Received: by 10.213.65.68 with SMTP id h4csp490754imn;
        Tue, 20 Mar 2018 08:07:01 -0700 (PDT)
X-Google-Smtp-Source: AG47ELt8bNTs+TToQXRYK/tdlqoVQUHDXvKPcJEhE0zaQjitwsHxAWZSadnAO30/bv1SHOipDl7k
X-Received: by 10.101.85.71 with SMTP id t7mr12370360pgr.386.1521558421842;
        Tue, 20 Mar 2018 08:07:01 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1521558421; cv=none;
        d=google.com; s=arc-20160816;
        b=jgFsh1E1f32amURGVEQ1acUemHC3eXFlq9tNS7ZXwU0p4GiIlb7OF+DzQkcjERu/s2
         KG7ogunuDdJ7H8XU6eZDLAFpZ/75Heg/pB5uTw+tCW6jdtBoLxxhH6FsfMf9up/7cxRK
         41DqebZEdmhGaEZCDH6HlxOC4eXjtvURguo/pS2BPQOGLlmyOU244y5FmfRg2ghtvqhb
         qN2DTB7HKlZrEhoIHpX3lRSRwl2dJJgXypWWDUeNBk93E5zX81oCEqugTJpgmMfBNzZF
         +XRciRVjemwfSDzGbmtR69TEjcNrSscecmmwbh3/KRRpktxecioqIEocrHrjBOdDbhQR
         bh8w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dmarc-filter
         :arc-authentication-results;
        bh=RqArGEYtgmwif9yz5Ick10r9WybfnXZ7VdSQdbM0cqs=;
        b=qSdZDKLCJJXEoaEAa7KnlhjlW/+Qc76WXugDBZl2ZOG8N2Ru86q0UjP1CZRNPtN9fN
         rhy0k7FkFUhYMET/793fKOn2g4x3mir9mq1vHM04m/bg/iDazrp7EZLcphNoIa2UlFk8
         +d7FxoEwdwp+O4UOv6RNEUsevqp9fQADLzBaVA8Bgd3aZQU7ub/J6f7eMxR6jnq7H0Jt
         yhRtB98vgdG6o/zT4waue9IeMeNJO6LAQysnLbbNP7OHK7pkyww1TyPrMpJPq4hM8x8V
         A9sEZLnBKsar9473q/x4D+AlO3qm+8kpZtBp5vnmZ9/Iufw8HJTGR3tq61uv4XNro8FU
         8xBA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id v9-v6si1959809plz.79.2018.03.20.08.06.46;
        Tue, 20 Mar 2018 08:07:01 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751557AbeCTPFN (ORCPT <rfc822;zffurovfq63@gmail.com>
        + 99 others); Tue, 20 Mar 2018 11:05:13 -0400
Received: from mail.kernel.org ([198.145.29.99]:60710 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751186AbeCTPFL (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 20 Mar 2018 11:05:11 -0400
Received: from mail-it0-f53.google.com (mail-it0-f53.google.com [209.85.214.53])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 9A5A321835
        for <linux-kernel@vger.kernel.org>; Tue, 20 Mar 2018 15:05:10 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9A5A321835
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=luto@kernel.org
Received: by mail-it0-f53.google.com with SMTP id k135-v6so2862914ite.2
        for <linux-kernel@vger.kernel.org>; Tue, 20 Mar 2018 08:05:10 -0700 (PDT)
X-Gm-Message-State: AElRT7EWx39b39no8C9zlZr6z3PkbUP87LT2zJIctLQZ4OaRcvZNVt9F
        eELd/Y5yBB6Tn8ZxRRiRlscVZ7bMNsfLNuQiOVeBkw==
X-Received: by 2002:a24:4e0e:: with SMTP id r14-v6mr48109ita.146.1521558309939;
 Tue, 20 Mar 2018 08:05:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.2.137.70 with HTTP; Tue, 20 Mar 2018 08:04:49 -0700 (PDT)
In-Reply-To: <1521481767-22113-15-git-send-email-chang.seok.bae@intel.com>
References: <1521481767-22113-1-git-send-email-chang.seok.bae@intel.com> <1521481767-22113-15-git-send-email-chang.seok.bae@intel.com>
From:   Andy Lutomirski <luto@kernel.org>
Date:   Tue, 20 Mar 2018 15:04:49 +0000
X-Gmail-Original-Message-ID: <CALCETrXb5RRuAnKpU2_3Rac4F4tbv1Z+UHU6=QrYk-GCSLv4cw@mail.gmail.com>
Message-ID: <CALCETrXb5RRuAnKpU2_3Rac4F4tbv1Z+UHU6=QrYk-GCSLv4cw@mail.gmail.com>
Subject: Re: [PATCH 14/15] x86/fsgsbase/64: Support legacy behavior when FS/GS
 updated by ptracer
To:     "Chang S. Bae" <chang.seok.bae@intel.com>
Cc:     X86 ML <x86@kernel.org>, Andrew Lutomirski <luto@kernel.org>,
        Andi Kleen <ak@linux.intel.com>,
        "H. Peter Anvin" <hpa@zytor.com>,
        "Metzger, Markus T" <markus.t.metzger@intel.com>,
        Tony Luck <tony.luck@intel.com>,
        "Ravi V. Shankar" <ravi.v.shankar@intel.com>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Mar 19, 2018 at 5:49 PM, Chang S. Bae <chang.seok.bae@intel.com> wrote:
> When FSGSBASE enabled, ptracer's FS/GS selector update
> fetches FS/GS base from GDT/LDT. This emulation of FS/GS
> segment loading provides backward compatibility for the
> legacy ptracers.
>
> When ptracer sets FS/GS selector, its base is going to be
> (accordingly) reloaded as the tracee resumes. This is without
> FSGSBASE. With FSGSBASE, FS/GS base is preserved regardless
> of its selector. Thus, emulating FS/GS load in ptrace is
> requested to keep compatible with what has been with FS/GS
> setting.
>
> Additionally, whenever a new base value is written, the
> FSGSBASE-enabled kernel allows the tracee effectively carry
> on. This also means that when both selector and base are
> changed, the base is not fetched from GDT/LDT, but
> preserved as given.
>

>
> Suggested-by: Markus T. Metzger <markus.t.metzger@intel.com>
> Suggested-by: H. Peter Anvin <hpa@zytor.com>

I've also suggested something like this myself, but this approach is
far more complicated than the older approach.  Was there something
that the old approach would break?  If so, what?

> +               /*
> +                * %fs setting goes to reload its base, when tracee
> +                * resumes without FSGSBASE (legacy). Here with FSGSBASE
> +                * FS base is (manually) fetched from GDT/LDT when needed.
> +                */
> +               else if (static_cpu_has(X86_FEATURE_FSGSBASE) &&
> +                        (value != 0) && (task->thread.fsindex != value))
> +                       task->thread.fsbase = task_seg_base(task, value);

The comment above should explain why you're checking this particular
condition.  I find the fsindex != value check to be *very* surprising.
On a real CPU, writing some nonzero value to %fs does the same thing
regardless of what the old value of %fs was.

> +               case USER_REGS_OFFSET(fs):
> +                       if (fs_fully_covered &&

This is_fully_covered thing is IMO overcomplicated.  Why not just make
a separate helper set_fsgs_index_and_base() and have putregs() call it
when both are set at once?

> +                           static_cpu_has(X86_FEATURE_FSGSBASE)) {
> +                               if (invalid_selector(*v))
> +                                       return -EIO;
> +                               /*
> +                                * Set the flag to fetch fsbase from GDT/LDT
> +                                * with FSGSBASE
> +                                */
> +                               fs_updated = (*v != 0) &&
> +                                       (child->thread.fsindex != *v);

Same here.  Why do you care if fs was changed?