Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp140255imm;
        Fri, 7 Sep 2018 18:20:46 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdYXKg61FQ+UlPORl46b4HEheo8MYnZ1FpOVVqBidtCwO7W3WdDrnSyhfL6QdP8ylUajG6pd
X-Received: by 2002:a17:902:8d95:: with SMTP id v21-v6mr9614651plo.213.1536369646282;
        Fri, 07 Sep 2018 18:20:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536369646; cv=none;
        d=google.com; s=arc-20160816;
        b=hojCstJgruI0IyyTJvUmmyRXku8qta8j5jgmUrUMI9HNUa2EPLQfE2G3lLyGvksXCR
         GhI0lzAOdM+t3i0tqCAwUv8EtvQs2Ww+MEdMkCbQp0ThBtvlGtsOZsZ4iY1yy93Q5NOE
         y3hfHLef2RJd+xLSmCX6nl0DTCCIefedlxdIckKb4CfqM7abe+y+fGwRYolLwt+o0c6V
         qVyLLxWWD1ctXJptLXZtm+uEL2d81+yF1ppKi6Ivj9L19mkPNwJq5IVQ1y7AntLAn+zI
         2S7jsNgjYUWSXsBRXWXjV8Y2z6pWkycRLSEIO4a85X2SjISe9w4ZuBajbmv2ZZR9VSCZ
         RtJQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=gzAFH5NSuWBveeR4MPaOTk11ST2HN8AR5GuWbmgNR8U=;
        b=OqJzYt4r65YkSEhe72feGO2lemXLsXjLHbKnjS0E6SwKVaoDnyFbbsciJGx00jREwy
         6dwiJSP+2fagG5SvlWGJirX2afk44l1I0IoECs3g452LLII8Z093ef5sw9dUQTJg1P6I
         ErTJJMG+RhLzwOdGoLPP1oQjS6J4psep517KdK6yxyiowuC5DkILENbdawXn5teKGlV5
         fElBh/4RQ5c2ciq3J9vT4SApYRWhkPZ++pOFt75hTDvowUhCJyiriOqhGJnfrMiiAzpF
         0lSAl8L14UhBo3WtSTl8WQR+4C4dBontscx8nY7NiqsuT3C5HcTcx9P1KjaUTOxhro6E
         V9Hg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=lGNITIw5;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c3-v6si9883226pfg.181.2018.09.07.18.19.51;
        Fri, 07 Sep 2018 18:20:46 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=lGNITIw5;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726190AbeIHGAN (ORCPT <rfc822;thunderbird.krnldev@gmail.com>
        + 99 others); Sat, 8 Sep 2018 02:00:13 -0400
Received: from mail-oi0-f66.google.com ([209.85.218.66]:41418 "EHLO
        mail-oi0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726002AbeIHGAM (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 8 Sep 2018 02:00:12 -0400
Received: by mail-oi0-f66.google.com with SMTP id k12-v6so30503728oiw.8
        for <linux-kernel@vger.kernel.org>; Fri, 07 Sep 2018 18:16:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=gzAFH5NSuWBveeR4MPaOTk11ST2HN8AR5GuWbmgNR8U=;
        b=lGNITIw5R0JxdBtXHOHOgU+4zh+tfVZgNIlMLw4++KhnHMo6Ds8lXUW9vR9o8Jhrm7
         jUZ//sS9KcyUiRoNMj+AmUD7IcLU0P0dEse9g6xTitTWAusty5XXy/bjtII2BHbivnbO
         v3Kj+G8FnL1GhXr4KHwq+PEYkWRzsxqGJXbjNpQruI86JApNtHSxYxsidYaoUOboAkCA
         4c+ymwqBh47ETFaJqaX8KfeZzjPPsur/f6DJ7/yNeE4Exwfeul/KYFPjwrdrvWF5e+QP
         dTT0b4oyp+DvSjsuDA4QK6v6le6muhpM7imUyb9s/Aek/ktDGhGurUFqYEiBgL9proPx
         cQtg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=gzAFH5NSuWBveeR4MPaOTk11ST2HN8AR5GuWbmgNR8U=;
        b=KJyx8g97yIy4mHECzx6BrjYiN7jt+tyLIH63TNdzLeMUGCDRLoKRGOOS3OyaTESqf7
         08mtTUYUcdfNKeLCM7OmMjjgTn8y5h/yCrSkBC8m+ufSy7RZzT9Td8vWMir29xxCgd19
         HoWvHRoAKnOFxe6gE6tXf6pkGh6zRzUNXueea8rXgTSjU2opMmOHxw+s7w1Eui/eWt5z
         sJ5+ADWtA4jNotU3IEkpvFSbXLIgMpwDKRUrqmbdYLwMIrchaFmnNm0zQayb5JjQXGXW
         kj9dy4qavTFIia0kNzzeaCAFwf5ToFEASIoaz2+925Wg8QFskhreCU4g452jlGjQlynT
         EAUA==
X-Gm-Message-State: APzg51BbMSv2/kCH/sJroqLkdhdQaerZYf8mplfJUsYFSBUR0FgEL1Si
        TcTF8mmiqR+To+dilWPQNvG6dMp3wpBQRVdj4SdkBA==
X-Received: by 2002:aca:c585:: with SMTP id v127-v6mr11036848oif.348.1536369395961;
 Fri, 07 Sep 2018 18:16:35 -0700 (PDT)
MIME-Version: 1.0
References: <20180907194852.3C351B82@viggo.jf.intel.com> <20180907194902.63F36CFE@viggo.jf.intel.com>
In-Reply-To: <20180907194902.63F36CFE@viggo.jf.intel.com>
From:   Jann Horn <jannh@google.com>
Date:   Sat, 8 Sep 2018 03:16:09 +0200
Message-ID: <CAG48ez2e8yJJjHeKRTbu46=5mbssZo84iMinBx6B5BgziDJiVQ@mail.gmail.com>
Subject: Re: [RFC][PATCH 7/8] x86/mm/vsyscall: consider vsyscall page part of
 user address space
To:     Dave Hansen <dave.hansen@linux.intel.com>
Cc:     kernel list <linux-kernel@vger.kernel.org>,
        sean.j.christopherson@intel.com,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        "the arch/x86 maintainers" <x86@kernel.org>,
        Andy Lutomirski <luto@kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat, Sep 8, 2018 at 2:28 AM Dave Hansen <dave.hansen@linux.intel.com> wrote:
> The vsyscall page is weird.  It is in what is traditionally part of the
> kernel address space.  But, it has user permissions and we handle faults
> on it like we would on a user page: interrupts on.
>
> Right now, we handle vsyscall emulation in the "bad_area" code, which
> is used for both user-address-space and kernel-address-space faults.  Move
> the handling to the user-address-space code *only* and ensure we get there
> by "excluding" the vsyscall page from the kernel address space via a check
> in fault_in_kernel_space().
[...]
>  static int fault_in_kernel_space(unsigned long address)
>  {
> +       /*
> +        * The vsyscall page is at an address above TASK_SIZE_MAX,
> +        * but is not considered part of the kernel address space.
> +        */
> +       if (is_vsyscall_vaddr(address))
> +               return false;

I think something should check for "#ifdef CONFIG_X86_64"? 32-bit
doesn't have a vsyscall page, right? And this code probably shouldn't
veer off into the userspace-area fault handling code for addresses in
the range 0xff600000-0xff600fff... what is in that region on 32-bit?
Modules or something like that?
Maybe change is_vsyscall_vaddr() so that it always returns false on
32-bit, or put both the definition of is_vsyscall_vaddr() and this
code behind #ifdef guards.
And, in a separate patch, maybe also #ifdef-guard the definition of
VSYSCALL_ADDR in vsyscall.h? Nothing good is going to result from
making a garbage VSYSCALL_ADDR available to 32-bit code.

> +#ifdef CONFIG_X86_64
> +       /*
> +        * Instruction fetch faults in the vsyscall page might need
> +        * emulation.  The vsyscall page is at a high address
> +        * (>PAGE_OFFSET), but is considered to be part of the user
> +        * address space.
> +        *
> +        * The vsyscall page does not have a "real" VMA, so do this
> +        * emulation before we go searching for VMAse

"VMAse"? Is that a typo?