Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp212731imm;
        Fri, 13 Jul 2018 22:05:30 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpdGvl0NNIWoFT+JDcuvflc8ssHJQOkyUvKDVB2Cwfe07Z5iK3n8rAY7PYcoWi3ookkUOTPx
X-Received: by 2002:a17:902:8607:: with SMTP id f7-v6mr9009322plo.138.1531544730499;
        Fri, 13 Jul 2018 22:05:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1531544730; cv=none;
        d=google.com; s=arc-20160816;
        b=V+jW2EgP6mlqWfP04/BoQkvUp2k9i7z6zFmhGNRIvZje9FRP++nq+gJj4qCc8SEToj
         6Ao9+m+KWKymHf6FbbFb/XPVvUFV0JTiy/2Z91iNDIHB8Ap720Il0XdFrzJukQ6Zjoco
         KBoBqSbqPkHeZEA9KVaRCz1XpbwRXuCNOWo8niZkQt32/D04b1EVannMS+3XD1oW0utk
         RUv1DQ8aUk2h2kWVh6pmjzIEcDShUZdiHCYTq37KytEv02MpHU9IJdoTumP20MPUdjAf
         tPp26NIJZd9L/NfpmzSIBoriJzsUhqQdmEZ2uCSj2D7Gpd18QzmmVbkOVZGEyf6lYTrx
         h4vQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=KShcDNghkDZFa9QrwvmxXU4qzruMkNA07zfckcpVkoc=;
        b=aLaPoXIoZcf99q0MUjQZd6WGKn1Nf9ysaJ1BWyWAloL1DroluyDWWJ6g1dCyBe0sHS
         DabhdIpEcnj6I7ofYQeGyK1oz3KHqZxQRSh88t8jR/OZZK1KPECG3yRa79uKSrINe+yR
         GgnnQ4LwpBXhNb1akDGsT2AfmvDezhqEh8p0CiEf8ZoRiR2XA6+HKN63g5YQedGJGLTm
         egiiCrR7PlSxG9PtmYm9/vPT5Y8BqEpLS4rHe3oNhuSZiMCXR55Y+0LHoqrwdcRfWhf4
         ihKzv0xJ0Z7wEuiW4B5zDzE1F1oXlXYmSivYT3/8YYwPuMhKGVgy+uBbrbWfvbaO/GMn
         WENg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g26-v6si22736698pgb.349.2018.07.13.22.05.15;
        Fri, 13 Jul 2018 22:05:30 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1725981AbeGNFWX (ORCPT <rfc822;thunderbird.krnldev@gmail.com>
        + 99 others); Sat, 14 Jul 2018 01:22:23 -0400
Received: from mx2.suse.de ([195.135.220.15]:34538 "EHLO mx1.suse.de"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1725863AbeGNFWW (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 14 Jul 2018 01:22:22 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay1.suse.de (unknown [195.135.220.254])
        by mx1.suse.de (Postfix) with ESMTP id E8D33AE77;
        Sat, 14 Jul 2018 05:04:39 +0000 (UTC)
Date:   Sat, 14 Jul 2018 07:04:37 +0200
From:   Joerg Roedel <jroedel@suse.de>
To:     Andy Lutomirski <luto@kernel.org>
Cc:     Joerg Roedel <joro@8bytes.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@kernel.org>,
        "H . Peter Anvin" <hpa@zytor.com>, X86 ML <x86@kernel.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Linux-MM <linux-mm@kvack.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Dave Hansen <dave.hansen@intel.com>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Juergen Gross <jgross@suse.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Borislav Petkov <bp@alien8.de>, Jiri Kosina <jkosina@suse.cz>,
        Boris Ostrovsky <boris.ostrovsky@oracle.com>,
        Brian Gerst <brgerst@gmail.com>,
        David Laight <David.Laight@aculab.com>,
        Denys Vlasenko <dvlasenk@redhat.com>,
        Eduardo Valentin <eduval@amazon.com>,
        Greg KH <gregkh@linuxfoundation.org>,
        Will Deacon <will.deacon@arm.com>,
        "Liguori, Anthony" <aliguori@amazon.com>,
        Daniel Gruss <daniel.gruss@iaik.tugraz.at>,
        Hugh Dickins <hughd@google.com>,
        Kees Cook <keescook@google.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Waiman Long <llong@redhat.com>, Pavel Machek <pavel@ucw.cz>,
        "David H . Gutteridge" <dhgutteridge@sympatico.ca>
Subject: Re: [PATCH 30/39] x86/mm/pti: Clone entry-text again in
 pti_finalize()
Message-ID: <20180714050437.b4lztahdehaom6el@suse.de>
References: <1531308586-29340-1-git-send-email-joro@8bytes.org>
 <1531308586-29340-31-git-send-email-joro@8bytes.org>
 <CALCETrU9pe03cW2d+=nXy_iLbiYWzX1dU2wYCfHEN4gb69Q_EA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CALCETrU9pe03cW2d+=nXy_iLbiYWzX1dU2wYCfHEN4gb69Q_EA@mail.gmail.com>
User-Agent: NeoMutt/20170421 (1.8.2)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Jul 13, 2018 at 04:21:45PM -0700, Andy Lutomirski wrote:
> On Wed, Jul 11, 2018 at 4:29 AM, Joerg Roedel <joro@8bytes.org> wrote:
> > From: Joerg Roedel <jroedel@suse.de>
> >
> > The mapping for entry-text might have changed in the kernel
> > after it was cloned to the user page-table. Clone again
> > to update the user page-table to bring the mapping in sync
> > with the kernel again.
> 
> Can't we just defer pti_init() until after mark_readonly()?  What am I missing?

I tried that:

	https://lore.kernel.org/lkml/1530618746-23116-1-git-send-email-joro@8bytes.org/

But while testing it turned out that the kernel potentially executes
user-space code already before mark_readonly() has ran. This happens
when some initcall requests a module and the initrd is already
populated. Then usermode-helper kicks in and runs a userspace binary
already. When pti_init() has not run yet the user-space page-table is
completly empty, causing a triple fault when we switch to the user cr3
on the way to user-space.


Regards,

	Joerg