Received: by 2002:a05:6a10:8395:0:0:0:0 with SMTP id n21csp426072pxh; Wed, 10 Nov 2021 04:04:50 -0800 (PST) X-Google-Smtp-Source: ABdhPJx7gxvmHFB8WXeAK8+JWNimQJ4P2cPIBMvU59RnPXGL+LW+wlyHgWxqXty0SKxCw7kSHEj5 X-Received: by 2002:a17:906:b50:: with SMTP id v16mr20395238ejg.384.1636545889867; Wed, 10 Nov 2021 04:04:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1636545889; cv=none; d=google.com; s=arc-20160816; b=SBt7PE/o1LzkSbrrxmfSmocWD27lAjvUyUTuC1wZeplIxp7F6uya1xYjvf/kYkZg27 Z93EIHEFFSOvIDFT50VaoM0o+5WGYYkl+R3LhAHPluFaHH82D0BNjN5G7sRuFlgXnT/H 1M9SmMqeEd9umLecVRLyQU1EnqQJuFZiASvQLM8770DzHXQ3S8CwrFuWD99CZGKHtUVy Tv6/NyO4VOAwkZ8C08gTxD0kCN6HJ3jsngYdq2TcHozzqdg+2ZWNOYmxpZDmWxSCVBML IqrGaO+7XJLe3AKxMTfmfn4NsmD/2B9UnBAYPVCNeif8lUWJ9odcTqi7iUBGT8bw8rWz u8bw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=A982NPXSnTHpaqDF66iHMWDvT97siE6iPVMBlzTV53s=; b=F/WiWfzwt9oWcL82Ya8NS8EVO+ByaS87uPx07heREuj44YplPNnyBgJX08IcyQALJQ vynmUWRE66MwvdHytsJVFSBQJUhnwCwd8ioUOc/zPGaNi3iMZZ19Ec7fcFAiLoDMeWzP LWWC4a0Ip+pwmqQZsrD68CHZH28SE+vfrxCmpEV2RupMrgyjhtJFzIYKigLHx9Ubr2lE NfBgQJtz1BlFU5wGakbE4S7MuyvYnefSpr3RCJHC22O+fHi33v6zGrVvhm0XI2fl/ao9 pFTbqpwD6qy3JmoPc1kVgBG0K/19k9p46eqhKJv7blLpvGiMSAO3D4KgiVP+7hU7EYyE s5gQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=CXgC2WyX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h15si30584009edb.189.2021.11.10.04.04.22; Wed, 10 Nov 2021 04:04:49 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=CXgC2WyX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231503AbhKJMEE (ORCPT + 99 others); Wed, 10 Nov 2021 07:04:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36116 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231458AbhKJMEA (ORCPT ); Wed, 10 Nov 2021 07:04:00 -0500 Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F35EDC061764 for ; Wed, 10 Nov 2021 04:01:12 -0800 (PST) Received: by mail-pl1-x635.google.com with SMTP id b13so2850700plg.2 for ; Wed, 10 Nov 2021 04:01:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=A982NPXSnTHpaqDF66iHMWDvT97siE6iPVMBlzTV53s=; b=CXgC2WyXPdsb5ULm9ExA78aOuqOhPBSe/8FrBps62jHiLG2BRVnC3fz9nFrt+zxRVL UpCKLK1qigGwa70+EEDY9Aa0SzFHHmbD6Vj7xkvRL/eKsgTujgtCrAQv6mhZR6V8MDEA ANNMSjg0D9EOy0Y2gZbq89s8zEQxJvQqdOVFN/qI+mJ9YZcKy/4vhhz5ZGpybuVRnVfO mTMC4b1vgjku6Y4SWuNJwHSTu6QFpZW/QbH1pD7B01fkZiEKKdFmh/ZcGwuLieSH5OVf UMxwtPR2jbZxW4ws02pXNUDIy1YcR49npmOSFbHhV6lH1sWrcSF+Su/yu1XR1U+S0h9e nj2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=A982NPXSnTHpaqDF66iHMWDvT97siE6iPVMBlzTV53s=; b=o42d7NxT75TFHbYV7MjFooJXxhOo3ZOLBvO47DcXVgdOOii6iuxVr8m6ipTKgSKfTO Za6f5ZNSVlrIVUxk3gHal0ScaFRb1iE3x8f5saVW76iFVAwOAOJo8rUpZhMjVnRc0Uzy HJrKNWK/j4c5szTNcPDBmwjTq+L1h/Hjzknt1vBM3G9VGb2sgpB2tJGJhVnQUQn6EA80 MPaDRQE1nQAIH9YhTUNkOR+gKXL3SiEXX7M90/QOKxxRNHf6bmD6h25ETQVZzFLw2nNX ewIuWtQMWWgZzwaX2uiyHVbaF5JfYTT0EmgugAK4z7KwP6XIceqhIFZDP2Tn4S0ywgbs XnfA== X-Gm-Message-State: AOAM531kN48NUPgs9b8syQ6oJHKTQ9flcjeuPSeewwV86I9kyKbTD32r 6/3ZbKQjA9UHNKoWB+SZmTCRPkuAnsA= X-Received: by 2002:a17:902:7797:b0:143:88c3:7ff1 with SMTP id o23-20020a170902779700b0014388c37ff1mr1351407pll.22.1636545672344; Wed, 10 Nov 2021 04:01:12 -0800 (PST) Received: from localhost ([198.11.178.15]) by smtp.gmail.com with ESMTPSA id u10sm21903833pfh.49.2021.11.10.04.01.11 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 10 Nov 2021 04:01:11 -0800 (PST) From: Lai Jiangshan To: linux-kernel@vger.kernel.org Cc: x86@kernel.org, Lai Jiangshan , Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Juergen Gross , "Peter Zijlstra (Intel)" , Joerg Roedel Subject: [PATCH V5 36/50] x86/entry: Implement the C version ist_paranoid_entry() Date: Wed, 10 Nov 2021 19:57:22 +0800 Message-Id: <20211110115736.3776-37-jiangshanlai@gmail.com> X-Mailer: git-send-email 2.19.1.6.gb485710b In-Reply-To: <20211110115736.3776-1-jiangshanlai@gmail.com> References: <20211110115736.3776-1-jiangshanlai@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Lai Jiangshan It implements the whole ASM version paranoid_entry(). No functional difference intended. Signed-off-by: Lai Jiangshan --- arch/x86/entry/entry64.c | 37 +++++++++++++++++++++++++++++++++ arch/x86/include/asm/idtentry.h | 3 +++ 2 files changed, 40 insertions(+) diff --git a/arch/x86/entry/entry64.c b/arch/x86/entry/entry64.c index 6eb8ccfc5a8b..e1af3e5720f9 100644 --- a/arch/x86/entry/entry64.c +++ b/arch/x86/entry/entry64.c @@ -266,3 +266,40 @@ static __always_inline unsigned long ist_switch_to_kernel_gsbase(void) native_swapgs(); return 0; } + +/* + * Switch and save CR3 in *@cr3 if PTI enabled. Return GSBASE related + * information in *@gsbase depending on the availability of the FSGSBASE + * instructions: + * + * FSGSBASE *@gsbase + * N 0 -> SWAPGS on exit + * 1 -> no SWAPGS on exit + * + * Y GSBASE value at entry, must be restored in ist_paranoid_exit + */ +__visible __entry_text +void ist_paranoid_entry(unsigned long *cr3, unsigned long *gsbase) +{ + /* + * Always stash CR3 in *@cr3. This value will be restored, + * verbatim, at exit. Needed if ist_paranoid_entry interrupted + * another entry that already switched to the user CR3 value + * but has not yet returned to userspace. + * + * This is also why CS (stashed in the "iret frame" by the + * hardware at entry) can not be used: this may be a return + * to kernel code, but with a user CR3 value. + * + * Switching CR3 does not depend on kernel GSBASE so it can + * be done before switching to the kernel GSBASE. This is + * required for FSGSBASE because the kernel GSBASE has to + * be retrieved from a kernel internal table. + */ + *cr3 = ist_switch_to_kernel_cr3(); + + barrier(); + + /* Handle GSBASE, store the return value in *@gsbase for exit. */ + *gsbase = ist_switch_to_kernel_gsbase(); +} diff --git a/arch/x86/include/asm/idtentry.h b/arch/x86/include/asm/idtentry.h index 49fabc3e3f0d..f6efa21ec242 100644 --- a/arch/x86/include/asm/idtentry.h +++ b/arch/x86/include/asm/idtentry.h @@ -307,6 +307,9 @@ static __always_inline void __##func(struct pt_regs *regs) DECLARE_IDTENTRY(vector, func) #ifdef CONFIG_X86_64 +__visible __entry_text +void ist_paranoid_entry(unsigned long *cr3, unsigned long *gsbase); + /** * DECLARE_IDTENTRY_IST - Declare functions for IST handling IDT entry points * @vector: Vector number (ignored for C) -- 2.19.1.6.gb485710b