Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp381910ybi; Fri, 7 Jun 2019 09:34:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqwh4DTG9YH3eIqOiGte7smNr5bevcexc7I5v79xJnXXqLlSDmSVQr4vwRvq1xFTiUq+EuzQ X-Received: by 2002:a63:2ac9:: with SMTP id q192mr3698748pgq.144.1559925241577; Fri, 07 Jun 2019 09:34:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559925241; cv=none; d=google.com; s=arc-20160816; b=n26fcvbQfErC/7rg6N2JgQcENjy6DpA10LJLjombRXXfqdNpIVMmzMMvoP24ws1ps8 +HiGYxlFpsDvznIJqfRk0EAamCQkkqhC2RFkl4cumo3JfAfcWIIkctjOjeAaK/PH66RI s3H7dhoHw03kzrVLiTPOfdbF+r+QaDES0gdL/r0aTswfoSycc3u+Vgv5+adS1FQF0ANj Cc+67XiRZc02vHz0LI52jx7e51rQpUKB7VPifICLmMm+rOfGuS3pSk0tEmn0hU/FlFD/ /jRR8Zt0QRiYWHtRurLWfLn3JFC4ToeTiXu4AnZvmXrIEefRzyvwLRZTj9fl1med06v7 57UA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id; bh=i6gPtKa21V7fgo0pFXUO7mMvi7LOZQA2rvkWN6EKcuQ=; b=zjSzln66Rvs6gKuTxIpVPJZpMEka5hfpQId8OUopLR9Yej1jZ1DbZyBWQ+YwZF1flX g9uGS3d0jDpz8ZDXJz+iw7AIP78YbfVp4dbN0wlHFM9b/8AKw5UvcRbWmBgTLU1ipg10 AvEnXLef6cGtU/AiUyGTrFK69hCc0dsuQYO9KS8CawAgpjLBQ//hJbP6eZXEQG2MFPZB oCwJhjK9q5Y7hvieaJg+Mac4BnVrlBI1bH4AJzGbVoblr30/nzRWpjYO9kT5oMur29Ia wkF9gobbojjPJNq18e73XtSPMVpTvnzQIRTLY8EhX7uhfYfRLSnRnY3ZeDpebTWpZWCV 8JjQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y6si2400246pgs.342.2019.06.07.09.33.44; Fri, 07 Jun 2019 09:34:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730734AbfFGQbp (ORCPT + 99 others); Fri, 7 Jun 2019 12:31:45 -0400 Received: from mga17.intel.com ([192.55.52.151]:57251 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728595AbfFGQbp (ORCPT ); Fri, 7 Jun 2019 12:31:45 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jun 2019 09:31:45 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.63,563,1557212400"; d="scan'208";a="182722617" Received: from yyu32-desk1.sc.intel.com ([143.183.136.147]) by fmsmga002.fm.intel.com with ESMTP; 07 Jun 2019 09:31:44 -0700 Message-ID: Subject: Re: [PATCH v7 03/14] x86/cet/ibt: Add IBT legacy code bitmap setup function From: Yu-cheng Yu To: Peter Zijlstra Cc: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin Date: Fri, 07 Jun 2019 09:23:43 -0700 In-Reply-To: <20190607080832.GT3419@hirez.programming.kicks-ass.net> References: <20190606200926.4029-1-yu-cheng.yu@intel.com> <20190606200926.4029-4-yu-cheng.yu@intel.com> <20190607080832.GT3419@hirez.programming.kicks-ass.net> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.28.1-2 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 2019-06-07 at 10:08 +0200, Peter Zijlstra wrote: > On Thu, Jun 06, 2019 at 01:09:15PM -0700, Yu-cheng Yu wrote: > > Indirect Branch Tracking (IBT) provides an optional legacy code bitmap > > that allows execution of legacy, non-IBT compatible library by an > > IBT-enabled application. When set, each bit in the bitmap indicates > > one page of legacy code. > > > > The bitmap is allocated and setup from the application. > > +int cet_setup_ibt_bitmap(unsigned long bitmap, unsigned long size) > > +{ > > + u64 r; > > + > > + if (!current->thread.cet.ibt_enabled) > > + return -EINVAL; > > + > > + if (!PAGE_ALIGNED(bitmap) || (size > TASK_SIZE_MAX)) > > + return -EINVAL; > > + > > + current->thread.cet.ibt_bitmap_addr = bitmap; > > + current->thread.cet.ibt_bitmap_size = size; > > + > > + /* > > + * Turn on IBT legacy bitmap. > > + */ > > + modify_fpu_regs_begin(); > > + rdmsrl(MSR_IA32_U_CET, r); > > + r |= (MSR_IA32_CET_LEG_IW_EN | bitmap); > > + wrmsrl(MSR_IA32_U_CET, r); > > + modify_fpu_regs_end(); > > + > > + return 0; > > +} > > So you just program a random user supplied address into the hardware. > What happens if there's not actually anything at that address or the > user munmap()s the data after doing this? This function checks the bitmap's alignment and size, and anything else is the app's responsibility. What else do you think the kernel should check? Yu-cheng