Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp485321pxb;
        Wed, 18 Nov 2020 09:21:28 -0800 (PST)
X-Google-Smtp-Source: ABdhPJycA21BFB91FTQkOfHjhjfw7aVWPFBjdgyLZ1eNaHFVytFMgzpMd1cz6vw6AFnRCtkfra+s
X-Received: by 2002:a17:906:6d4:: with SMTP id v20mr26983482ejb.500.1605720088631;
        Wed, 18 Nov 2020 09:21:28 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1605720088; cv=none;
        d=google.com; s=arc-20160816;
        b=TCVAGhZdjo8Sd7x5I++NXyBQacJxtCIgvofGdHRMNHF35Jugdcuw/g85HwHVt79HvA
         HAvp6lbdk7eT0E+ow5oIXTCIwRSGr3mJ7jOTMhxMSOhb5XeKI2Jrr90VcC+hJmObSi4b
         6Y0zQqggu1NYm+UNg/azydZOUPkcY66UoAFttQVvUuOxha+Mmby2dHhDnadioUklc7GR
         cvQVRRf/uvzqFmbKzitD9Y2tCbIae/Jghm9BemHEhMNk5bbCXyI/SzmhxuSDw/BJkwEF
         hOc9ivWclLmIrgR71BBaIHbhQGbZ8ElHp0nFkQN9NVN0x93GyYnyRpP8Vv3OD56nK2vC
         EHoA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:robot-unsubscribe
         :robot-id:message-id:mime-version:references:in-reply-to:cc:subject
         :to:reply-to:sender:from:dkim-signature:dkim-signature:date;
        bh=swT9hjKvTnSh3IEXPcnEvqKNzft3sQlBFF1dLtzqDSA=;
        b=M1TTOYJ6bGACIl10nl82NU6vl0g8Hycf9+uQgmrXfp/bIpPwidesW+U4eNG9Jkpf9m
         QQe23k4XAQDPgB6Vwxmp3voNpRnv9p3/xFjZqXUAMV5FOBA6/7Om4LQv9/Wwt8kcPgqS
         bXYvYjzz31AoXZiBKCduv68kTKE8ZcrD0C/WRDKrHqo47HFi3zrHoDpsfDjSM6mAeNVF
         ivrI8d5E6sP+08ALCgaV0lj/W6IJ4lu3NLBu0nOmTKQvF10w6noVA45xUWmskSEYpRZb
         lmtn1W2RsvFfClVouE1mB8iNdKKZ7pJEENeqfaJDZ1QkCedRGMrL8N7HGGrsh5EJcM3U
         0Hmg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=JjD5cEwG;
       dkim=neutral (no key) header.i=@linutronix.de;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id a12si18325736edf.2.2020.11.18.09.21.05;
        Wed, 18 Nov 2020 09:21:28 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=JjD5cEwG;
       dkim=neutral (no key) header.i=@linutronix.de;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728122AbgKRRSY (ORCPT <rfc822;huangweiredhat@gmail.com>
        + 99 others); Wed, 18 Nov 2020 12:18:24 -0500
Received: from Galois.linutronix.de ([193.142.43.55]:56226 "EHLO
        galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728062AbgKRRSX (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 18 Nov 2020 12:18:23 -0500
Date:   Wed, 18 Nov 2020 17:18:19 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020; t=1605719900;
        h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
         message-id:message-id:to:to:cc:cc:mime-version:mime-version:
         content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=swT9hjKvTnSh3IEXPcnEvqKNzft3sQlBFF1dLtzqDSA=;
        b=JjD5cEwGAJbO278c6tJ6+5EenWF+JN8DeKfKBapEL/p0OGTd0Y1Rc4ka4BTsIXD93ZeUVK
        JLjkWSOGh0RZBe3EcVxvlCg434qT92F9tFLiGr+AzmeVDBBSIEZuukA5Hk7wdqI8LmXQHv
        S/ODe0+3LLiz/eVU19V9lrtERBWZ5XF2FIx6DTMcFLC+fdIPqHjNqE7CvLY5+aDNpvyMh/
        6qu68/urXZhfLoT19Uj3n9ei2bSyFBUBcClwcNw/1riHOj3JPWOdOsLpGAGYC9UJfqECpR
        PRiSsETkvXzQmGvoXVyQFvDyoS8jaT+B/v9IItgYBRguQPxmOoeZAPhDAXhMpw==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020e; t=1605719900;
        h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
         message-id:message-id:to:to:cc:cc:mime-version:mime-version:
         content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=swT9hjKvTnSh3IEXPcnEvqKNzft3sQlBFF1dLtzqDSA=;
        b=LOn2dNGSV7g/7KJ2HErNEBuoTM6Tcm66BUMBAyFYQnO3rY7uX6m6wQU1XmMwTpK2IcmYJN
        S4fEjXhqK5K0ZNBg==
From:   "tip-bot2 for Sean Christopherson" <tip-bot2@linutronix.de>
Sender: tip-bot2@linutronix.de
Reply-to: linux-kernel@vger.kernel.org
To:     linux-tip-commits@vger.kernel.org
Subject: [tip: x86/sgx] x86/traps: Attempt to fixup exceptions in vDSO before
 signaling
Cc:     Andy Lutomirski <luto@amacapital.net>,
        Sean Christopherson <sean.j.christopherson@intel.com>,
        Jarkko Sakkinen <jarkko@kernel.org>,
        Borislav Petkov <bp@suse.de>,
        Jethro Beekman <jethro@fortanix.com>, x86@kernel.org,
        linux-kernel@vger.kernel.org
In-Reply-To: <20201112220135.165028-19-jarkko@kernel.org>
References: <20201112220135.165028-19-jarkko@kernel.org>
MIME-Version: 1.0
Message-ID: <160571989988.11244.12199591241291850788.tip-bot2@tip-bot2>
Robot-ID: <tip-bot2.linutronix.de>
Robot-Unsubscribe: Contact <mailto:tglx@linutronix.de> to get blacklisted from these emails
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

The following commit has been merged into the x86/sgx branch of tip:

Commit-ID:     334872a0919890a70cccd00b8e11931020a819be
Gitweb:        https://git.kernel.org/tip/334872a0919890a70cccd00b8e11931020a819be
Author:        Sean Christopherson <sean.j.christopherson@intel.com>
AuthorDate:    Fri, 13 Nov 2020 00:01:29 +02:00
Committer:     Borislav Petkov <bp@suse.de>
CommitterDate: Wed, 18 Nov 2020 18:02:50 +01:00

x86/traps: Attempt to fixup exceptions in vDSO before signaling

vDSO functions can now leverage an exception fixup mechanism similar to
kernel exception fixup.  For vDSO exception fixup, the initial user is
Intel's Software Guard Extensions (SGX), which will wrap the low-level
transitions to/from the enclave, i.e. EENTER and ERESUME instructions,
in a vDSO function and leverage fixup to intercept exceptions that would
otherwise generate a signal.  This allows the vDSO wrapper to return the
fault information directly to its caller, obviating the need for SGX
applications and libraries to juggle signal handlers.

Attempt to fixup vDSO exceptions immediately prior to populating and
sending signal information.  Except for the delivery mechanism, an
exception in a vDSO function should be treated like any other exception
in userspace, e.g. any fault that is successfully handled by the kernel
should not be directly visible to userspace.

Although it's debatable whether or not all exceptions are of interest to
enclaves, defer to the vDSO fixup to decide whether to do fixup or
generate a signal.  Future users of vDSO fixup, if there ever are any,
will undoubtedly have different requirements than SGX enclaves, e.g. the
fixup vs. signal logic can be made function specific if/when necessary.

Suggested-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Jethro Beekman <jethro@fortanix.com>
Link: https://lkml.kernel.org/r/20201112220135.165028-19-jarkko@kernel.org
---
 arch/x86/kernel/traps.c | 10 ++++++++++
 arch/x86/mm/fault.c     |  7 +++++++
 2 files changed, 17 insertions(+)

diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index e19df6c..7798d86 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -60,6 +60,7 @@
 #include <asm/umip.h>
 #include <asm/insn.h>
 #include <asm/insn-eval.h>
+#include <asm/vdso.h>
 
 #ifdef CONFIG_X86_64
 #include <asm/x86_init.h>
@@ -117,6 +118,9 @@ do_trap_no_signal(struct task_struct *tsk, int trapnr, const char *str,
 		tsk->thread.error_code = error_code;
 		tsk->thread.trap_nr = trapnr;
 		die(str, regs, error_code);
+	} else {
+		if (fixup_vdso_exception(regs, trapnr, error_code, 0))
+			return 0;
 	}
 
 	/*
@@ -550,6 +554,9 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection)
 		tsk->thread.error_code = error_code;
 		tsk->thread.trap_nr = X86_TRAP_GP;
 
+		if (fixup_vdso_exception(regs, X86_TRAP_GP, error_code, 0))
+			return;
+
 		show_signal(tsk, SIGSEGV, "", desc, regs, error_code);
 		force_sig(SIGSEGV);
 		goto exit;
@@ -1048,6 +1055,9 @@ static void math_error(struct pt_regs *regs, int trapnr)
 	if (!si_code)
 		goto exit;
 
+	if (fixup_vdso_exception(regs, trapnr, 0, 0))
+		return;
+
 	force_sig_fault(SIGFPE, si_code,
 			(void __user *)uprobe_get_trap_addr(regs));
 exit:
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index 0161d4a..f1f1b5a 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -30,6 +30,7 @@
 #include <asm/cpu_entry_area.h>		/* exception stack		*/
 #include <asm/pgtable_areas.h>		/* VMALLOC_START, ...		*/
 #include <asm/kvm_para.h>		/* kvm_handle_async_pf		*/
+#include <asm/vdso.h>			/* fixup_vdso_exception()	*/
 
 #define CREATE_TRACE_POINTS
 #include <asm/trace/exceptions.h>
@@ -814,6 +815,9 @@ __bad_area_nosemaphore(struct pt_regs *regs, unsigned long error_code,
 
 		sanitize_error_code(address, &error_code);
 
+		if (fixup_vdso_exception(regs, X86_TRAP_PF, error_code, address))
+			return;
+
 		if (likely(show_unhandled_signals))
 			show_signal_msg(regs, error_code, address, tsk);
 
@@ -933,6 +937,9 @@ do_sigbus(struct pt_regs *regs, unsigned long error_code, unsigned long address,
 
 	sanitize_error_code(address, &error_code);
 
+	if (fixup_vdso_exception(regs, X86_TRAP_PF, error_code, address))
+		return;
+
 	set_signal_archinfo(address, error_code);
 
 #ifdef CONFIG_MEMORY_FAILURE