Received: by 10.223.164.221 with SMTP id h29csp2289569wrb;
        Thu, 2 Nov 2017 08:38:51 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+R12wBoDCiqfAhilUb+Wo4GY6FdzPHH7zFFy+jemb0eBeU4bVJBykj1PaRXcI0m/JF5smqU
X-Received: by 10.84.131.197 with SMTP id d63mr3759778pld.414.1509637131282;
        Thu, 02 Nov 2017 08:38:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1509637131; cv=none;
        d=google.com; s=arc-20160816;
        b=NDJ2tgrZY/wOM4Uvjt3lLdcmpl1JMGVsdrrNy5t1z2/V37wOD7J0E6N8Nf43bmZ0PN
         gcvgqeYCIEzyD33z1Siay0TpqYPlvLRjpb8oW4nwPahtmNWoOcukwOTgPKmkjwjS5K0G
         PEHNlZcayfYOVARO/YYYrnNMkPMU+DtA5xkd0UH8a5VRXuPhnWP42i9Bq58V169x5ugu
         1mGttVuJm1IKVUdjOIT6hKfWF5y8igl/vtYkW/n37SfZw4NlA6Wjmq+l9viQZh498UQf
         BAGe6tNIllUfaoskL8LQ2UqQX9yYtvbr4XpzfWXXKSuivtoeUsG1qDV0JC7ieliNw9d9
         UIbA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:references:message-id
         :content-transfer-encoding:cc:date:in-reply-to:from:subject
         :mime-version:dkim-signature:arc-authentication-results;
        bh=y9rnAe/f5HzhpErZdBK7bdzZMKKRHeMUdOSirtH0l2s=;
        b=ZArVg//znMOaJqg7Xd2cit9TcISdQESKNhChcgCA+2SZr0rk1O9bkB2MvpFcg8/hUt
         WifU+3IqTUWHi7vpFjR4IdnPmqOr+fH9B0ud3a4YBt/PU+xAR+83kNQHb0yAnSeFvwyI
         m9DOs7AYV4AjWgXvqIy3/Z49d/uCtg363azdZdORDi2uindh1d1iT3g6vv4hDsMU6nt/
         7/5E1Uc20vucpOOw6YhoicsvZUKlw10SdCEPEfnVZlFO2hVrs7Faj+A2tE4A1+onN7h/
         NV/o/IxKzDM6Ol0eARa7NyHnL+dVwUPlYyyfxqz5vTFOvQpWjcJxuCDYgwDG0+Y0wgjI
         XJwQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=EIxb9E9d;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id z10si3798224pgu.113.2017.11.02.08.38.37;
        Thu, 02 Nov 2017 08:38:51 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=EIxb9E9d;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S933836AbdKBPgf (ORCPT <rfc822;huangleihappily@gmail.com>
        + 97 others); Thu, 2 Nov 2017 11:36:35 -0400
Received: from mail-pg0-f66.google.com ([74.125.83.66]:55062 "EHLO
        mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S933658AbdKBPge (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 2 Nov 2017 11:36:34 -0400
Received: by mail-pg0-f66.google.com with SMTP id l24so5440954pgu.11
        for <linux-kernel@vger.kernel.org>; Thu, 02 Nov 2017 08:36:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=amacapital-net.20150623.gappssmtp.com; s=20150623;
        h=mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=y9rnAe/f5HzhpErZdBK7bdzZMKKRHeMUdOSirtH0l2s=;
        b=EIxb9E9dIudZM6pLpZXCjCAy+sSm1cORSHjoFVkUnDhbJfykn20S/I6F8On47ZV0HU
         UAjsY47Zh15BshtUhdUaRsV5i3pY296O726PEba24Aksgv0Y6MALuriTzEA+hsg2Xma9
         Kl52fNJCxA1Vrd7SpekyQ04/0hEDRzS3RWY/Ss7DQmaaD699wQB/Si7UQo0hzKuL+n0k
         ezt8M58K2jr8Rmq9v2zqxgX48rDBfpMnrnN8U2tZ4tVBThnb1Kl3BjguzfTSvE0YXomH
         Mjoau+vio2TKYbK8oY3epnu+GKwZig3Jya83D7M5bC2MOwCPPbnWtZafZD5yjOQkdl2Z
         UYwQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=y9rnAe/f5HzhpErZdBK7bdzZMKKRHeMUdOSirtH0l2s=;
        b=rf45qWUU8YY3sJ07O9O5KTLvI58OntOV3LZtgze+9L0r0aTzA1TKlR/NAZGNbdPM3q
         EluJ1V/R0SCnUh/2HfHOgzZEZkrMY+2RchjQ+/b7/HzjU3q138COsuLPeEaDzox7Z7PK
         HbZoMS8R6fbkkk6mEKUxdtuZyizi62mTnhPYL2dwbE1XDNBSp1ZLv4bW1Ui2YLbD6q6v
         wJ81NISlVUfmPw8P1qBqocjhDPtM8WB940gHdJxa1hMk05qBLiFHrIe0e7mMG/tLPE6l
         oEcwv41ahf5ypqgZaYL2ETRQfm2XZ8/fc5OMAN54RaG38RB9GLOKvPLkThTbAnCbMN4q
         tnNg==
X-Gm-Message-State: AMCzsaX+28oKIttRIc2ypbq6Zhl+BVTZxinILS26AtzN0VCxylTTBh6Q
        luUAhQWxA7Nco/W6E6pfKjxsFQ==
X-Received: by 10.98.162.26 with SMTP id m26mr4349896pff.0.1509636993705;
        Thu, 02 Nov 2017 08:36:33 -0700 (PDT)
Received: from [25.170.215.30] ([172.56.30.235])
        by smtp.gmail.com with ESMTPSA id 21sm6237112pfr.132.2017.11.02.08.36.31
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 02 Nov 2017 08:36:32 -0700 (PDT)
Content-Type: text/plain;
        charset=us-ascii
Mime-Version: 1.0 (1.0)
Subject: Re: KAISER memory layout (Re: [PATCH 06/23] x86, kaiser: introduce user-mapped percpu areas)
From:   Andy Lutomirski <luto@amacapital.net>
X-Mailer: iPhone Mail (15A432)
In-Reply-To: <alpine.DEB.2.20.1711021343380.2090@nanos>
Date:   Thu, 2 Nov 2017 16:36:29 +0100
Cc:     Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "linux-mm@kvack.org" <linux-mm@kvack.org>,
        moritz.lipp@iaik.tugraz.at,
        Daniel Gruss <daniel.gruss@iaik.tugraz.at>,
        michael.schwarz@iaik.tugraz.at,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Kees Cook <keescook@google.com>,
        Hugh Dickins <hughd@google.com>, X86 ML <x86@kernel.org>,
        Borislav Petkov <bp@alien8.de>,
        Josh Poimboeuf <jpoimboe@redhat.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <65E6D547-2871-4D93-9E10-24C31DB10269@amacapital.net>
References: <CALCETrXLJfmTg1MsQHKCL=WL-he_5wrOqeX2OatQCCqVE003VQ@mail.gmail.com> <alpine.DEB.2.20.1711021235290.2090@nanos> <89E52C9C-DBAB-4661-8172-0F6307857870@amacapital.net> <alpine.DEB.2.20.1711021343380.2090@nanos>
To:     Thomas Gleixner <tglx@linutronix.de>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



> On Nov 2, 2017, at 1:45 PM, Thomas Gleixner <tglx@linutronix.de> wrote:
>=20
> On Thu, 2 Nov 2017, Andy Lutomirski wrote:
>>> On Nov 2, 2017, at 12:48 PM, Thomas Gleixner <tglx@linutronix.de> wrote:=

>>>=20
>>>> On Thu, 2 Nov 2017, Andy Lutomirski wrote:
>>>> I think we're far enough along here that it may be time to nail down
>>>> the memory layout for real.  I propose the following:
>>>>=20
>>>> The user tables will contain the following:
>>>>=20
>>>> - The GDT array.
>>>> - The IDT.
>>>> - The vsyscall page.  We can make this be _PAGE_USER.
>>>=20
>>> I rather remove it for the kaiser case.
>>>=20
>>>> - The TSS.
>>>> - The per-cpu entry stack.  Let's make it one page with guard pages
>>>> on either side.  This can replace rsp_scratch.
>>>> - cpu_current_top_of_stack.  This could be in the same page as the TSS.=

>>>> - The entry text.
>>>> - The percpu IST (aka "EXCEPTION") stacks.
>>>=20
>>> Do you really want to put the full exception stacks into that user mappi=
ng?
>>> I think we should not do that. There are two options:
>>>=20
>>> 1) Always use the per-cpu entry stack and switch to the proper IST after=

>>>    the CR3 fixup
>>=20
>> Can't -- it's microcode, not software, that does that switch.
>=20
> Well, yes. The micro code does the stack switch to ISTs but software tells=

> it to do so. We write the IDT IIRC.
>=20
>>> 2) Have separate per-cpu entry stacks for the ISTs and switch to the rea=
l
>>>    ones after the CR3 fixup.
>>=20
>> How is that simpler?
>=20
> Simpler is not the question. I want to avoid mapping the whole IST stacks.=

>=20

OK, let's see.  We can have the IDT be different in the user tables and the k=
ernel tables.  The user IDT could have IST-less entry stubs that do their ow=
n CR3 switch and then bounce to the IST stack.  I don't see why this wouldn'=
t work aside from requiring a substantially larger entry stack, but I'm also=
 not convinced it's worth the added complexity.  The NMI code would certainl=
y need some careful thought to convince ourselves that it would still be cor=
rect.  #DF would be, um, interesting because of the silly ESPFIX64 thing.

My inclination would be to deal with this later.  For the first upstream ver=
sion, we map the IST stacks.  Later on, we have a separate user IDT that doe=
s whatever it needs to do.

The argument to the contrary would be that Dave's CR3 code *and* my entry st=
ack crap gets simpler if all the CR3 switches happen in special stubs.

The argument against *that* is that this erase_kstack crap might also benefi=
t from the magic stack switch.  OTOH that's the *exit* stack, which is total=
ly independent.

FWIW, I want to get rid of the #DB and #BP stacks entirely, but that does no=
t deserve to block this series, I think.

> Thanks,
>=20
>    tglx

From 1582958413410163008@xxx Thu Nov 02 12:46:22 +0000 2017
X-GM-THRID: 1582946879853551948
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread