Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp11259334imu;
        Thu, 6 Dec 2018 14:21:28 -0800 (PST)
X-Google-Smtp-Source: AFSGD/URx8jP9A+IxWj4kv81VSjzSqCTbDD3GAwWkzIZ2VR7GwslzzX65r/O2NPsc+E8MI2kKFjW
X-Received: by 2002:a63:fa46:: with SMTP id g6mr25694615pgk.18.1544134888005;
        Thu, 06 Dec 2018 14:21:28 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1544134887; cv=none;
        d=google.com; s=arc-20160816;
        b=SZIeki5870aR/WOAsmquoHQ8144NNzxplxt4b9GwJI0RH3gBH3enU0l43iKjikcqiz
         UjshTQ+RF5PW3utWnCmTEBeYcXK1+vIN/AYlG9vzYhWydqgPcNPKM0rbf49Jdl6Dd9Xr
         MAmsSWijdWZB8PEiQLr8d/Mk9jbGTGjQNm22eSXyT6bnWmYT4IPkbNHkPnHJKxAoJz9R
         XLHKzC8KeEJKc1tgQpsVPJcuqkFMlxPJVFyyzga46q37WFaFg4asshUIHIVPrdm9kmCK
         QcCq4k9hN094OhLzVKTRsR9o+F2rB7w2OyOxeHG2yzvr8be9hJvD18Pvv2XViTobSZ8y
         qNgg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=KWhMipNCEiuYfVrqm2so7MhjkO2mNEFlq5OYGeRqGHE=;
        b=Goof+Shv/hv4Ki0Nvig6R4zGN/S6yrEBaPXzpLdnm5af+TLGb0gOW57Hud52JVaWdF
         feBiVoVS6AChIhrg62tkO4yzK5yHnUXCXV9HguZiQEyAT33W+ACJIFz7IfgK5b3/jmqn
         Q35v2rTJLoZNwwJQwZt/2GbJiLYW/jelhlKGJ5zu8yafXSugCvFgRWs8cp9kSokH3qsX
         NZTZz7+5iFhz+VKLYNP0FmK0gvFZ12jY/iGfwL3Vy9/1ltpjdw4rELS2H7NsHRN3HJyN
         DPGK6iWcZQALyHvFXM02wmXqOAIEhk1SEv0bfnI7AOSSQdrnTOkpZ6bBmefdHxg/yASi
         nIbQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m7si1534393pfc.118.2018.12.06.14.21.12;
        Thu, 06 Dec 2018 14:21:27 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726153AbeLFWTd (ORCPT <rfc822;peterpeng024@gmail.com>
        + 99 others); Thu, 6 Dec 2018 17:19:33 -0500
Received: from mga06.intel.com ([134.134.136.31]:39981 "EHLO mga06.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1725939AbeLFWTb (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 6 Dec 2018 17:19:31 -0500
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga008.jf.intel.com ([10.7.209.65])
  by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Dec 2018 14:19:28 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.56,324,1539673200"; 
   d="scan'208";a="99313298"
Received: from sjchrist-coffee.jf.intel.com ([10.54.74.154])
  by orsmga008.jf.intel.com with ESMTP; 06 Dec 2018 14:19:28 -0800
From:   Sean Christopherson <sean.j.christopherson@intel.com>
To:     Andy Lutomirski <luto@kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        x86@kernel.org, Dave Hansen <dave.hansen@linux.intel.com>,
        Peter Zijlstra <peterz@infradead.org>
Cc:     "H. Peter Anvin" <hpa@zytor.com>, linux-kernel@vger.kernel.org,
        Andy Lutomirski <luto@amacapital.net>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Josh Triplett <josh@joshtriplett.org>
Subject: [RFC PATCH v2 2/4] x86/fault: Attempt to fixup unhandled #PF in vDSO before signaling
Date:   Thu,  6 Dec 2018 14:19:20 -0800
Message-Id: <20181206221922.31012-3-sean.j.christopherson@intel.com>
X-Mailer: git-send-email 2.19.2
In-Reply-To: <20181206221922.31012-1-sean.j.christopherson@intel.com>
References: <20181206221922.31012-1-sean.j.christopherson@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Call fixup_vdso_exception() in the SIGSEGV and SIGBUS paths of the
page fault handler immediately prior to signaling.  If the fault is
fixed, return cleanly and do not generate a signal.

The goal of vDSO fixup is not to fixup all faults, nor is it to avoid
all signals, but rather to report faults directly to userspace when the
fault would otherwise directly result in a signal being sent to the
process.  For example, a page fault that points to valid user memory
that happened to be swapped out should not trigger fixup, i.e. should
not be reported to userspace.

In the SIGSEGV flow, make sure to call fixup_vdso_exception() after
the error code has been sanitized.

Suggested-by: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/mm/fault.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index 2ff25ad33233..ff1cb10858d5 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -28,6 +28,7 @@
 #include <asm/mmu_context.h>		/* vma_pkey()			*/
 #include <asm/efi.h>			/* efi_recover_from_page_fault()*/
 #include <asm/desc.h>			/* store_idt(), ...		*/
+#include <asm/vdso.h>			/* fixup_vdso_exception()	*/
 
 #define CREATE_TRACE_POINTS
 #include <asm/trace/exceptions.h>
@@ -928,6 +929,9 @@ __bad_area_nosemaphore(struct pt_regs *regs, unsigned long error_code,
 		if (address >= TASK_SIZE_MAX)
 			error_code |= X86_PF_PROT;
 
+		if (fixup_vdso_exception(regs, X86_TRAP_PF, error_code, address))
+			return;
+
 		if (likely(show_unhandled_signals))
 			show_signal_msg(regs, error_code, address, tsk);
 
@@ -1045,6 +1049,9 @@ do_sigbus(struct pt_regs *regs, unsigned long error_code, unsigned long address,
 	if (is_prefetch(regs, error_code, address))
 		return;
 
+	if (fixup_vdso_exception(regs, X86_TRAP_PF, error_code, address))
+		return;
+
 	set_signal_archinfo(address, error_code);
 
 #ifdef CONFIG_MEMORY_FAILURE
-- 
2.19.2