Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp2787681ybk; Mon, 18 May 2020 07:57:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzLOjWYaWh/9dW1qROim/AMTMQO+eLU41+SIPId9ddq6AP9kw9frmys9dHM5PQhm8xvwyjd X-Received: by 2002:a17:906:4ec2:: with SMTP id i2mr15716868ejv.211.1589813862979; Mon, 18 May 2020 07:57:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589813862; cv=none; d=google.com; s=arc-20160816; b=vidXGod0m4nZKJ41laYYdyPhsldbLlpHZDlH2f3ziFuycLuix8iylaPR9V0Yd2/rOG WaalYcpf+2YlKGDF9M4ljuemNK81J+EEQU2JRHcg3UEPg/2L0zulODipn+h6hQ0aarUA DORyNvVolG4fd9SL2wgmUFf9ZwnngXY+O96q3Oiob3Qk2Ti5WCKwtKNq5STXbar+/+ob 4lKHJ4aqVW5LKqMlF5IOjWRtt742O5o+EdnjzbPVhkbQ9XraNeHoEQEcYRvOW8GIG3k1 aT9/3xZhjrAcYtuBKKfmhguTxctD77nuVFzBGkcmJVH7siA3vMLGJN4G/N0aOvvdff32 3quQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from; bh=yhJbM1hmoyviPW+Hag0fH+1VLscW/JdFYv4hyzQZdjc=; b=niFa0DzrClhuQTU0BLI0dcAMn+4ktfcKHfAg96sTJN09RP+712Isn8y45zcIuxt2ok OL/ZqamC9rtAC3TC3bmrvUYXft/vtR7Pw+GHZg0Kdv75riNKuJkN5x2GHwO6pSp8t4XK Xak361RcMbr2lg+KPX9enawnXZi61Y+rWhNj2jz0Z28G2XDEyffYX/dxPGeoIeB+mZwp 1HkT+bKbkLJt1zDNDm1J/MautGITJG+6eLfumq2BoEXDXECO3YEYSScIphYoj6kTrieu 0BTFe0cLDSP1b5OjB5ITGtlTEjU8+cfe4PvS4eLmNoi7+k7Bq9SvKI4D2RCESu6xApb2 GUOQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dh10si4600682edb.311.2020.05.18.07.57.17; Mon, 18 May 2020 07:57:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727903AbgEROxu (ORCPT + 99 others); Mon, 18 May 2020 10:53:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33270 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726918AbgEROxu (ORCPT ); Mon, 18 May 2020 10:53:50 -0400 Received: from Galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 11740C061A0C for ; Mon, 18 May 2020 07:53:50 -0700 (PDT) Received: from p5de0bf0b.dip0.t-ipconnect.de ([93.224.191.11] helo=nanos.tec.linutronix.de) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1jah95-0003jS-Ve; Mon, 18 May 2020 16:53:36 +0200 Received: by nanos.tec.linutronix.de (Postfix, from userid 1000) id 40E77100606; Mon, 18 May 2020 16:53:35 +0200 (CEST) From: Thomas Gleixner To: Sasha Levin , linux-kernel@vger.kernel.org, bp@alien8.de, luto@kernel.org Cc: hpa@zytor.com, dave.hansen@intel.com, tony.luck@intel.com, ak@linux.intel.com, ravi.v.shankar@intel.com, chang.seok.bae@intel.com, Sasha Levin , x86@kernel.org Subject: Re: [PATCH v12 00/18] Enable FSGSBASE instructions In-Reply-To: <20200511045311.4785-1-sashal@kernel.org> References: <20200511045311.4785-1-sashal@kernel.org> Date: Mon, 18 May 2020 16:53:35 +0200 Message-ID: <871rnhxpjk.fsf@nanos.tec.linutronix.de> MIME-Version: 1.0 Content-Type: text/plain X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Cc: +x86@kernel.org .... Sasha Levin writes: > Benefits: > Currently a user process that wishes to read or write the FS/GS base must > make a system call. But recent X86 processors have added new instructions > for use in 64-bit mode that allow direct access to the FS and GS segment > base addresses. The operating system controls whether applications can > use these instructions with a %cr4 control bit. > > In addition to benefits to applications, performance improvements to the > OS context switch code are possible by making use of these instructions. A > third party reported out promising performance numbers out of their > initial benchmarking of the previous version of this patch series [9]. > > Enablement check: > The kernel provides information about the enabled state of FSGSBASE to > applications using the ELF_AUX vector. If the HWCAP2_FSGSBASE bit is set in > the AUX vector, the kernel has FSGSBASE instructions enabled and > applications can use them. > > Kernel changes: > Major changes made in the kernel are in context switch, paranoid path, and > ptrace. In a context switch, a task's FS/GS base will be secured regardless > of its selector. In the paranoid path, GS base is unconditionally > overwritten to the kernel GS base on entry and the original GS base is > restored on exit. Ptrace includes divergence of FS/GS index and base > values. > > Security: > For mitigating the Spectre v1 SWAPGS issue, LFENCE instructions were added > on most kernel entries. Those patches are dependent on previous behaviors > that users couldn't load a kernel address into the GS base. These patches > change that assumption since the user can load any address into GS base. > The changes to the kernel entry path in this patch series take account of > the SWAPGS issue.