google.com>,
        Samuel Neves <samuel.c.p.neves@gmail.com>,
        Dan Williams <dan.j.williams@intel.com>,
        Kernel Hardening <kernel-hardening@lists.openwall.com>,
        Borislav Petkov <bp@alien8.de>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Jan 25, 2018 at 12:04 PM, Brian Gerst <brgerst@gmail.com> wrote:
>
> Another extra step the slow path does is checking to see if ptregs is
> safe for SYSRET.  I think that can be mitigated by moving the check to
> the places that do modify ptregs (ptrace, sigreturn, and exec) which
> would set a flag to force return with IRET if the modified regs do not
> satisfy the criteria for SYSRET.

I tried to do some profiling, and none of that shows up for me.

That said, what _also_ doesn't show up is the actual page table switch
on entry. And that seems to be because the per-pcu trampoline code
isn't captures by perf (or at least not shown). Oh well.

What _does_ show up a bit is this in prepare_exit_to_usermode():

#ifdef CONFIG_COMPAT
        /*
         * Compat syscalls set TS_COMPAT.  Make sure we clear it before
         * returning to user mode.  We need to clear it *after* signal
         * handling, because syscall restart has a fixup for compat
         * syscalls.  The fixup is exercised by the ptrace_syscall_32
         * selftest.
         *
         * We also need to clear TS_REGS_POKED_I386: the 32-bit tracer
         * special case only applies after poking regs and before the
         * very next return to user mode.
         */
        current->thread.status &= ~(TS_COMPAT|TS_I386_REGS_POKED);
#endif

and I think the problem there is that it is unnecessarily dirtying
that cacheline. Afaik, those bits are already clear 99.999% of the
time.

So things would be better if that 'status' would be in the thread-info
(to keep cachelines close to the other stuff we already touch) and the
code should have something like

        if (unlikely(ti->status & (TS_COMPAT|TS_I386_REGS_POKED)))

or whatever.

There might be other similar small tuning issues going on.

So there is room for improvement there in the slow path.

                Linus