Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2229175imm;
        Fri, 7 Sep 2018 12:53:16 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdaAeDTyzNK0pyUoUFaV7u5FI2HXmmfsjadMUe6JDu31xLzJ+2yuuiUkCdb4s0rLE0lRjnYH
X-Received: by 2002:a65:4289:: with SMTP id j9-v6mr10059479pgp.284.1536349996027;
        Fri, 07 Sep 2018 12:53:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536349996; cv=none;
        d=google.com; s=arc-20160816;
        b=dHpoYcMBRvHEe4nFBya8Yrfo5JqLyA5aDW+MQtz5GL/dWXnpuoWPuEwCaJQ48q/bAH
         yhkk8UvUc80k3ywqdEKFkOgR0gpZht38xUvcGCbRymJJF4ej1vtKnO20aVAmxA10M+NU
         0uKCkBnH2+aimgCN8+8FPI8maUjOVbosnMcuDtkQ4/lB857j/MwgvifRgvPVhPjKKEoK
         7mv1OLcCJHY8TOVU7JefWtmmcZ63qJUlBj7zVoZUQPJN7fVGzLWrlmFKnjevGYSp2QJp
         SSJRmRTmCNEbF25bjQb7tqjEwqjb3qHcZiFSGzgD3uxfEuLnyzmSD0GvJBuhk8mNMeZU
         6bAA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:in-reply-to:references:date
         :from:cc:to:subject;
        bh=vebdGOgLA2uMZeDiH9ZD22F04yQjfs9M1zgVkmWfv6I=;
        b=v0xv4DX95vqOdkTP/qEsi6/ydHnFHqWNNbWSUqmCa/3RiQx1GIEAjAj9T7lcfhNdFu
         HoKAAKOF+znEZB9s5YLoFP2yS7Q81zYGGgd8E6/DHh/ZpEYrpHHeabY3xXLn15pgK10Z
         rQExEm/A8I1ZT9hAG2MUouEQL63aG/2pcrrVGv+iEv4cqz0cfk+vLyTEaCpWdbUmgghP
         LVJinRkxyx7yndpSenuK1FVlSBAQiNEBUmlX+zGrQUz3eP/09eeg+6ZLSHNdHZ+C/p9k
         QzCBTMEXmLfW99vd0pZvvCeds7KvsdDdcXrYsGGbrtoakXA0PNemrl4HYsSzRusEACjA
         XkzQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id a64-v6si9692932pfb.224.2018.09.07.12.53.00;
        Fri, 07 Sep 2018 12:53:15 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727687AbeIHAeN (ORCPT <rfc822;thunderbird.krnldev@gmail.com>
        + 99 others); Fri, 7 Sep 2018 20:34:13 -0400
Received: from mga04.intel.com ([192.55.52.120]:46709 "EHLO mga04.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727662AbeIHAeM (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 7 Sep 2018 20:34:12 -0400
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga005.jf.intel.com ([10.7.209.41])
  by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Sep 2018 12:51:45 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.53,343,1531810800"; 
   d="scan'208";a="255411716"
Received: from viggo.jf.intel.com (HELO localhost.localdomain) ([10.54.77.144])
  by orsmga005.jf.intel.com with ESMTP; 07 Sep 2018 12:51:33 -0700
Subject: [RFC][PATCH 7/8] x86/mm/vsyscall: consider vsyscall page part of user address space
To:     linux-kernel@vger.kernel.org
Cc:     Dave Hansen <dave.hansen@linux.intel.com>,
        sean.j.christopherson@intel.com, peterz@infradead.org,
        tglx@linutronix.de, x86@kernel.org, luto@kernel.org
From:   Dave Hansen <dave.hansen@linux.intel.com>
Date:   Fri, 07 Sep 2018 12:49:02 -0700
References: <20180907194852.3C351B82@viggo.jf.intel.com>
In-Reply-To: <20180907194852.3C351B82@viggo.jf.intel.com>
Message-Id: <20180907194902.63F36CFE@viggo.jf.intel.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


From: Dave Hansen <dave.hansen@linux.intel.com>

The vsyscall page is weird.  It is in what is traditionally part of the
kernel address space.  But, it has user permissions and we handle faults
on it like we would on a user page: interrupts on.

Right now, we handle vsyscall emulation in the "bad_area" code, which
is used for both user-address-space and kernel-address-space faults.  Move
the handling to the user-address-space code *only* and ensure we get there
by "excluding" the vsyscall page from the kernel address space via a check
in fault_in_kernel_space().

Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Sean Christopherson <sean.j.christopherson@intel.com>
Cc: "Peter Zijlstra (Intel)" <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: x86@kernel.org
Cc: Andy Lutomirski <luto@kernel.org>
---

 b/arch/x86/mm/fault.c |   36 ++++++++++++++++++++++++------------
 1 file changed, 24 insertions(+), 12 deletions(-)

diff -puN arch/x86/mm/fault.c~vsyscall-is-user-address-space arch/x86/mm/fault.c
--- a/arch/x86/mm/fault.c~vsyscall-is-user-address-space	2018-09-07 11:21:48.720751896 -0700
+++ b/arch/x86/mm/fault.c	2018-09-07 11:21:48.724751896 -0700
@@ -873,18 +873,6 @@ __bad_area_nosemaphore(struct pt_regs *r
 		if (is_errata100(regs, address))
 			return;
 
-#ifdef CONFIG_X86_64
-		/*
-		 * Instruction fetch faults in the vsyscall page might need
-		 * emulation.
-		 */
-		if (unlikely((error_code & X86_PF_INSTR) &&
-			     is_vsyscall_vaddr(address))) {
-			if (emulate_vsyscall(regs, address))
-				return;
-		}
-#endif
-
 		/*
 		 * To avoid leaking information about the kernel page table
 		 * layout, pretend that user-mode accesses to kernel addresses
@@ -1192,6 +1180,13 @@ access_error(unsigned long error_code, s
 
 static int fault_in_kernel_space(unsigned long address)
 {
+	/*
+	 * The vsyscall page is at an address above TASK_SIZE_MAX,
+	 * but is not considered part of the kernel address space.
+	 */
+	if (is_vsyscall_vaddr(address))
+		return false;
+
 	return address >= TASK_SIZE_MAX;
 }
 
@@ -1357,6 +1352,23 @@ void do_user_addr_space_fault(struct pt_
 	if (sw_error_code & X86_PF_INSTR)
 		flags |= FAULT_FLAG_INSTRUCTION;
 
+#ifdef CONFIG_X86_64
+	/*
+	 * Instruction fetch faults in the vsyscall page might need
+	 * emulation.  The vsyscall page is at a high address
+	 * (>PAGE_OFFSET), but is considered to be part of the user
+	 * address space.
+	 *
+	 * The vsyscall page does not have a "real" VMA, so do this
+	 * emulation before we go searching for VMAse
+	 */
+	if (unlikely((sw_error_code & X86_PF_INSTR) &&
+		     is_vsyscall_vaddr(address))) {
+		if (emulate_vsyscall(regs, address))
+			return;
+	}
+#endif
+
 	/*
 	 * Kernel-mode access to the user address space should only occur
 	 * inside well-defined areas of code listed in the exception
_