Received: by 10.192.165.148 with SMTP id m20csp3584654imm;
        Mon, 23 Apr 2018 08:56:33 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4+GjttLHXKNLGZrCH4RMK2pP+iFbpflG2P34DzrA66JvIUNjcwe7V5lgsBSKosNl1LvFx4b
X-Received: by 2002:a17:902:b2c7:: with SMTP id x7-v6mr21601810plw.124.1524498993839;
        Mon, 23 Apr 2018 08:56:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524498993; cv=none;
        d=google.com; s=arc-20160816;
        b=qUOKVoMvacy8/WiLlrxDsIHB6bJJKZyK+DRqX7tkrLee0C3yBrqWUT0JKCp+BhYQZ8
         4LOOIpfBlf9ANlaDgakBtysTM6GrBIYN6XjA7nRt+jSWCiN2z05C5HRjiumk0fxvNPWU
         OUGMW+MrTVYyWVjoGaC8Ehp6bycHB9XMefjLS4K3PbxoP5MC60GVx9rK8XDI9QoQNXBr
         bEB6loYjaRT1z+d4kTPovArStuVltiu1ncnDK3MbouFt7cIPHZBkzG28KwB3jz2qDBuw
         RXt5KEyHQHxH7mLrEs/KHgUoPJrKJxu8KDn5EO1dcc5rTCxor8lxmM9H35fq82UzIsYi
         rbnA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature:arc-authentication-results;
        bh=OcvQhocRGo8adLG5spe7U+na6Cqu9Y9MpjcgHIpoCVg=;
        b=pFN6nbTkMiUiGT1/nIKdhIYj1vTcxSjRn75CHBOUisSTdGsbzfo8IgCq0I1rGHgI6+
         8GdKcQmKKCdqXXcK4vJ1oIFcuonHy/Bqb31OaK9b3VBaqktOA5VW72kxzqz5Pd0ZoOIy
         LubVsnP5xo26QnNXB3NnLvNFGTXiGspKt7uCrh4hKYcUdr5BPeNbGL6avpJ12HWdr02p
         si/zpmEML+N4kbaxQKKMwWzLirHIaGrTjIHi8r/mvBBkjdBn9QCXOOJcGW6MApTzTEFc
         RLMk9+OpByXBZcvyOAItkjf0gzlPiP8FqdKZfVwxzswC++OKkofuSSTsFlFMUwA6l8pD
         /WCA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail (test mode) header.i=@8bytes.org header.s=mail-1 header.b=FAJuawDA;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e5-v6si11714977plt.209.2018.04.23.08.56.19;
        Mon, 23 Apr 2018 08:56:33 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail (test mode) header.i=@8bytes.org header.s=mail-1 header.b=FAJuawDA;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932243AbeDWPxV (ORCPT <rfc822;414256we@gmail.com> + 99 others);
        Mon, 23 Apr 2018 11:53:21 -0400
Received: from 8bytes.org ([81.169.241.247]:60416 "EHLO theia.8bytes.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1755674AbeDWPr4 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 23 Apr 2018 11:47:56 -0400
Received: by theia.8bytes.org (Postfix, from userid 1000)
        id 4C606924; Mon, 23 Apr 2018 17:47:44 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=8bytes.org; s=mail-1;
        t=1524498466; bh=Lt5dN801iBkdJ+olxQdqJCNkYSPf/gDa/28EJuqBMqA=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=FAJuawDAon7mycuoGqGjbKCoIku8oNYr+yEEtzkxKCECAMqMpcVm9jTaKz9kdM9Gn
         /sxi0l2ojPAMbiYiGYkhkiHHAceKQlMB/nFMEAzqzr4kDCaCe8wA0YPwDUyGLhqgd2
         FnEoz1Lt9e/Z6prpQOzFWaEbYBz2l1aJF2AKPNqetfFyGprzJ8ILczkDR/pDABkwo8
         pbF0gavZefz9L9CLrd49nnSETUBbVjbw3aP9FC+STSj6VL47/t55cMeY5CmVNGHnrh
         pK5DnGiI/nres2sue5mCy3gDWykKRuOcW2B42lYTOKrZ6uDzf5Sbu/n4+kzq0Y56U0
         DXZnavgUjspfw==
From:   Joerg Roedel <joro@8bytes.org>
To:     Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@kernel.org>,
        "H . Peter Anvin" <hpa@zytor.com>
Cc:     x86@kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@intel.com>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Juergen Gross <jgross@suse.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Borislav Petkov <bp@alien8.de>, Jiri Kosina <jkosina@suse.cz>,
        Boris Ostrovsky <boris.ostrovsky@oracle.com>,
        Brian Gerst <brgerst@gmail.com>,
        David Laight <David.Laight@aculab.com>,
        Denys Vlasenko <dvlasenk@redhat.com>,
        Eduardo Valentin <eduval@amazon.com>,
        Greg KH <gregkh@linuxfoundation.org>,
        Will Deacon <will.deacon@arm.com>, aliguori@amazon.com,
        daniel.gruss@iaik.tugraz.at, hughd@google.com, keescook@google.com,
        Andrea Arcangeli <aarcange@redhat.com>,
        Waiman Long <llong@redhat.com>, Pavel Machek <pavel@ucw.cz>,
        "David H . Gutteridge" <dhgutteridge@sympatico.ca>,
        jroedel@suse.de, joro@8bytes.org
Subject: [PATCH 14/37] x86/entry/32: Add PTI cr3 switches to NMI handler code
Date:   Mon, 23 Apr 2018 17:47:17 +0200
Message-Id: <1524498460-25530-15-git-send-email-joro@8bytes.org>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1524498460-25530-1-git-send-email-joro@8bytes.org>
References: <1524498460-25530-1-git-send-email-joro@8bytes.org>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Joerg Roedel <jroedel@suse.de>

The NMI handler is special, as it needs to leave with the
same cr3 as it was entered with. We need to do this because
we could enter the NMI handler from kernel code with
user-cr3 already loaded.

Signed-off-by: Joerg Roedel <jroedel@suse.de>
---
 arch/x86/entry/entry_32.S | 41 +++++++++++++++++++++++++++++++++++------
 1 file changed, 35 insertions(+), 6 deletions(-)

diff --git a/arch/x86/entry/entry_32.S b/arch/x86/entry/entry_32.S
index b2b0ecb..f47e535 100644
--- a/arch/x86/entry/entry_32.S
+++ b/arch/x86/entry/entry_32.S
@@ -77,6 +77,8 @@
 #endif
 .endm
 
+#define PTI_SWITCH_MASK         (1 << PAGE_SHIFT)
+
 /*
  * User gs save/restore
  *
@@ -213,8 +215,19 @@
 
 .endm
 
-.macro SAVE_ALL_NMI
+.macro SAVE_ALL_NMI cr3_reg:req
 	SAVE_ALL
+
+	/*
+	 * Now switch the CR3 when PTI is enabled.
+	 *
+	 * We can enter with either user or kernel cr3, the code will
+	 * store the old cr3 in \cr3_reg and switches to the kernel cr3
+	 * if necessary.
+	 */
+	SWITCH_TO_KERNEL_CR3 scratch_reg=\cr3_reg
+
+.Lend_\@:
 .endm
 /*
  * This is a sneaky trick to help the unwinder find pt_regs on the stack.  The
@@ -262,7 +275,23 @@
 	POP_GS_EX
 .endm
 
-.macro RESTORE_ALL_NMI pop=0
+.macro RESTORE_ALL_NMI cr3_reg:req pop=0
+	/*
+	 * Now switch the CR3 when PTI is enabled.
+	 *
+	 * We enter with kernel cr3 and switch the cr3 to the value
+	 * stored on \cr3_reg, which is either a user or a kernel cr3.
+	 */
+	ALTERNATIVE "jmp .Lswitched_\@", "", X86_FEATURE_PTI
+
+	testl	$PTI_SWITCH_MASK, \cr3_reg
+	jz	.Lswitched_\@
+
+	/* User cr3 in \cr3_reg - write it to hardware cr3 */
+	movl	\cr3_reg, %cr3
+
+.Lswitched_\@:
+
 	RESTORE_REGS pop=\pop
 .endm
 
@@ -1333,7 +1362,7 @@ ENTRY(nmi)
 #endif
 
 	pushl	%eax				# pt_regs->orig_ax
-	SAVE_ALL_NMI
+	SAVE_ALL_NMI cr3_reg=%edi
 	ENCODE_FRAME_POINTER
 	xorl	%edx, %edx			# zero error code
 	movl	%esp, %eax			# pt_regs pointer
@@ -1361,7 +1390,7 @@ ENTRY(nmi)
 
 .Lnmi_return:
 	CHECK_AND_APPLY_ESPFIX
-	RESTORE_ALL_NMI pop=4
+	RESTORE_ALL_NMI cr3_reg=%edi pop=4
 	jmp	.Lirq_return
 
 #ifdef CONFIG_X86_ESPFIX32
@@ -1377,12 +1406,12 @@ ENTRY(nmi)
 	pushl	16(%esp)
 	.endr
 	pushl	%eax
-	SAVE_ALL_NMI
+	SAVE_ALL_NMI cr3_reg=%edi
 	ENCODE_FRAME_POINTER
 	FIXUP_ESPFIX_STACK			# %eax == %esp
 	xorl	%edx, %edx			# zero error code
 	call	do_nmi
-	RESTORE_ALL_NMI
+	RESTORE_ALL_NMI cr3_reg=%edi
 	lss	12+4(%esp), %esp		# back to espfix stack
 	jmp	.Lirq_return
 #endif
-- 
2.7.4