Received: by 10.223.185.116 with SMTP id b49csp7749870wrg; Thu, 1 Mar 2018 10:25:40 -0800 (PST) X-Google-Smtp-Source: AG47ELs2xMyHnilh8nc38mxT+PANL4z7mDHiwNJv5EVRzWbQGKSb+X4ivMq96wJe0ktNSJ89EdtT X-Received: by 10.101.100.87 with SMTP id s23mr2276845pgv.413.1519928740881; Thu, 01 Mar 2018 10:25:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519928740; cv=none; d=google.com; s=arc-20160816; b=hHLoWKXQI3/hWOFK17761Nt4QwXb2DbQtpeGp4k7M+9UgIIu3SNWoAsOArMUsP1ARt uaS0nArJsjYZQXrFo7YMl9tzU4EQmiIjGrdZ21D/0GxANjCNqTDv4yrcGvhbiTjz4++w qXT0Ij/w9aEQ4V/PIys5dXCMydaohuxz1fn/mc0nafde4WuTE7bqFngrD4EJBWbbg3tS V+anE6pGy0LKYnZrlxkAa0brf44cemjQ3reFiJVFF6XWdpoLtqmuhuLOJJhfHkpBi9GQ qsgJZBs7vIV3cVmlyEt5qpkMlOR+366XPWZ2tQWIeEmq0kdiEKFm8Kv86bDLwjg+rWtB yhqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=Fk3EvFVrZdFjGvOD02Dx9y/du6U8qlXs5wPTryupU7E=; b=Eo0DEHGimnu35iX5Dfcxqt0RzSZVgVj815FbldpgDCbtlb/xoL02VSuHrQkkZw+CGk Hbr/pQyECOWUrP9zSWbqbAY+gAbtpXEGIseOlHzQrDfrt5ldwTw5ObYeGtmO4SV8fny3 ytfntnIYnQClRu5Ja5FMmhB8txcuLK0zllxJ6jC4czoNh9zRTreChl7r/WqPbdVUY5OV i87ncdPtjnMolai9xW1juo5GwMNyoUUa2RzDhFQrkUovkE2GPBlu2rWgiSp5ZUKeksAU qCNX8BTCz1b1B4Sj+cC3yfXGViKKfXRqyFYYhzt49IT0QdZpq+VdkTl599mrpWjLvhiw NpOg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=dij5cWWl; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n8si3320354pff.122.2018.03.01.10.25.25; Thu, 01 Mar 2018 10:25:40 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=dij5cWWl; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1033923AbeCASYo (ORCPT + 99 others); Thu, 1 Mar 2018 13:24:44 -0500 Received: from mail-it0-f67.google.com ([209.85.214.67]:34233 "EHLO mail-it0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1033914AbeCASYl (ORCPT ); Thu, 1 Mar 2018 13:24:41 -0500 Received: by mail-it0-f67.google.com with SMTP id n128so8975807ith.1 for ; Thu, 01 Mar 2018 10:24:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Fk3EvFVrZdFjGvOD02Dx9y/du6U8qlXs5wPTryupU7E=; b=dij5cWWlJnmaMiGu9SJUqPJ3tf3ZGhgQBqn0yq/RqKEC2XqBW6AmG0xcl1RI9yrNGO Z0zcP2XnQZVrLguXHF18+VOylyxZEIiPGJynY/iNlTTku1cYmP4yOVtyfn9kNzO8LsCc GDRwEXhb/7jOBb+DjrItCp5RMYLu2PhcMl/atSe3tVM7b1pyHOr/m588a2WstGUWRkU9 L+l8Aob3z0AkCATvztJ8b4MiZoEUQTG0ZLqZ5Hueo1hsiCoCmBO2PKMfg65nQNnaGtQB IxWEz5aGjymTJJRnrYKmIfgH7j6DGoO7PrPKp3eN8IVHxo5UlvHk1kEacpDG5oRT0mJE CRVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Fk3EvFVrZdFjGvOD02Dx9y/du6U8qlXs5wPTryupU7E=; b=Vg1yMi332QnC2Hwz7AO8j9cWMgrVdv83POfrAO9C19l+B0ZUZGqr3vY+qYubnhFcPl YhMAdFGNKwD4+CbS7YSNtQE8j1Iop9MwPqitgm97vy5HAKEOTzi1tJ7iI1TJFdDXRyO5 HC4ZmIccudYULE4GP6I40AKR4B6Kk7fR4CiZbhOs+6hGpNtUd1GjgTt9M9eN7H0D7s0z RE01+7vEtg2q+S3LMPCfnCyG3B9pzlzEAbVxX9xWjIzlBeUyLN4C8gJ/OgUAZBjF/Aaa fW0joi9Xjer0w7vmL0b26YICrQAacsu7uOXoMq0VGfqTJlBtzeIOD/yqZXQ4n9RGbopD a5Jw== X-Gm-Message-State: APf1xPAzH4kZAU3BKQt1MAOM2NfL739aELj8DsAC5tNA3g26OS9tD9PA dIycx7rm60ZBSnvvPePrcu1IIbnSAhzjOf+1pA== X-Received: by 10.36.208.4 with SMTP id m4mr3973244itg.69.1519928680758; Thu, 01 Mar 2018 10:24:40 -0800 (PST) MIME-Version: 1.0 Received: by 10.2.118.212 with HTTP; Thu, 1 Mar 2018 10:24:39 -0800 (PST) In-Reply-To: <20180301165019.kuynvb6fkcwdpxjx@suse.de> References: <1518168340-9392-1-git-send-email-joro@8bytes.org> <1518168340-9392-13-git-send-email-joro@8bytes.org> <20180301133430.wda4qesqhxnww7d6@8bytes.org> <2ae8b01f-844b-b8b1-3198-5db70c3e083b@redhat.com> <20180301165019.kuynvb6fkcwdpxjx@suse.de> From: Brian Gerst Date: Thu, 1 Mar 2018 13:24:39 -0500 Message-ID: Subject: Re: [PATCH 12/31] x86/entry/32: Add PTI cr3 switch to non-NMI entry/exit points To: Joerg Roedel Cc: Waiman Long , Joerg Roedel , Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , "the arch/x86 maintainers" , Linux Kernel Mailing List , Linux-MM , Linus Torvalds , Andy Lutomirski , Dave Hansen , Josh Poimboeuf , Juergen Gross , Peter Zijlstra , Borislav Petkov , Jiri Kosina , Boris Ostrovsky , David Laight , Denys Vlasenko , Eduardo Valentin , Greg KH , Will Deacon , "Liguori, Anthony" , Daniel Gruss , Hugh Dickins , Kees Cook , Andrea Arcangeli , Waiman Long , Pavel Machek Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 1, 2018 at 11:50 AM, Joerg Roedel wrote: > On Thu, Mar 01, 2018 at 09:33:11AM -0500, Waiman Long wrote: >> On 03/01/2018 08:34 AM, Joerg Roedel wrote: >> I think that should fix the issue of debug exception from userspace. >> >> One thing that I am not certain about is whether debug exception can >> happen even if the IF flag is cleared. If it can, debug exception should >> be handled like NMI as the state of the CR3 can be indeterminate if the >> exception happens in the entry/exit code. > > I am actually not 100% sure where it can happen, from the code it can > happen from anywhere, except when we are running on an espfix stack. > > So I am not sure we need the same complex handling NMIs need wrt. to > switching the cr3s. The IF flag only affects external maskable interrupts, not traps or faults. You do need to check CR3 because SYSENTER does not clear TF and will immediately cause a debug trap on kernel entry (with user CR3) if set. That is why the code existed before to check for the entry stack for debug/NMI. -- Brian Gerst