Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3798138pxf; Mon, 22 Mar 2021 15:48:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzHz4waNCTg/vKuGqzB94TWmYoFl/3RbcgFmogvHVRffhwvgAQ+FlrDE9Br0vnfAFyTfWqi X-Received: by 2002:aa7:c804:: with SMTP id a4mr1750800edt.251.1616453302029; Mon, 22 Mar 2021 15:48:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616453302; cv=none; d=google.com; s=arc-20160816; b=yj4KuEfGBuoCRS+t9gpx+8jnjC+mzGiXRZIYwse6XlvJkEdRC7fFY/ShG0m20lnzh/ PBx7vCQCF2PzyKrf6u5GBoph0qVwfxL418fpcam3okn5lUhIU5klN5+rOKk/oZpZQq5g F9ZPaPGUbuYgH9uUbn0Phu/BbjDbBp+MDiseJlVu4jWX7/rNFjNO2v6nlzgFo3y0WpSG aZc+QEXvbS8T7BoLiguAcevbThHhiixoasAeJPtPSOa1OqIYCTCddKM/JIdBafhCC+vU o4AgzTLxmF1Sc/n+C/hHuqpD2pv8Wq6ipxRwobYEN9XYVa2YBFcM4dodL3mks7nW70yZ 9/BA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :ironport-sdr:ironport-sdr; bh=FmVIVJNAUKp0DGWZ8xGm9zYccelpe6B7bHOVTyLuokA=; b=g+H2b4inAEra/0XCwA6lLHPK34ciuhvGD5puqHqDeysnSihFr1jroTcyUBa6KUWWD/ ViS5XBjZoo+r7YwKwyykZbKZ+YddzBarSqKoQTjTCE7wGcwcNkchtFtZCyFGrSk60iE+ i8UpCLgMfqUNtbMhhVrDeWVwog85edqs10MMVYC8S6I7Aw2sq+98Y6Fjz6yP3GAuN+H1 kF0ETaZopOg9TStfle+5r3chZG5m2FkssJfhD8ffJKnxqWxy/HPgBdaN1qOjcCQQRX6+ 9CgYSAYAIM1nO9BMj2G+3PVNRnTQ8hhdBLK1/Eu/jaRCaf2Hf3AtoffGdUZKJM+ml3wq Pnhw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id kw15si11780070ejc.217.2021.03.22.15.47.59; Mon, 22 Mar 2021 15:48:22 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229995AbhCVWpB (ORCPT + 99 others); Mon, 22 Mar 2021 18:45:01 -0400 Received: from mga09.intel.com ([134.134.136.24]:14973 "EHLO mga09.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229639AbhCVWor (ORCPT ); Mon, 22 Mar 2021 18:44:47 -0400 IronPort-SDR: 3XVnfYDZQ/siAJEUhSG2SPDz5ZYwXlecDBlAHHrpIi0qDlSYjR8dbQs7aau3XWGjID99ntvjyM ZryPIg430LvQ== X-IronPort-AV: E=McAfee;i="6000,8403,9931"; a="190456249" X-IronPort-AV: E=Sophos;i="5.81,269,1610438400"; d="scan'208";a="190456249" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Mar 2021 15:44:46 -0700 IronPort-SDR: Cs90cP332n3ZwIZ+y9pl7057fKYog23Iah6j7pRk3RlXtypyIKmOoS8gd8Dobj3vdvqWv+XFt4 NCdy85z+Y8mQ== X-IronPort-AV: E=Sophos;i="5.81,269,1610438400"; d="scan'208";a="408012774" Received: from iweiny-desk2.sc.intel.com (HELO localhost) ([10.3.52.147]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Mar 2021 15:44:46 -0700 Date: Mon, 22 Mar 2021 15:44:46 -0700 From: Ira Weiny To: Sean Christopherson Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Andy Lutomirski , Peter Zijlstra , Dan Williams , Dave Hansen , x86@kernel.org, linux-kernel@vger.kernel.org, Fenghua Yu , linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org Subject: Re: [PATCH V4 06/10] x86/fault: Adjust WARN_ON for PKey fault Message-ID: <20210322224446.GQ3014244@iweiny-DESK2.sc.intel.com> References: <20210322053020.2287058-1-ira.weiny@intel.com> <20210322053020.2287058-7-ira.weiny@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.11.1 (2018-12-01) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 22, 2021 at 09:05:43AM -0700, Sean Christopherson wrote: > On Sun, Mar 21, 2021, ira.weiny@intel.com wrote: > > From: Ira Weiny > > > > PKey faults may now happen on kernel mappings if the feature is enabled. > > Remove the warning in the fault path if PKS is enabled. > > When/why can they happen? I read through all the changelogs, as well as the > cover letters for v1 and the RFC, and didn't see any explicit statement about > why pkey faults on supervisor accesses are now "legal". Ok, I have to admit I did not think about documenting this detail... I'll update the commit message a bit more. Prior to this series pkeys were only supported on user page mappings. Therefore seeing a X86_PF_PK error in this path was completely unexpected and warranted the extra WARN_ON to indicate that something went very wrong. > Explaining what happens > later in the page fault handler would also be helpful, e.g. is the flag simply > ignored? Ok I'll do this. But the behavior does not change. The fault is unhandled and results in an Ooops. The only difference is that if PKS is enabled and configured on a kernel mapping the oops is to be expected. > Does it lead directly to OOPS? Yes, the series concludes with it being an ooops unless the test code is running. The behavior does not change from before. I'll more clearly document that... > > Documenting what happens on a PKS #PF in the API patch would be nice to have, too. Ok, yes, good idea. > > > Reviewed-by: Dan Williams > > Signed-off-by: Ira Weiny > > --- > > arch/x86/mm/fault.c | 9 +++++---- > > 1 file changed, 5 insertions(+), 4 deletions(-) > > > > diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c > > index a73347e2cdfc..731ec90ed413 100644 > > --- a/arch/x86/mm/fault.c > > +++ b/arch/x86/mm/fault.c > > @@ -1141,11 +1141,12 @@ do_kern_addr_fault(struct pt_regs *regs, unsigned long hw_error_code, > > unsigned long address) > > { > > /* > > - * Protection keys exceptions only happen on user pages. We > > - * have no user pages in the kernel portion of the address > > - * space, so do not expect them here. > > + * PF_PK is expected on kernel addresses when supervisor pkeys are > > "is expected" can be misinterpreted as "PF is expected on all kernel addresses...". Yes the commit message was more clear by using 'may'. > > This ties in with the lack of an explanation in the changelog. > > > + * enabled. > > It'd be helpful to spell out "Protection keys exceptions" so that random readers > don't need to search for PF_PK to understand what's up. Maybe even use it as an > opportunity to introduce "pkeys", e.g. > > /* Protection keys (pkeys) exceptions are ... */ Fair enough. Will do. I've changed this to: /* * X86_PF_PK (Protection key exceptions) may occur on kernel addresses * when PKS (PKeys Supervisor) are enabled. * * If PKS is not enabled an exception should only happen on user pages. * Because, we have no user pages in the kernel portion of the address * space something must have gone very wrong and we should WARN. */ > > > */ > > - WARN_ON_ONCE(hw_error_code & X86_PF_PK); > > + if (!cpu_feature_enabled(X86_FEATURE_PKS)) > > + WARN_ON_ONCE(hw_error_code & X86_PF_PK); > > Does this generate the same code if the whole thing is thrown in the WARN? E.g. > > WARN_ON_ONCE(!cpu_feature_enabled(X86_FEATURE_PKS) && > (hw_error_code & X86_PF_PK)); I don't know in the general case. But if CONFIG_BUG=n this would be better. I've changed it. Thanks! Ira