Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1348680imu;
        Thu, 13 Dec 2018 13:34:14 -0800 (PST)
X-Google-Smtp-Source: AFSGD/WwXX8Vwj1O61SZk1ybllrSuZJmTEd7exfwQP3KxPrUNPmXp40OxPgPL4X6waAYURLowKLS
X-Received: by 2002:a17:902:7588:: with SMTP id j8mr411695pll.215.1544736854126;
        Thu, 13 Dec 2018 13:34:14 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1544736854; cv=none;
        d=google.com; s=arc-20160816;
        b=CuOftNTQIq7pu9elec3SbRDoleCzz9GTsWXP6LuwjDk9o8k3np3KK9hBCUK3/P3CAo
         Qmym+vsKrII1LeI1e6VlfgdwaU0lqzgntZLa7qyvZmoEFyys4DkIc+3ImjSXxdJ/p3Kq
         e7LJR72fUdkZXZMcZc0/W1RXp7b334BaQIgmc0NCkNLxM+9pgdiOAXGeT56B/Asyu3QB
         /y/BJYuTXKdrZAG1JuBMQlflS19Ho9KKrudaa12YQsj/EDDPpxsvyUl3BbzdAhjJquBd
         OCFJQdeZdwNUQjicouU1tUxEWqQlXecwJzNmjYBQTiWaPdTbk1iQyfdr0Pt72YBpeTh5
         99IQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=UCTP3B3LPjq1jYPwIVHmF7QYRiKlEDM30BShpirfXAs=;
        b=TGERhRHC9Cx9tb9/4qASKzOIzeamEeFrSUatdT1sIGwYKPFDBB6bUQylAG72eR4YC9
         B+t7QAp/7pQx0/yk2f7kgoWRUi8YnVrPStpDwMH0OODtyBgde+uNSerTloJvGy+vqXg+
         64DDEJHdBcpn55ryC2sgQ8Uk8rIQjZtcVbJ6o1b31VkaCv6GQ+6TPlBR8TfaRcnG6C/H
         +ttK8H+cSwQg7jm2+/WJZhUYKEGqsnbxHgTUFk6J/LrNb4AbxYkCHCE6BUdgsBEsZ3Br
         Zqxcpx5FzDSWYoT/w2q+MGRsDZ517EytTLRtX/ZSM0ARtG+0Ddv38eZ27Eqyk8hEzJwI
         lj4Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w2si2418921pgh.565.2018.12.13.13.33.54;
        Thu, 13 Dec 2018 13:34:14 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728239AbeLMVcF (ORCPT <rfc822;rajatbajpailinux@gmail.com>
        + 99 others); Thu, 13 Dec 2018 16:32:05 -0500
Received: from mga03.intel.com ([134.134.136.65]:43547 "EHLO mga03.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726442AbeLMVbm (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 13 Dec 2018 16:31:42 -0500
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
  by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Dec 2018 13:31:41 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.56,349,1539673200"; 
   d="scan'208";a="127709237"
Received: from sjchrist-coffee.jf.intel.com ([10.54.74.154])
  by fmsmga004.fm.intel.com with ESMTP; 13 Dec 2018 13:31:40 -0800
From:   Sean Christopherson <sean.j.christopherson@intel.com>
To:     Andy Lutomirski <luto@kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        x86@kernel.org, Dave Hansen <dave.hansen@linux.intel.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc:     "H. Peter Anvin" <hpa@zytor.com>, linux-kernel@vger.kernel.org,
        linux-sgx@vger.kernel.org, Andy Lutomirski <luto@amacapital.net>,
        Josh Triplett <josh@joshtriplett.org>,
        Haitao Huang <haitao.huang@linux.intel.com>,
        Jethro Beekman <jethro@fortanix.com>,
        "Dr . Greg Wettstein" <greg@enjellic.com>
Subject: [RFC PATCH v4 2/5] x86/fault: Add helper function to sanitize error code
Date:   Thu, 13 Dec 2018 13:31:32 -0800
Message-Id: <20181213213135.12913-3-sean.j.christopherson@intel.com>
X-Mailer: git-send-email 2.19.2
In-Reply-To: <20181213213135.12913-1-sean.j.christopherson@intel.com>
References: <20181213213135.12913-1-sean.j.christopherson@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

...to prepare for vDSO exception fixup, which will expose the error
code to userspace and runs before set_signal_archinfo(), i.e. squashes
the signal when fixup is successful.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/mm/fault.c | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index 7e8a7558ca07..fefeb745d21d 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -719,18 +719,22 @@ pgtable_bad(struct pt_regs *regs, unsigned long error_code,
 	oops_end(flags, regs, sig);
 }
 
-static void set_signal_archinfo(unsigned long address,
-				unsigned long error_code)
+static void sanitize_error_code(unsigned long address,
+				unsigned long *error_code)
 {
-	struct task_struct *tsk = current;
-
 	/*
 	 * To avoid leaking information about the kernel page
 	 * table layout, pretend that user-mode accesses to
 	 * kernel addresses are always protection faults.
 	 */
 	if (address >= TASK_SIZE_MAX)
-		error_code |= X86_PF_PROT;
+		*error_code |= X86_PF_PROT;
+}
+
+static void set_signal_archinfo(unsigned long address,
+				unsigned long error_code)
+{
+	struct task_struct *tsk = current;
 
 	tsk->thread.trap_nr = X86_TRAP_PF;
 	tsk->thread.error_code = error_code | X86_PF_USER;
@@ -771,6 +775,8 @@ no_context(struct pt_regs *regs, unsigned long error_code,
 		 * faulting through the emulate_vsyscall() logic.
 		 */
 		if (current->thread.sig_on_uaccess_err && signal) {
+			sanitize_error_code(address, &error_code);
+
 			set_signal_archinfo(address, error_code);
 
 			/* XXX: hwpoison faults will set the wrong code. */
@@ -920,13 +926,7 @@ __bad_area_nosemaphore(struct pt_regs *regs, unsigned long error_code,
 		if (is_errata100(regs, address))
 			return;
 
-		/*
-		 * To avoid leaking information about the kernel page table
-		 * layout, pretend that user-mode accesses to kernel addresses
-		 * are always protection faults.
-		 */
-		if (address >= TASK_SIZE_MAX)
-			error_code |= X86_PF_PROT;
+		sanitize_error_code(address, &error_code);
 
 		if (likely(show_unhandled_signals))
 			show_signal_msg(regs, error_code, address, tsk);
@@ -1045,6 +1045,8 @@ do_sigbus(struct pt_regs *regs, unsigned long error_code, unsigned long address,
 	if (is_prefetch(regs, error_code, address))
 		return;
 
+	sanitize_error_code(address, &error_code);
+
 	set_signal_archinfo(address, error_code);
 
 #ifdef CONFIG_MEMORY_FAILURE
-- 
2.19.2