Received: by 2002:a05:6a10:8395:0:0:0:0 with SMTP id n21csp425881pxh; Wed, 10 Nov 2021 04:04:42 -0800 (PST) X-Google-Smtp-Source: ABdhPJzvlHhdqi/DZMb5GJnYDmf8fHJRximPkGM6tl+43Yd2PTLMZzdku0NwfBff16mZJ516Zt/y X-Received: by 2002:a1c:9a16:: with SMTP id c22mr15444836wme.160.1636545882178; Wed, 10 Nov 2021 04:04:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1636545882; cv=none; d=google.com; s=arc-20160816; b=tTSRUVq48CF5Qe7dwWSAu3J+C8VwWfX1n5r7eKiGoNK4iu3J4qxhyaSmfmx+Ui4YH9 CKLS5peAzS0WvsLao6t8o5PLYOjGc+0AFZsx+jvYLjqE4rlHMECBUt4HJq0SiJtKA1A8 NH9ioO++1naD8gi6cJTaZaLRucOLkW8KYQjPQiZzAoTkynvGEE+3ho6aYOtvukKv5IIl aBnYB/ip+cSt8jjGYS69T4akGJNqqIQjs4svJSt6jt8yU9UiENgq8xbjcta+U6wj7FD/ GZVCsFs4qK9XL15wVb/a+RIlUNJza1uS0PGXeRF1kH0POjLCERWTpJuNJeT+ds3IMd9a YsSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=6L1pAJZsA8SjHBkuS6Qt3v4RFKt+72Ap0HcrabTfxgM=; b=msKA4v817kalZwg3+JfM/Z5kdYyXxlBY7ejxFhm5PVLCKrJrxcw5LbzhV4xBo2WKW9 +KfocvQsmw/XGwhmjWjRnsjjQigFzfiFyW3qjJRaPsfnQzNFuCQ9VEqQIBXVNXvWdqJa QeO14KYIgBWC6oetxBdaWvUSd0Ms2iTMEUV7KZlpZTrXOjE/N5s3Gco24znF5MFKX6o/ CeQ1x5Fpq6URXJ+0dGqutswGU9U+L421+necaZxqmROCd4FS8ZkIv4gtdP4SfASw1zth Aj6cFu8fa0ywcspmjNnklUBC99Y0KR6bRj598KJQtW7emUK3mkHtIyQqnuJsBOCtBpma PtLA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=MTcdHkh5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l1si10038972edi.408.2021.11.10.04.04.16; Wed, 10 Nov 2021 04:04:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=MTcdHkh5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231547AbhKJMD6 (ORCPT + 99 others); Wed, 10 Nov 2021 07:03:58 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35872 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231503AbhKJMDx (ORCPT ); Wed, 10 Nov 2021 07:03:53 -0500 Received: from mail-pg1-x52f.google.com (mail-pg1-x52f.google.com [IPv6:2607:f8b0:4864:20::52f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 07AFDC061764 for ; Wed, 10 Nov 2021 04:01:06 -0800 (PST) Received: by mail-pg1-x52f.google.com with SMTP id q126so2032100pgq.13 for ; Wed, 10 Nov 2021 04:01:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=6L1pAJZsA8SjHBkuS6Qt3v4RFKt+72Ap0HcrabTfxgM=; b=MTcdHkh5uHcdLeKbBYr1Q4ZiyGEzipvh7xFSxVb8C5BIR+urUPaaCCwhVFQQiD6qVW V+eFW1xVzVGYroTw0fJvJgo8yXty2wt5mjfS8f5MLalX9e4wvxV4kS0uvf43kcEKJwIq FyeM14CJkoxXPN2KGZr2Vi6nuPzxqXfgGJJ6TDmIHjvoMP/Ty8w/HKECnyggnQHyBXlG flo3772Wsyj328/zjS9MfzDkhJVaZqL99x9QN6lIuGnryKPSUnU8t5X21LAmsxj2BbDp jClhmKKfTALztZgknWw8P3T7HILHu3+ySdi1pKYJLy3j5zoBnWI9sgHLPMjhLxdx3KH5 BowA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6L1pAJZsA8SjHBkuS6Qt3v4RFKt+72Ap0HcrabTfxgM=; b=nrwn/2D8kJ5o4f2GxGPLZaw/cT824Kr4sYVZ3CPpsagt3aPcAUjXk5pAgvoOLcgCGk apORIFat6MjVj7gUQEs2FdZSnmp0ewwLDB4JYbWQyYUtEN7EeOx8VEmvDEzcFfexiXri m+DrTeI88cpJPXFpStDhGfok+T7bMKB/00oiqFXF48QZduJSkUWarT54KqM7KOw3cRJ+ Sx522NMGsvFIiUCch1CiFYqSJDi5piN5BEUk4qpIAllN2puDyAMPA6rmyjb7J/yqoi64 gjGvY7rSInzrtaEe4v6mDwud55hrzmlGhZSKTEneJCzlILWZjSL//INLZ+peb01PZhvW jHBg== X-Gm-Message-State: AOAM5337IRFjoJ+Be4N9JgFfl8jlP40xJeF91Przlo7biy6tt/K6FATc NVbh+02CQlxMEqxjZuykSLqpvo6gabE= X-Received: by 2002:a05:6a00:b8b:b0:481:16a1:abff with SMTP id g11-20020a056a000b8b00b0048116a1abffmr15326610pfj.77.1636545665301; Wed, 10 Nov 2021 04:01:05 -0800 (PST) Received: from localhost ([198.11.178.15]) by smtp.gmail.com with ESMTPSA id z8sm19006036pgi.45.2021.11.10.04.01.04 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 10 Nov 2021 04:01:04 -0800 (PST) From: Lai Jiangshan To: linux-kernel@vger.kernel.org Cc: x86@kernel.org, Lai Jiangshan , Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH V5 35/50] x86/entry: Add the C version ist_switch_to_kernel_gsbase() Date: Wed, 10 Nov 2021 19:57:21 +0800 Message-Id: <20211110115736.3776-36-jiangshanlai@gmail.com> X-Mailer: git-send-email 2.19.1.6.gb485710b In-Reply-To: <20211110115736.3776-1-jiangshanlai@gmail.com> References: <20211110115736.3776-1-jiangshanlai@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Lai Jiangshan It implements the second half of paranoid_entry() whose functionality is to switch to kernel gsbase. Not functional difference intended. Signed-off-by: Lai Jiangshan --- arch/x86/entry/entry64.c | 47 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/arch/x86/entry/entry64.c b/arch/x86/entry/entry64.c index 3ec145c38e9e..6eb8ccfc5a8b 100644 --- a/arch/x86/entry/entry64.c +++ b/arch/x86/entry/entry64.c @@ -219,3 +219,50 @@ static __always_inline unsigned long get_percpu_base(void) return pcpu_unit_offsets; } #endif + +/* + * Handle GSBASE depends on the availability of FSGSBASE. + * + * Without FSGSBASE the kernel enforces that negative GSBASE + * values indicate kernel GSBASE. With FSGSBASE no assumptions + * can be made about the GSBASE value when entering from user + * space. + */ +static __always_inline unsigned long ist_switch_to_kernel_gsbase(void) +{ + unsigned long gsbase; + + if (static_cpu_has(X86_FEATURE_FSGSBASE)) { + /* + * Read the current GSBASE for return. + * Retrieve and set the current CPUs kernel GSBASE. + * + * The unconditional write to GS base below ensures that + * no subsequent loads based on a mispredicted GS base can + * happen, therefore no LFENCE is needed here. + */ + gsbase = rdgsbase(); + wrgsbase(get_percpu_base()); + return gsbase; + } + + /* + * The above ist_switch_to_kernel_cr3() doesn't do an unconditional + * CR3 write, even in the PTI case. So do an lfence to prevent GS + * speculation, regardless of whether PTI is enabled. + */ + fence_swapgs_kernel_entry(); + + gsbase = __rdmsr(MSR_GS_BASE); + + /* + * The kernel-enforced convention is a negative GSBASE indicates + * a kernel value. No SWAPGS needed on entry and exit. + */ + if ((long)gsbase < 0) + return 1; + + /* User GSBASE active, SWAPGS required on exit */ + native_swapgs(); + return 0; +} -- 2.19.1.6.gb485710b