Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1019502imu; Tue, 20 Nov 2018 10:18:31 -0800 (PST) X-Google-Smtp-Source: AFSGD/UmYLup3vsOpeIp63mLMVE9UvYIKkwFiIrK1/xeQK3im5AyTt4xRjYI9YJAzxfqeh9+73ta X-Received: by 2002:a17:902:87:: with SMTP id a7mr2887919pla.239.1542737911273; Tue, 20 Nov 2018 10:18:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542737911; cv=none; d=google.com; s=arc-20160816; b=gPtHbwTdnX2inNzedBEYu1jGKoYNfelGTPZx41hJgwGxatgYRV69koCdOgJE5fXxUg B5StHE0IpFSTjUEAIxKorWgsiPRMEXKlhNTPEgWMuSatfO3rbkdygw5pHsF1SZx5iYHi B5w1ea7YzJIjq/tW1BitAPFbQBoC5oDBRz/BFu3/AmDfjSrC1I/Ixsamm/EjU6dEBI/G iJFsXuvVuPfrVvuHOMv76ao3G2Fnmdv0aqtqllkBS6QTN7Y9H3OSd+fRvOwHmUb3wBUP o7BqaOmE7V2ksHQCB2C5KV1yj7DjrIOfUL4mRWf49QYKdi8TeBtv6G0kG1J7EAQUwZTy sQwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=a0ESArseI06tv3PeCPWEY1tAKFnENTFsvEQ+nSJuSrs=; b=AM1Mbq7/ztKp87uYOjwpdPSXB1uUKbyrY7xxStVih7vImGD/Um3tPkxQuSA8cCBrY/ LadtloD4ppEB+btkzGUOO4Q7DutLGs6avWARC0voRBk3d/Q6qnE8wiTxBDc8G9XaoLgn 8HrZoAaUslm9CObBKGCE8k0RVm4Lljr5YdtOGZI1Zi1mmdI/UZW3ijECKAhX/TnQ7FY+ QANtfnyQYq8v8rMRgBmCKYcCXOE58A6oUqikO5jEl6aI2gSF0Rm3jWCUfKqdzE5JHPZx F1DK3GPSdnQzPS+zDaJDcyTyRP3ZQBzygrcjc6LxiC+ObwxjGlIjXpW+OroolwgM8jdY 8t1g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r28si40155624pgm.317.2018.11.20.10.18.16; Tue, 20 Nov 2018 10:18:31 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728220AbeKUEkK (ORCPT + 99 others); Tue, 20 Nov 2018 23:40:10 -0500 Received: from mga03.intel.com ([134.134.136.65]:39197 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726047AbeKUEkK (ORCPT ); Tue, 20 Nov 2018 23:40:10 -0500 X-Amp-Result: UNSCANNABLE X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Nov 2018 10:09:44 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,257,1539673200"; d="scan'208";a="101804174" Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.154]) by orsmga003.jf.intel.com with ESMTP; 20 Nov 2018 10:09:44 -0800 Date: Tue, 20 Nov 2018 10:09:44 -0800 From: Sean Christopherson To: Jarkko Sakkinen Cc: Andy Lutomirski , Dave Hansen , Jethro Beekman , Florian Weimer , Linux API , Jann Horn , Linus Torvalds , X86 ML , linux-arch , LKML , Peter Zijlstra , Rich Felker , nhorman@redhat.com, npmccallum@redhat.com, "Ayoun, Serge" , shay.katz-zamir@intel.com, linux-sgx@vger.kernel.org, Andy Shevchenko , Thomas Gleixner , Ingo Molnar , Borislav Petkov Subject: Re: RFC: userspace exception fixups Message-ID: <20181120180944.GD31109@linux.intel.com> References: <20181118071548.GA4795@linux.intel.com> <20181119160204.GD13298@linux.intel.com> <20181120101133.GA7319@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20181120101133.GA7319@linux.intel.com> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Nov 20, 2018 at 12:11:33PM +0200, Jarkko Sakkinen wrote: > On Mon, Nov 19, 2018 at 09:00:08AM -0800, Andy Lutomirski wrote: > > On Mon, Nov 19, 2018 at 8:02 AM Jarkko Sakkinen > > wrote: > > > > > > On Mon, Nov 19, 2018 at 07:29:36AM -0800, Andy Lutomirski wrote: > > > > 1. The kernel needs some way to know *when* to apply this fixup. > > > > Decoding the instruction stream and doing it to all exceptions that > > > > hit an ENCLU instruction seems like a poor design. > > > > > > I'm not sure why you would ever need to do any type of fixup as the idea > > > is to just return to AEP i.e. from chosen exceptions (EPCM, #UD) the AEP > > > would work the same way as for exceptions that the kernel can deal with > > > except filling the exception information to registers. > > > > Sure, but how does the kernel know when to do that and when to send a > > signal? I don't really like decoding the instruction stream to figure > > it out. > > Hmm... why you have to decode instruction stream to find that out? Would > just depend on exception type (#GP with EPCM, #UD). #PF w/ PFEC_SGX is the only exception that indicates a fault is related to SGX. Theoretically we could avoid decoding by using a magic value for the AEP itself and doing even more magic fixup, but that wouldn't help for faults that occur on EENTER, which can be generic #GPs due to loss of EPC on SGX1 systems. > Or are you saying > that kernel should need to SIGSEGV if there is in fact ENCLU so that > there is no infinite trap loop? Sorry, I'm a bit lost here that where > does this decoding requirement comes from in the first place. I > understand how it is used in Sean's proposal... > > Anyway, this option can be probably discarded without further > consideration because apparently single stepping can cause #DB SS fault > if AEP handler is anything else than a single instruction. Not that it matters, but we could satisfy the "one instruction" requirement if the fixup changed RIP to point at an ENCLU for #DBs. > For me it seems that by ruling out options, vDSO option is what is > left. I don't like it but at least it works... > > /Jarkko