Received: by 10.192.165.156 with SMTP id m28csp779057imm;
        Mon, 16 Apr 2018 08:35:09 -0700 (PDT)
X-Google-Smtp-Source: AIpwx49Skb601fNj9okfvG4Mix/m2u5oyuIjJVtVhdoFIavKcBlS6l2lPquqCK9nBfA78jijssE0
X-Received: by 2002:a17:902:8646:: with SMTP id y6-v6mr15630942plt.86.1523892909232;
        Mon, 16 Apr 2018 08:35:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523892909; cv=none;
        d=google.com; s=arc-20160816;
        b=ENxBq7xtBhkNJGtj8cVn5SHM/oAGQVOF4Ur2oOrc8IJpN+IyOlo1Q0ADYOtQ3TayH5
         IAbORguF9yhpl2sofszfxTljswx7N9y1/1NlR3Ngq68v3nYFr+41NF9ELloa/g79KA5P
         mRIwa1b6roa6zv7DcuLHPyFetfiV+8cGhscc1GvgY6fytIsPby1rZc3AwaFSjte1su7F
         +FNs5eZRMl2ZZwSXMbxr/oyT7bvMOGvZ/VD5+1NLkQKg+H0hAX6421aEmmLWAhBYKOqi
         G7/Zs6Wfpdd0iUx+jKhmHfREIv3ypgOfM9jBIewQye5f/X55lUzjdKznACtYLk89eJAI
         +tYg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature:arc-authentication-results;
        bh=OcvQhocRGo8adLG5spe7U+na6Cqu9Y9MpjcgHIpoCVg=;
        b=bRn6rKJxY1JtwBvC39WjQnFrv/M3G/VdLRO0htIQZbMh18LBkKiCSXwFdnH7Ny8Zsh
         yx4eryg3m3NBk6xv8W7qRrsNqaViqWkWZ+QWjGkOVUInD6fTbg8hLs06OzjLNtYFijiL
         j+JR0zSusnHXK/1j3g4WJ743qMCLgLDITGZLVyEQL0WLGH6Copvm3Ti1DQcMmEXNyD3/
         xqt6gYHfpM/5FmO+bI1ng75nrhm/NqMIbQFo3Ro9drOc59HLzkSysya1+ctucVc1TpSX
         cgQ9iLCrCQqNIehbgidYVJyVmy4lz76JZreLdrOvTccpoDbz+I6E9vVQx+x+ACAZlX0D
         N8Kg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail (test mode) header.i=@8bytes.org header.s=mail-1 header.b=V1WFdvDj;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id i74si9755145pgc.262.2018.04.16.08.34.54;
        Mon, 16 Apr 2018 08:35:09 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail (test mode) header.i=@8bytes.org header.s=mail-1 header.b=V1WFdvDj;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753308AbeDPPcr (ORCPT <rfc822;lans.zhang2008@gmail.com>
        + 99 others); Mon, 16 Apr 2018 11:32:47 -0400
Received: from 8bytes.org ([81.169.241.247]:36224 "EHLO theia.8bytes.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1752250AbeDPPZq (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 16 Apr 2018 11:25:46 -0400
Received: by theia.8bytes.org (Postfix, from userid 1000)
        id 004E062E; Mon, 16 Apr 2018 17:25:38 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=8bytes.org; s=mail-1;
        t=1523892339; bh=Lt5dN801iBkdJ+olxQdqJCNkYSPf/gDa/28EJuqBMqA=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=V1WFdvDjEt8W9tceT/6qcU2iLSgP3308L9nTQb213lmsvNs3HUOylWC1Z6WCA/Fje
         1ibrv6+zzNsr27uwWKXdNEzAvQV+QUeGQ81HPj+I8dI4LQSZNLZLDe4+nMnmW2GaU5
         s3RX0gDySQNv+4srlOyI3BdiaObeQuF7zR+NLIxq0nWExlBFmSN92w9zI2B33IDY+3
         /Hpx4+DYWxkxjwsa3UygXMYtQ0yljvLPxB9SuR0gcPQGOmew5TbabA7Zi1tx9LoiOb
         p5JrJsQyCe9DRqaMQJcElN1IP3oOqYER1VbN7S7vDaBLRGRprRbshYXgn906B8agzT
         D07cB7r+iY0Yg==
From:   Joerg Roedel <joro@8bytes.org>
To:     Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@kernel.org>,
        "H . Peter Anvin" <hpa@zytor.com>
Cc:     x86@kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@intel.com>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Juergen Gross <jgross@suse.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Borislav Petkov <bp@alien8.de>, Jiri Kosina <jkosina@suse.cz>,
        Boris Ostrovsky <boris.ostrovsky@oracle.com>,
        Brian Gerst <brgerst@gmail.com>,
        David Laight <David.Laight@aculab.com>,
        Denys Vlasenko <dvlasenk@redhat.com>,
        Eduardo Valentin <eduval@amazon.com>,
        Greg KH <gregkh@linuxfoundation.org>,
        Will Deacon <will.deacon@arm.com>, aliguori@amazon.com,
        daniel.gruss@iaik.tugraz.at, hughd@google.com, keescook@google.com,
        Andrea Arcangeli <aarcange@redhat.com>,
        Waiman Long <llong@redhat.com>, Pavel Machek <pavel@ucw.cz>,
        "David H . Gutteridge" <dhgutteridge@sympatico.ca>,
        jroedel@suse.de, joro@8bytes.org
Subject: [PATCH 14/35] x86/entry/32: Add PTI cr3 switches to NMI handler code
Date:   Mon, 16 Apr 2018 17:25:02 +0200
Message-Id: <1523892323-14741-15-git-send-email-joro@8bytes.org>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1523892323-14741-1-git-send-email-joro@8bytes.org>
References: <1523892323-14741-1-git-send-email-joro@8bytes.org>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Joerg Roedel <jroedel@suse.de>

The NMI handler is special, as it needs to leave with the
same cr3 as it was entered with. We need to do this because
we could enter the NMI handler from kernel code with
user-cr3 already loaded.

Signed-off-by: Joerg Roedel <jroedel@suse.de>
---
 arch/x86/entry/entry_32.S | 41 +++++++++++++++++++++++++++++++++++------
 1 file changed, 35 insertions(+), 6 deletions(-)

diff --git a/arch/x86/entry/entry_32.S b/arch/x86/entry/entry_32.S
index b2b0ecb..f47e535 100644
--- a/arch/x86/entry/entry_32.S
+++ b/arch/x86/entry/entry_32.S
@@ -77,6 +77,8 @@
 #endif
 .endm
 
+#define PTI_SWITCH_MASK         (1 << PAGE_SHIFT)
+
 /*
  * User gs save/restore
  *
@@ -213,8 +215,19 @@
 
 .endm
 
-.macro SAVE_ALL_NMI
+.macro SAVE_ALL_NMI cr3_reg:req
 	SAVE_ALL
+
+	/*
+	 * Now switch the CR3 when PTI is enabled.
+	 *
+	 * We can enter with either user or kernel cr3, the code will
+	 * store the old cr3 in \cr3_reg and switches to the kernel cr3
+	 * if necessary.
+	 */
+	SWITCH_TO_KERNEL_CR3 scratch_reg=\cr3_reg
+
+.Lend_\@:
 .endm
 /*
  * This is a sneaky trick to help the unwinder find pt_regs on the stack.  The
@@ -262,7 +275,23 @@
 	POP_GS_EX
 .endm
 
-.macro RESTORE_ALL_NMI pop=0
+.macro RESTORE_ALL_NMI cr3_reg:req pop=0
+	/*
+	 * Now switch the CR3 when PTI is enabled.
+	 *
+	 * We enter with kernel cr3 and switch the cr3 to the value
+	 * stored on \cr3_reg, which is either a user or a kernel cr3.
+	 */
+	ALTERNATIVE "jmp .Lswitched_\@", "", X86_FEATURE_PTI
+
+	testl	$PTI_SWITCH_MASK, \cr3_reg
+	jz	.Lswitched_\@
+
+	/* User cr3 in \cr3_reg - write it to hardware cr3 */
+	movl	\cr3_reg, %cr3
+
+.Lswitched_\@:
+
 	RESTORE_REGS pop=\pop
 .endm
 
@@ -1333,7 +1362,7 @@ ENTRY(nmi)
 #endif
 
 	pushl	%eax				# pt_regs->orig_ax
-	SAVE_ALL_NMI
+	SAVE_ALL_NMI cr3_reg=%edi
 	ENCODE_FRAME_POINTER
 	xorl	%edx, %edx			# zero error code
 	movl	%esp, %eax			# pt_regs pointer
@@ -1361,7 +1390,7 @@ ENTRY(nmi)
 
 .Lnmi_return:
 	CHECK_AND_APPLY_ESPFIX
-	RESTORE_ALL_NMI pop=4
+	RESTORE_ALL_NMI cr3_reg=%edi pop=4
 	jmp	.Lirq_return
 
 #ifdef CONFIG_X86_ESPFIX32
@@ -1377,12 +1406,12 @@ ENTRY(nmi)
 	pushl	16(%esp)
 	.endr
 	pushl	%eax
-	SAVE_ALL_NMI
+	SAVE_ALL_NMI cr3_reg=%edi
 	ENCODE_FRAME_POINTER
 	FIXUP_ESPFIX_STACK			# %eax == %esp
 	xorl	%edx, %edx			# zero error code
 	call	do_nmi
-	RESTORE_ALL_NMI
+	RESTORE_ALL_NMI cr3_reg=%edi
 	lss	12+4(%esp), %esp		# back to espfix stack
 	jmp	.Lirq_return
 #endif
-- 
2.7.4