Received: by 10.223.164.221 with SMTP id h29csp2034354wrb;
        Thu, 2 Nov 2017 05:00:43 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+Tct3xWeTxZbf/JAY2kMWGVZcanjyBQfCew9RLW5pEPzA/2cQGnlFQUujnIX33uFmSTxcCS
X-Received: by 10.159.255.70 with SMTP id u6mr2987846pls.41.1509624043685;
        Thu, 02 Nov 2017 05:00:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1509624043; cv=none;
        d=google.com; s=arc-20160816;
        b=Ihj9LgNtOqbuqYB3AE5mZuoeI3SstF9JwjF9qL89HVJmO2Pm34xhQ5iMtBDtj2Qpul
         BavSwC6MFVPAv0Y0KJKwhYK+HxXwrGvRO57VN0smPZewIVgGXrAkX1UwAHP5Zruw0sxq
         mXMdySUOAY3q8nYSMIeAt9k1FYuoJlMuHHGm0yYhS3ZXcLmvFTu5q6qMxa96AaT3uWfA
         cyAvJdRll2QMbdjLdpeB7S6KKjdo5ux4uVpeCBsFv/0Lvmu3BLdGQD+0PJJroq5vMxFj
         +LsPsMKGoqA7zm0JAu0p5kX+Amq9ftgExNKLOZ3oYU/3LDEr1fwyo2PimeZ5bqXjjBp6
         +DFw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:references:message-id
         :content-transfer-encoding:cc:date:in-reply-to:from:subject
         :mime-version:dkim-signature:arc-authentication-results;
        bh=goOKJOTHOcpfB3PrHNH05V2ufQlnUI/xOoaQ0ySOWMw=;
        b=lnr5TNiLcMFhDgZW/GC7hoDJ+2PDLP9UtAfKpiVVJ71k28CWNqg24O9cQ+dduwthMw
         VmZbGFmWAmvH0qINb/aHvA5k6+SvayZknnsD84/bow5Q1Dts3XccDuV8+R5GX3rEBnRZ
         UdPsuWBWjTpfWf6BDYKN4OaQBB20GqHpRoslvRG0lFPc2j/IA6RNROS/nfue+/rwQLKS
         +cMxwMpvJN3OduHd79ojrH/B8nU/oFj9VhSeUxGzdUNG53/nSVLorSKdXhmpOnEU6zug
         nyxTfIdjmEIVGCSp/cWNL4S0zpKEjjLq+0IQzPvCaJDjsk51il0F2VtZJKLESZKvWDAg
         mdFQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=OSnZXBSm;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id n9si2193334plp.715.2017.11.02.05.00.29;
        Thu, 02 Nov 2017 05:00:43 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=OSnZXBSm;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752792AbdKBL7c (ORCPT <rfc822;huangleihappily@gmail.com>
        + 96 others); Thu, 2 Nov 2017 07:59:32 -0400
Received: from mail-oi0-f51.google.com ([209.85.218.51]:46711 "EHLO
        mail-oi0-f51.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750799AbdKBL7a (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 2 Nov 2017 07:59:30 -0400
Received: by mail-oi0-f51.google.com with SMTP id n82so8243373oig.3
        for <linux-kernel@vger.kernel.org>; Thu, 02 Nov 2017 04:59:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=amacapital-net.20150623.gappssmtp.com; s=20150623;
        h=mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=goOKJOTHOcpfB3PrHNH05V2ufQlnUI/xOoaQ0ySOWMw=;
        b=OSnZXBSm1km1LHaEya3Ea7HJXHxcZglBKh/GUSs1tUiLBVgabAaSYQo0G7Ilo3Zt9N
         93g4dgFpyBaSYOJB8SXpsvFYRa3uz7VKOOlYLN8Pp5pItR7zhB0EYPe0PPwVkxfQf19a
         e7PKANKkffirTFAW92FYxoZnAoywuEyaXc2OFmneHZbLxJTqL+ZMtIJdXhzt+z9usOio
         0TUxjNQJgYrnz+hKUsIaCkfCuQKbXIn1uC0GeaVYwYnvYOXnFVwoMbJA2Y05UzFt08CM
         pUTo2V8PePe9HjNEsXSs9bIMDeNiwQCln+smf67p4RLLSwlZKckeWIdO5tDmgCSrYN+E
         XGnw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=goOKJOTHOcpfB3PrHNH05V2ufQlnUI/xOoaQ0ySOWMw=;
        b=N8n5SXtWRNKozyRX4tGsEkaqkw2CWBSvXH3CuuBbMax3CzHA2RH9Odwq2To4CYlVzf
         BlQEdr9ppUyUqTY8sbIchBG/SuU7LzyE7Ww3e64HhZlBfEx7ZVtDET0v0j64LB310MWF
         E0HRfH8PJptWrnCaz5H8Yx7X0NNZ0aj8QG1V42TzeZYaAmqREQMhfChF62EuviaCKhkW
         l5XVRAYMh5boNOHO5JnFMRr2ZYqydWrpK6vALVOf2vV7jUI5QzOO2drLCQQqeE0d2Avy
         9YQD7l83fP+6l+9WSbpKENQCibQZ/AMpilHgh7NRzfJsnEqxPRpb7LQUS1AzWlJoxTqq
         0ZyA==
X-Gm-Message-State: AMCzsaWZcd6DUPglsr4i5FnGZ5/vIGQjYqIAEm1zw0K/Rwl5bkSFvjb9
        eos0sswN+4rFyl3K9msRqkXXFg==
X-Received: by 10.202.81.18 with SMTP id f18mr1612225oib.111.1509623969822;
        Thu, 02 Nov 2017 04:59:29 -0700 (PDT)
Received: from [100.146.139.33] ([172.56.7.221])
        by smtp.gmail.com with ESMTPSA id e124sm1248255oia.30.2017.11.02.04.59.27
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 02 Nov 2017 04:59:27 -0700 (PDT)
Content-Type: text/plain;
        charset=us-ascii
Mime-Version: 1.0 (1.0)
Subject: Re: [PATCH 02/23] x86, kaiser: do not set _PAGE_USER for init_mm page tables
From:   Andy Lutomirski <luto@amacapital.net>
X-Mailer: iPhone Mail (15A432)
In-Reply-To: <alpine.DEB.2.20.1711021226020.2090@nanos>
Date:   Thu, 2 Nov 2017 12:59:22 +0100
Cc:     Andy Lutomirski <luto@kernel.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "linux-mm@kvack.org" <linux-mm@kvack.org>,
        moritz.lipp@iaik.tugraz.at,
        Daniel Gruss <daniel.gruss@iaik.tugraz.at>,
        michael.schwarz@iaik.tugraz.at, Kees Cook <keescook@google.com>,
        Hugh Dickins <hughd@google.com>, X86 ML <x86@kernel.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <A4F58550-CAA8-4AE2-8DE5-C6970CC47210@amacapital.net>
References: <20171031223146.6B47C861@viggo.jf.intel.com> <20171031223150.AB41C68F@viggo.jf.intel.com> <alpine.DEB.2.20.1711012206050.1942@nanos> <CALCETrWQ0W=Kp7fycZ2E9Dp84CCPOr1nEmsPom71ZAXeRYqr9g@mail.gmail.com> <alpine.DEB.2.20.1711012225400.1942@nanos> <e8149c9e-10f8-aa74-ff0e-e2de923b2128@linux.intel.com> <CA+55aFyijHb4WnDMKgeXekTZHYT8pajqSAu2peo3O4EKiZbYPA@mail.gmail.com> <alpine.DEB.2.20.1711012316130.1942@nanos> <CALCETrWS2Tqn=hthSnzxKj3tJrgK+HH2Nkdv-GiXA7bkHUBdcQ@mail.gmail.com> <alpine.DEB.2.20.1711021226020.2090@nanos>
To:     Thomas Gleixner <tglx@linutronix.de>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



> On Nov 2, 2017, at 12:33 PM, Thomas Gleixner <tglx@linutronix.de> wrote:
>=20
>> On Thu, 2 Nov 2017, Andy Lutomirski wrote:
>>> On Wed, Nov 1, 2017 at 3:20 PM, Thomas Gleixner <tglx@linutronix.de> wro=
te:
>>>> On Wed, 1 Nov 2017, Linus Torvalds wrote:
>>>>> On Wed, Nov 1, 2017 at 2:52 PM, Dave Hansen <dave.hansen@linux.intel.c=
om> wrote:
>>>>>> On 11/01/2017 02:28 PM, Thomas Gleixner wrote:
>>>>>>> On Wed, 1 Nov 2017, Andy Lutomirski wrote:
>>>>>>> The vsyscall page is _PAGE_USER and lives in init_mm via the fixmap.=

>>>>>>=20
>>>>>> Groan, forgot about that abomination, but still there is no point in h=
aving
>>>>>> it marked PAGE_USER in the init_mm at all, kaiser or not.
>>>>>=20
>>>>> So shouldn't this patch effectively make the vsyscall page unusable?
>>>>> Any idea why that didn't show up in any of the x86 selftests?
>>>>=20
>>>> I actually think there may be two issues here:
>>>>=20
>>>> - vsyscall isn't even used much - if any - any more
>>>=20
>>> Only legacy user space uses it.
>>>=20
>>>> - the vsyscall emulation works fine without _PAGE_USER, since the
>>>> whole point is that we take a fault on it and then emulate.
>>>>=20
>>>> We do expose the vsyscall page read-only to user space in the
>>>> emulation case, but I'm not convinced that's even required.
>>>=20
>>> I don't see a reason why it needs to be mapped at all for emulation.
>>=20
>> At least a couple years ago, the maintainers of some userspace tracing
>> tools complained very loudly at the early versions of the patches.
>> There are programs like pin (semi-open-source IIRC) that parse
>> instructions, make an instrumented copy, and run it.  This means that
>> the vsyscall page needs to contain text that is semantically
>> equivalent to what calling it actually does.
>>=20
>> So yes, read access needs to work.  I should add a selftest for this.
>>=20
>> This is needed in emulation mode as well as native mode, so removing
>> native mode is totally orthogonal.
>=20
> Fair enough. I enabled function tracing with emulate_vsyscall as the filte=
r
> on a couple of machines and so far I have no hit at all. Though I found a
> VM with a real old user space (~2005) and that actually used it.
>=20
> So for the problem at hand, I'd suggest we disable the vsyscall stuff if
> CONFIG_KAISER=3Dy and be done with it.

I think that time() on not-so-old glibc uses it.  Even more recent versions o=
f Go use it. :(

>=20
> Thanks,
>=20
>    tglx
>=20
>=20
>=20
>=20
>=20

From 1582953906250470917@xxx Thu Nov 02 11:34:44 +0000 2017
X-GM-THRID: 1582814524376334722
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread