Received: by 2002:a25:2c96:0:0:0:0:0 with SMTP id s144csp1510574ybs; Mon, 25 May 2020 18:44:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxjGb1DUDtIp83iDgcENP6RcftZXIHaZn4zs545tehEIguWK7AgndaNhCXSqFBr5SPM0WqT X-Received: by 2002:a17:906:fa84:: with SMTP id lt4mr22184571ejb.318.1590457482715; Mon, 25 May 2020 18:44:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590457482; cv=none; d=google.com; s=arc-20160816; b=W3hJ4bhXIsG3ejYMDaSmBvyGoY4/wj1v7RYKe7clwwyesB9N4o2RhVOaNi2SALhN6D XRld8x5E7zR6zTNCw3h4uLGTHuptWh991Oz5/5bxR3BCzmHKDKEM4tm84PMf30NiEklT MMZoYYb2+YAt4eLb3NsK/Nnv9RwA1PmTnAWdNa/8VYEJ6YVblNLo9Jl9gXK/N9ZNnlre Nkh+3tNc12Tes1cZueB3bHiw6CpAYsIISG+0YhrO+nziuM5rhPuY6Gj+n/SofRbfLG5c 5/nEtxAGfyMcPapo++kDHhNbthIEhpzrDzw7VxYqJ6PlMNGnJoHgmkhWGkwiLN7+xWcq ZEYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=qhP+7vPZRpQh2VjLqCVZqvF7xPE8dBiI+6x0hhJc9Lg=; b=OpL4FuDaoNzAUcHkwf6OECLumbjH24Bbx2cqjQgpLZttCmCoJz5O6GnmbsXFt86n0S a7llS36lAXYrVBo6IFWfvPM1Ka0zw9x3HAIgatO6Wjorv098UyRAGyy4jWXd6nEwelCb frpGz4eTaBuvWhpu6HlNQLMJBDvZvvqfSC0lahYj3wS0F9wpct9xXwnUPaAyV1Q1i7xR AKPnBrhTHwPEzZ9CDABB7QJDG5vYs8PNMcQhayVOLAgXjLUuhIjaq+kJ4aCAVpXN5Hkq 6DCyVyw2HwjYfWXpxFLoKdYFElVkY96HGNx8BAtamnkNXXHwNi1JPpvb8LCBuV0KGxmC 7org== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dj17si10305354edb.556.2020.05.25.18.44.20; Mon, 25 May 2020 18:44:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388439AbgEZBmc (ORCPT + 99 others); Mon, 25 May 2020 21:42:32 -0400 Received: from out30-42.freemail.mail.aliyun.com ([115.124.30.42]:42796 "EHLO out30-42.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387794AbgEZBmc (ORCPT ); Mon, 25 May 2020 21:42:32 -0400 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R201e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e07425;MF=laijs@linux.alibaba.com;NM=1;PH=DS;RN=10;SR=0;TI=SMTPD_---0TzfqUWw_1590457348; Received: from localhost(mailfrom:laijs@linux.alibaba.com fp:SMTPD_---0TzfqUWw_1590457348) by smtp.aliyun-inc.com(127.0.0.1); Tue, 26 May 2020 09:42:29 +0800 From: Lai Jiangshan To: linux-kernel@vger.kernel.org Cc: Lai Jiangshan , Andy Lutomirski , Peter Zijlstra , Thomas Gleixner , x86@kernel.org, Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Alexandre Chartre Subject: [RFC PATCH V2 2/7] x86/hw_breakpoint: Prevent data breakpoints on direct GDT Date: Tue, 26 May 2020 01:42:16 +0000 Message-Id: <20200526014221.2119-3-laijs@linux.alibaba.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200526014221.2119-1-laijs@linux.alibaba.com> References: <20200525152517.GY325280@hirez.programming.kicks-ass.net> <20200526014221.2119-1-laijs@linux.alibaba.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org A data breakpoint on the GDT is terrifying and should be avoided. The GDT on CPU entry area is already protected. The direct GDT should be also protected, although it is seldom used and only used for short time. Cc: Andy Lutomirski Cc: Peter Zijlstra (Intel) Cc: Thomas Gleixner Cc: x86@kernel.org Signed-off-by: Lai Jiangshan --- arch/x86/kernel/hw_breakpoint.c | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/arch/x86/kernel/hw_breakpoint.c b/arch/x86/kernel/hw_breakpoint.c index c149c7b29ac3..f859095c1b6c 100644 --- a/arch/x86/kernel/hw_breakpoint.c +++ b/arch/x86/kernel/hw_breakpoint.c @@ -32,6 +32,7 @@ #include #include #include +#include /* Per cpu debug control register value */ DEFINE_PER_CPU(unsigned long, cpu_dr7); @@ -237,13 +238,26 @@ static inline bool within_area(unsigned long addr, unsigned long end, } /* - * Checks whether the range from addr to end, inclusive, overlaps the CPU - * entry area range. + * Checks whether the range from addr to end, inclusive, overlaps the fixed + * mapped CPU entry area range or other ranges used for CPU entry. */ -static inline bool within_cpu_entry_area(unsigned long addr, unsigned long end) +static inline bool within_cpu_entry(unsigned long addr, unsigned long end) { - return within_area(addr, end, CPU_ENTRY_AREA_BASE, - CPU_ENTRY_AREA_TOTAL_SIZE); + int cpu; + + /* CPU entry erea is always used for CPU entry */ + if (within_area(addr, end, CPU_ENTRY_AREA_BASE, + CPU_ENTRY_AREA_TOTAL_SIZE)) + return true; + + for_each_possible_cpu(cpu) { + /* The original rw GDT is being used after load_direct_gdt() */ + if (within_area(addr, end, (unsigned long)get_cpu_gdt_rw(cpu), + GDT_SIZE)) + return true; + } + + return false; } static int arch_build_bp_info(struct perf_event *bp, @@ -257,12 +271,12 @@ static int arch_build_bp_info(struct perf_event *bp, return -EINVAL; /* - * Prevent any breakpoint of any type that overlaps the - * cpu_entry_area. This protects the IST stacks and also + * Prevent any breakpoint of any type that overlaps the CPU + * entry area and data. This protects the IST stacks and also * reduces the chance that we ever find out what happens if * there's a data breakpoint on the GDT, IDT, or TSS. */ - if (within_cpu_entry_area(attr->bp_addr, bp_end)) + if (within_cpu_entry(attr->bp_addr, bp_end)) return -EINVAL; hw->address = attr->bp_addr; -- 2.20.1