Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp9599423ybi; Wed, 10 Jul 2019 13:14:29 -0700 (PDT) X-Google-Smtp-Source: APXvYqzC8tEw6iML42Nj86Aj+QOVZ/kYpBo1b444Jkcw2dkjKqOxq9iU2K0lWw2sfodoCPYIhP8n X-Received: by 2002:a17:90b:d82:: with SMTP id bg2mr178335pjb.87.1562789669670; Wed, 10 Jul 2019 13:14:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562789669; cv=none; d=google.com; s=arc-20160816; b=vF9EglMo8M/yzWJyiytQlm8XyD8PWp8YEEEPhKyIPplcGgf2aSxDeAfYRxOGCrvHrW r5sFw35NN/BsRv9GsiVerwqlSkWjO7OWD/LOWE9CjlYL/owXydysDXh/OsEGA1cxl58C xRq8+G7o+gIkO01vwj9vGfRWfSkFzGNCpdbZ9ygRHfwxSzkiac6xGPFe8ePRX8KjQiPK 9Tw+HVCtANJ1iwB+wt8LFEtetLHyyjQ+k+mu7D4TJkqbCTVJD4yiJMymKpIcWxH4gxu+ +2leluS+UqXve0Zxm2VE31RRSt1Qtd8o5VgBzZoD6UseqqqyeQHR+hhMvQ/fIABT11X1 faYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=MPjEdsVPZt7DoWSDbcV/s7PKpIaQHBUpFxTtGaJkqxU=; b=XG6CWBILroTnA6ZzJJ0mUo2ei+chu8NzLD7wqPUqj1TGruDD67ma+4SvI8u0JSTpv/ UqUHQU8fMm5rr2dysZ4hEImeJo9DgMaecTm7FL/bTo446ZEOwtpFHBvgSRNYldiMa1ke lr+jwsJEfS8XBI0iJVqQv7w1VXCmEEcNQRZweyTFp2+u6S2QOHqSF6tHDmVolB1IbgfL gyvd4QFK3zj19k3o8INWtitv4BmU+O5RWPq6KuVOp9R+8eqeNxQbqhe9zfgZ46rpza3D V8gMAIaPVl1ZAn3PYm7/RrNXHdWWa+xWCXqVK9N2qZlGQR1ij9uYhs9NduMJvAdyYyfB UBCg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v1si3038240pjn.79.2019.07.10.13.14.13; Wed, 10 Jul 2019 13:14:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728102AbfGJUBK (ORCPT + 99 others); Wed, 10 Jul 2019 16:01:10 -0400 Received: from Galois.linutronix.de ([193.142.43.55]:48522 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725832AbfGJUBJ (ORCPT ); Wed, 10 Jul 2019 16:01:09 -0400 Received: from pd9ef1cb8.dip0.t-ipconnect.de ([217.239.28.184] helo=nanos) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1hlIlw-000213-DB; Wed, 10 Jul 2019 22:01:00 +0200 Date: Wed, 10 Jul 2019 22:00:59 +0200 (CEST) From: Thomas Gleixner To: Kees Cook cc: Xi Ruoyao , Peter Zijlstra , Jiri Kosina , Linus Torvalds , Ingo Molnar , Linux List Kernel Mailing , Borislav Petkov , Len Brown , Andrew Morton , "Rafael J. Wysocki" , Tony Luck , Bob Moore , Erik Schmauss , Josh Poimboeuf , Daniel Bristot de Oliveira , Juergen Gross Subject: Re: [PATCH] x86/asm: Move native_write_cr0/3() out of line In-Reply-To: <201907101258.FE97AEC86@keescook> Message-ID: References: <768463eb26a2feb0fcc374fd7f9cc28b96976917.camel@mengyan1223.wang> <20190710134433.GN3402@hirez.programming.kicks-ass.net> <20190710142653.GJ3419@hirez.programming.kicks-ass.net> <201907101258.FE97AEC86@keescook> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 10 Jul 2019, Kees Cook wrote: > On Wed, Jul 10, 2019 at 09:42:46PM +0200, Thomas Gleixner wrote: > > The pinning of sensitive CR0 and CR4 bits caused a boot crash when loading > > the kvm_intel module on a kernel compiled with CONFIG_PARAVIRT=n. > > > > The reason is that the static key which controls the pinning is marked RO > > after init. The kvm_intel module contains a CR4 write which requires to > > update the static key entry list. That obviously does not work when the key > > is in a RO section. > > > > With CONFIG_PARAVIRT enabled this does not happen because the CR4 write > > uses the paravirt indirection and the actual write function is built in. > > > > As the key is intended to be immutable after init, move > > native_write_cr0/3() out of line. > > > > While at it consolidate the update of the cr4 shadow variable and store the > > value right away when the pinning is initialized on a booting CPU. No point > > in reading it back 20 instructions later. This allows to confine the static > > key and the pinning variable to cpu/common and allows to mark them static. > > > > Fixes: 8dbec27a242c ("x86/asm: Pin sensitive CR0 bits") > > Fixes: 873d50d58f67 ("x86/asm: Pin sensitive CR4 bits") > > Reported-by: Linus Torvalds > > Reported-by: Xi Ruoyao > > Signed-off-by: Thomas Gleixner > > Tested-by: Xi Ruoyao > > Thank you for tracking this down and solving it! > > Nit: should be "cr0/4()" in Subject and in paragraph 4. Yeah. My brain is not working today.