Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3259673pxb;
        Mon, 9 Nov 2020 06:48:01 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxpulekns41ejVhJnwJmvN18WhxMwwYK/aHQnWdoodYho7nmLhOxcsrwMfUKeJMQ9TJwmDU
X-Received: by 2002:a17:906:a052:: with SMTP id bg18mr2815253ejb.550.1604933281682;
        Mon, 09 Nov 2020 06:48:01 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1604933281; cv=none;
        d=google.com; s=arc-20160816;
        b=jcivYQ7r7sfSfCKhJLQZh7GmO5/YNMCUf+FABO+wvy6HDEjELGPgX/1k3jC8FTQPQ5
         6CxtRn+gn1V9Bpnnr5XEBNxX9cMriWL+pP4Nu/8p/nvc4s9Yf5tFRdr24fDj6qJru3ie
         4gtbkcDSDOjZXR0smz5uqEwDuOkuSUsiXX86MJJzBZd7Uhse7ESuAEQI+JyTQZfH7nKE
         mf3bipGUfYZsC0lXOYuc3Vp4+WLsHrn/5wZ9ptkfIxA7wGqJXmFYnkgjTjhN2SRWXnlP
         HBqUd2qiDX7+UGntfhy/0u2A8sZkToSxq6I/04vpePF3EsURroZoHDSoH8uR0WernLqZ
         L2Jg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:references:in-reply-to:message-id:date:subject
         :cc:to:from:dkim-signature;
        bh=NqYAtGUsRpznGmvP3IrcpJ35Lu8QH+UzxHx+wAvsNkk=;
        b=z381NEa/Ll/91Hd62fgyYJf8o/RI9VCfKk8Yyoj7RLmioK7CBX8Sxht17mqDG7t7Ga
         qRkXQJgkczPUn04Ar5l+Z5f45/xIKy3v2Wp5KkbH3bzfKgxUJtaylVGNNp5lfhnZcmxZ
         eP8hj5rOBg/ouxBpmpL3wAyrkCZ7ar8iRqS10g1b8caKIBO/W/ifNrXnr6Py8DJN3Qle
         Hrh73VAN4ogl3zCOa3twPJ9b5LqkEOfPLvqf9x9YueSjFOsRkBlUzN60EBx1b5yJAmUD
         AbgrqGGoUljZrOMGxRV9obBz05PIpxy7DzLxNvMFTlr/PUVqkbOK3x/mrI0DxTBVHOII
         GrCQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=XjoOWBPd;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id r22si3188046edw.453.2020.11.09.06.47.38;
        Mon, 09 Nov 2020 06:48:01 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=XjoOWBPd;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731881AbgKIOnY (ORCPT <rfc822;patchstalker@gmail.com>
        + 99 others); Mon, 9 Nov 2020 09:43:24 -0500
Received: from userp2120.oracle.com ([156.151.31.85]:34564 "EHLO
        userp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1731621AbgKIOnX (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 9 Nov 2020 09:43:23 -0500
Received: from pps.filterd (userp2120.oracle.com [127.0.0.1])
        by userp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 0A9EZHA2084266;
        Mon, 9 Nov 2020 14:43:02 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc :
 subject : date : message-id : in-reply-to : references; s=corp-2020-01-29;
 bh=NqYAtGUsRpznGmvP3IrcpJ35Lu8QH+UzxHx+wAvsNkk=;
 b=XjoOWBPdkpim5uWhFGdi41H7y0UdldU09YsOdhzTWoIb7em1AvOHv2HGljC+l3ztPA81
 rcA80J5BMvDK7abYRcfWAC4PoD8C7BAPKu0tG1RseXKloNGdTBXqypWV46v6aHGedq7J
 DlkQzaBspOh4qoUZAASkM0T6E4kZZCGsIvm7tTxx6gah8jXtMgnhzbg6aZd56RDL2AQJ
 TfAhPrZaxNWsEFmpi5hi61bZI1LMTJfBZwcJbif5Zwdv5hq4xlyB1M0GLdQYZ3yVbXVK
 HXlzJ/CUQLmjP0lgLHFZS4v9dQ94J7qwYyUDO0fZl0u/i/V1YkmSiHy2pgB3REiALUdn 5g== 
Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80])
        by userp2120.oracle.com with ESMTP id 34p72ecdy7-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL);
        Mon, 09 Nov 2020 14:43:01 +0000
Received: from pps.filterd (userp3030.oracle.com [127.0.0.1])
        by userp3030.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 0A9Ee4TA154520;
        Mon, 9 Nov 2020 14:43:01 GMT
Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75])
        by userp3030.oracle.com with ESMTP id 34p5gvbbfd-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Mon, 09 Nov 2020 14:43:01 +0000
Received: from abhmp0009.oracle.com (abhmp0009.oracle.com [141.146.116.15])
        by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id 0A9EgxVQ023815;
        Mon, 9 Nov 2020 14:42:59 GMT
Received: from linux.nl.oracle.com (/10.175.27.128)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Mon, 09 Nov 2020 06:42:59 -0800
From:   Alexandre Chartre <alexandre.chartre@oracle.com>
To:     tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com,
        x86@kernel.org, dave.hansen@linux.intel.com, luto@kernel.org,
        peterz@infradead.org, linux-kernel@vger.kernel.org,
        thomas.lendacky@amd.com, jroedel@suse.de
Cc:     konrad.wilk@oracle.com, jan.setjeeilers@oracle.com,
        junaids@google.com, oweisse@google.com, rppt@linux.vnet.ibm.com,
        graf@amazon.de, mgross@linux.intel.com, kuzuno@gmail.com,
        alexandre.chartre@oracle.com
Subject: [RFC][PATCH 10/24] x86/pti: Introduce per-task PTI trampoline stack
Date:   Mon,  9 Nov 2020 15:44:11 +0100
Message-Id: <20201109144425.270789-11-alexandre.chartre@oracle.com>
X-Mailer: git-send-email 2.18.4
In-Reply-To: <20201109144425.270789-1-alexandre.chartre@oracle.com>
References: <20201109144425.270789-1-alexandre.chartre@oracle.com>
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9799 signatures=668682
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 mlxlogscore=933 mlxscore=0
 spamscore=0 phishscore=0 adultscore=1 malwarescore=0 suspectscore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000
 definitions=main-2011090103
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9799 signatures=668682
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 mlxlogscore=925 mlxscore=0
 malwarescore=0 suspectscore=0 lowpriorityscore=0 adultscore=0 phishscore=0
 priorityscore=1501 spamscore=0 impostorscore=0 clxscore=1015
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000
 definitions=main-2011090102
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Double the size of the kernel stack when using PTI. The entire stack
is mapped into the kernel address space, and the top half of the stack
(the PTI stack) is also mapped into the user address space.

The PTI stack will be used as a per-task trampoline stack instead of
the current per-cpu trampoline stack. This will allow running more
code on the trampoline stack, in particular code that schedules the
task out.

Signed-off-by: Alexandre Chartre <alexandre.chartre@oracle.com>
---
 arch/x86/include/asm/page_64_types.h | 36 +++++++++++++++++++++++++++-
 arch/x86/include/asm/processor.h     |  3 +++
 2 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/page_64_types.h b/arch/x86/include/asm/page_64_types.h
index 3f49dac03617..733accc20fdb 100644
--- a/arch/x86/include/asm/page_64_types.h
+++ b/arch/x86/include/asm/page_64_types.h
@@ -12,7 +12,41 @@
 #define KASAN_STACK_ORDER 0
 #endif
 
-#define THREAD_SIZE_ORDER	(2 + KASAN_STACK_ORDER)
+#ifdef CONFIG_PAGE_TABLE_ISOLATION
+/*
+ * PTI doubles the size of the stack. The entire stack is mapped into
+ * the kernel address space. However, only the top half of the stack is
+ * mapped into the user address space.
+ *
+ * On syscall or interrupt, user mode enters the kernel with the user
+ * page-table, and the stack pointer is switched to the top of the
+ * stack (which is mapped in the user address space and in the kernel).
+ * The syscall/interrupt handler will then later decide when to switch
+ * to the kernel address space, and to switch to the top of the kernel
+ * stack which is only mapped in the kernel.
+ *
+ *   +-------------+
+ *   |             | ^                       ^
+ *   | kernel-only | | KERNEL_STACK_SIZE     |
+ *   |    stack    | |                       |
+ *   |             | V                       |
+ *   +-------------+ <- top of kernel stack  | THREAD_SIZE
+ *   |             | ^                       |
+ *   | kernel and  | | KERNEL_STACK_SIZE     |
+ *   | PTI stack   | |                       |
+ *   |             | V                       v
+ *   +-------------+ <- top of stack
+ */
+#define PTI_STACK_ORDER 1
+#else
+#define PTI_STACK_ORDER 0
+#endif
+
+#define KERNEL_STACK_ORDER 2
+#define KERNEL_STACK_SIZE (PAGE_SIZE << KERNEL_STACK_ORDER)
+
+#define THREAD_SIZE_ORDER	\
+	(KERNEL_STACK_ORDER + PTI_STACK_ORDER + KASAN_STACK_ORDER)
 #define THREAD_SIZE  (PAGE_SIZE << THREAD_SIZE_ORDER)
 
 #define EXCEPTION_STACK_ORDER (0 + KASAN_STACK_ORDER)
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
index 82a08b585818..47b1b806535b 100644
--- a/arch/x86/include/asm/processor.h
+++ b/arch/x86/include/asm/processor.h
@@ -769,6 +769,9 @@ static inline void spin_lock_prefetch(const void *x)
 
 #define task_top_of_stack(task) ((unsigned long)(task_pt_regs(task) + 1))
 
+#define task_top_of_kernel_stack(task) \
+	((void *)(((unsigned long)task_stack_page(task)) + KERNEL_STACK_SIZE))
+
 #define task_pt_regs(task) \
 ({									\
 	unsigned long __ptr = (unsigned long)task_stack_page(task);	\
-- 
2.18.4