Received: by 10.223.185.116 with SMTP id b49csp3215372wrg; Mon, 5 Mar 2018 16:44:56 -0800 (PST) X-Google-Smtp-Source: AG47ELuCG52laHBfKc9giirrkb4c3RoZXYxOmHi0DzP5ECe5OHQrw1xhNwyqD+hFY6LknBA3GyGy X-Received: by 10.98.233.3 with SMTP id j3mr17293538pfh.38.1520297096400; Mon, 05 Mar 2018 16:44:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520297096; cv=none; d=google.com; s=arc-20160816; b=cj0V2uGbvmGbllDWuGxnkbl+TMCj/5BwNPw5aqN5XV1Pn4RK+LCanq2McAhC+kidbK DOgO9An2FvhYBaOSXZrlX7Ypm8I4xx5y3TwETDZq3At//ndylzVB+Qg21BZIecxD6TwI jALuGoU4SXKWm2u79mSMeolvPNQ5RnPw+C7bNsdqBIWszAmaxPDl3fLfuXGT1EB5HRCf nH8h3iLpvC015cp5ti7xJaq/Z16Q11WqZFkg6i7XRwHUI+EpZUxVnEprSoTk+iKmY54d wRK65kVlQpJXZp1wHASfYyj5Chh79u6nSaa3iTPx+0CbK0ghMynOUkae+MvQgnE5Yv1e KgeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:to:from:dkim-signature :arc-authentication-results; bh=T2q81Qfo3k2RzZKxxZuqijHOWh4dsaozZ2Wxa1XNryI=; b=oVU7SHhEsNJjsxxuVpGAxQu1tz3q8uH19+4P76jKra4lcw61Ln4lGVsM7uEM7gxyJv 8gJFTwq0EZzHGXxRjWvevgXHJjxqcOvwFXeWFNM2al4w9GK/48B7xVHZPW0iMmM/JtxK br7iy9DukxUAxpP6Lmrv/g78MN/QLmqRMKNTeuvJgiONU6AaRnxqp0pfQFcF4S1qzPwi mhEMXmV6MLAy0M8lbJbAx6uX9oBOoaTw9/fEVnCeF+gKLJZZbwjsXzJIauf4daJ/IQJv h6kF+1rMU1sVE4E5RUTrRloWafVr5S0NFGzfrPGisLNu2p11OGxDD2L2BHqV9cup0dJW I6sw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=ozy9Hm3C; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y64si11212282pfj.47.2018.03.05.16.44.42; Mon, 05 Mar 2018 16:44:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=ozy9Hm3C; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932817AbeCFA0E (ORCPT + 99 others); Mon, 5 Mar 2018 19:26:04 -0500 Received: from aserp2130.oracle.com ([141.146.126.79]:34670 "EHLO aserp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932395AbeCFA0D (ORCPT ); Mon, 5 Mar 2018 19:26:03 -0500 Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1]) by aserp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w260LUiI115031; Tue, 6 Mar 2018 00:25:58 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : subject : date : message-id : mime-version : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=T2q81Qfo3k2RzZKxxZuqijHOWh4dsaozZ2Wxa1XNryI=; b=ozy9Hm3CVvW6aqt0yQiNpZyST6Y/U6bCWSJ399WZ3Mt4biAiKzY7zxb5a1L0v6Jb7eFu EtQQXlJyHjorfZoiGtm1GlyDCZBs0ffNzs96uQVKZVLrLkrYhRu4C8cDgUuirWk25USP UJi3rq4JzqYXw/O7f9YEWqq8pvnWlGCHxqXucaHQR5nJehiOaNueWA+UDDedGqWQaLwZ GzR6unghbxRTUYaPH50n3Ca8bQ82lQBzzR8i/NveRzM5Ly/B9zIsCmZDOViMbITmhc4r WOqjcM3mcfqwIRp99dF36i1h1RnsWN0F9ElUwszDqHLt3uyt+2otifybM9lD4VmbOCyG Yg== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp2130.oracle.com with ESMTP id 2ghdxf8k3v-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 06 Mar 2018 00:25:58 +0000 Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w260PvKl009834 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 6 Mar 2018 00:25:57 GMT Received: from abhmp0008.oracle.com (abhmp0008.oracle.com [141.146.116.14]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w260PuYH021994; Tue, 6 Mar 2018 00:25:56 GMT Received: from localhost.localdomain (/98.216.35.41) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 05 Mar 2018 16:25:55 -0800 From: Pavel Tatashin To: steven.sistare@oracle.com, daniel.m.jordan@oracle.com, linux-kernel@vger.kernel.org, Alexander.Levin@microsoft.com, dan.j.williams@intel.com, sathyanarayanan.kuppuswamy@intel.com, pankaj.laxminarayan.bharadiya@intel.com, akuster@mvista.com, cminyard@mvista.com, pasha.tatashin@oracle.com, gregkh@linuxfoundation.org, stable@vger.kernel.org Subject: [PATCH 4.1 00/65] page table isolation for stable 4.1 Date: Mon, 5 Mar 2018 19:24:33 -0500 Message-Id: <20180306002538.1761-1-pasha.tatashin@oracle.com> X-Mailer: git-send-email 2.16.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8823 signatures=668683 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803060003 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The git of this backport can be found here: git clone --branch pti_v4.1.49 https://github.com/soleen/linux The patches were backported from stable 4.4 to Oracle UEK4.1, and from UEK4.1 to Stable 4.1 Aaron Lu (1): x86/irq: Do not substract irq_tlb_count from irq_call_count Andy Lutomirski (16): x86/mm: Add INVPCID helpers x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID x86/mm: If INVPCID is available, use it to flush global mappings sched/core: Add switch_mm_irqs_off() and use it in the scheduler x86/mm: Build arch/x86/mm/tlb.c even on !SMP x86/mm, sched/core: Turn off IRQs in switch_mm() sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() x86/mm: Remove flush_tlb() and flush_tlb_current_task() x86/mm: Make flush_tlb_mm_range() more predictable x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range() x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code x86/mm: Disable PCID on 32-bit kernels x86/mm: Add the 'nopcid' boot option to turn off PCID x86/mm: Enable CR4.PCIDE on supported systems x86/mm/64: Fix reboot interaction with CR4.PCIDE Borislav Petkov (5): x86/mm: Fix INVPCID asm constraint x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling x86/kaiser: Check boottime cmdline params x86/kaiser: Reenable PARAVIRT x86/kaiser: Move feature detection up Dave Hansen (2): kaiser: merged update kaiser: enhanced by kernel and user PCIDs Denys Vlasenko (3): x86/entry: Stop using PER_CPU_VAR(kernel_stack) x86/entry: Remove unused 'kernel_stack' per-cpu variable x86/entry: Define 'cpu_current_top_of_stack' for 64-bit code Hugh Dickins (26): kaiser: do not set _PAGE_NX on pgd_none kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE kaiser: fix build and FIXME in alloc_ldt_struct() kaiser: KAISER depends on SMP kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER kaiser: fix perf crashes kaiser: ENOMEM if kaiser_pagetable_walk() NULL kaiser: tidied up asm/kaiser.h somewhat kaiser: tidied up kaiser_add/remove_mapping slightly kaiser: kaiser_remove_mapping() move along the pgd kaiser: cleanups while trying for gold link kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET kaiser: delete KAISER_REAL_SWITCH option kaiser: vmstat show NR_KAISERTABLE as nr_overhead kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user kaiser: PCID 0 for kernel and 128 for user kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user kaiser: paranoid_entry pass cr3 need to paranoid_exit kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls kaiser: fix unlikely error in alloc_ldt_struct() kaiser: add "nokaiser" boot option, using ALTERNATIVE kaiser: add "nokaiser" boot option, using ALTERNATIVE kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush kaiser: drop is_atomic arg to kaiser_pagetable_walk() kaiser: asm/tlbflush.h handle noPGE at lower level kaiser: kaiser_flush_tlb_on_return_to_user() check PCID Ingo Molnar (1): mm/mmu_context, sched/core: Fix mmu_context.h assumption Jamie Iles (1): x86/ldt: fix crash in ldt freeing. Jiri Kosina (1): PTI: unbreak EFI old_memmap Kees Cook (1): KPTI: Rename to PAGE_TABLE_ISOLATION Konrad Rzeszutek Wilk (1): kpti: Disable when running under Xen PV Pavel Tatashin (3): x86/mm, sched/core: Uninline switch_mm() pti: Rename X86_FEATURE_KAISER to X86_FEATURE_PTI x86/pti/efi: broken conversion from efi to kernel page table Richard Fellner (1): KAISER: Kernel Address Isolation Steven Rostedt (1): ARM: Hide finish_arch_post_lock_switch() from modules Thomas Gleixner (1): x86/paravirt: Dont patch flush_tlb_single Tom Lendacky (1): x86/boot: Add early cmdline parsing for options with arguments Documentation/kernel-parameters.txt | 12 + arch/arm/include/asm/mmu_context.h | 2 + arch/x86/boot/compressed/misc.h | 1 + arch/x86/ia32/ia32entry.S | 11 +- arch/x86/include/asm/cmdline.h | 2 + arch/x86/include/asm/cpufeature.h | 7 + arch/x86/include/asm/desc.h | 2 +- arch/x86/include/asm/disabled-features.h | 4 +- arch/x86/include/asm/hardirq.h | 6 +- arch/x86/include/asm/hw_irq.h | 2 +- arch/x86/include/asm/kaiser.h | 151 ++++++++++ arch/x86/include/asm/mmu.h | 6 - arch/x86/include/asm/mmu_context.h | 101 +------ arch/x86/include/asm/pgtable.h | 28 +- arch/x86/include/asm/pgtable_64.h | 25 +- arch/x86/include/asm/pgtable_types.h | 29 +- arch/x86/include/asm/processor.h | 2 +- arch/x86/include/asm/thread_info.h | 8 +- arch/x86/include/asm/tlbflush.h | 233 +++++++++------ arch/x86/include/uapi/asm/processor-flags.h | 3 +- arch/x86/kernel/cpu/bugs.c | 8 + arch/x86/kernel/cpu/common.c | 86 +++++- arch/x86/kernel/cpu/perf_event_intel_ds.c | 57 +++- arch/x86/kernel/entry_64.S | 170 +++++++++-- arch/x86/kernel/espfix_64.c | 10 + arch/x86/kernel/head_64.S | 35 ++- arch/x86/kernel/irq.c | 3 +- arch/x86/kernel/irqinit.c | 2 +- arch/x86/kernel/ldt.c | 25 +- arch/x86/kernel/paravirt_patch_64.c | 2 - arch/x86/kernel/process.c | 2 +- arch/x86/kernel/process_32.c | 5 +- arch/x86/kernel/process_64.c | 3 - arch/x86/kernel/reboot.c | 4 + arch/x86/kernel/setup.c | 7 + arch/x86/kernel/smpboot.c | 2 - arch/x86/kernel/tracepoint.c | 2 + arch/x86/kernel/vm86_32.c | 2 +- arch/x86/kvm/x86.c | 3 +- arch/x86/lib/cmdline.c | 105 +++++++ arch/x86/mm/Makefile | 4 +- arch/x86/mm/init.c | 4 +- arch/x86/mm/init_64.c | 10 + arch/x86/mm/kaiser.c | 449 ++++++++++++++++++++++++++++ arch/x86/mm/pageattr.c | 63 +++- arch/x86/mm/pgtable.c | 16 +- arch/x86/mm/tlb.c | 194 ++++++++---- arch/x86/platform/efi/efi_64.c | 6 + arch/x86/realmode/init.c | 4 +- arch/x86/realmode/rm/trampoline_64.S | 3 +- arch/x86/xen/enlighten.c | 6 + arch/x86/xen/xen-asm_64.S | 6 +- include/asm-generic/vmlinux.lds.h | 7 + include/linux/kaiser.h | 52 ++++ include/linux/mmu_context.h | 7 + include/linux/mmzone.h | 3 +- include/linux/percpu-defs.h | 32 +- init/main.c | 2 + kernel/fork.c | 6 + kernel/sched/core.c | 4 +- mm/mmu_context.c | 2 +- mm/vmstat.c | 1 + security/Kconfig | 10 + 63 files changed, 1687 insertions(+), 372 deletions(-) create mode 100644 arch/x86/include/asm/kaiser.h create mode 100644 arch/x86/mm/kaiser.c create mode 100644 include/linux/kaiser.h -- 2.16.2