[06/70] x86/umip: Factor out instruction fetch

Message ID	20200319091407.1481-7-joro@8bytes.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=MMtT=5E=vger.kernel.org=kvm-owner@kernel.org> From: Joerg Roedel <joro@8bytes.org> To: x86@kernel.org Cc: hpa@zytor.com, Andy Lutomirski <luto@kernel.org>, Dave Hansen <dave.hansen@linux.intel.com>, Peter Zijlstra <peterz@infradead.org>, Thomas Hellstrom <thellstrom@vmware.com>, Jiri Slaby <jslaby@suse.cz>, Dan Williams <dan.j.williams@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>, Juergen Gross <jgross@suse.com>, Kees Cook <keescook@chromium.org>, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org, Joerg Roedel <joro@8bytes.org>, Joerg Roedel <jroedel@suse.de> Subject: [PATCH 06/70] x86/umip: Factor out instruction fetch Date: Thu, 19 Mar 2020 10:13:03 +0100 Message-Id: <20200319091407.1481-7-joro@8bytes.org> In-Reply-To: <20200319091407.1481-1-joro@8bytes.org> References: <20200319091407.1481-1-joro@8bytes.org> Sender: kvm-owner@vger.kernel.org Precedence: bulk
Series	x86: SEV-ES Guest Support \| expand [RFC,00/70,v2] x86: SEV-ES Guest Support [01/70] KVM: SVM: Add GHCB definitions [02/70] KVM: SVM: Add GHCB Accessor functions [03/70] x86/cpufeatures: Add SEV-ES CPU feature [04/70] x86/traps: Move some definitions to <asm/trap_defs.h> [05/70] x86/insn: Make inat-tables.c suitable for pre-decompression code [06/70] x86/umip: Factor out instruction fetch [07/70] x86/umip: Factor out instruction decoding [08/70] x86/insn: Add insn_get_modrm_reg_off() [09/70] x86/insn: Add insn_rep_prefix() helper [10/70] x86/boot/compressed: Fix debug_puthex() parameter type [11/70] x86/boot/compressed/64: Disable red-zone usage [12/70] x86/boot/compressed/64: Add IDT Infrastructure [13/70] x86/boot/compressed/64: Rename kaslr_64.c to ident_map_64.c [14/70] x86/boot/compressed/64: Add page-fault handler [15/70] x86/boot/compressed/64: Always switch to own page-table [16/70] x86/boot/compressed/64: Don't pre-map memory in KASLR code [17/70] x86/boot/compressed/64: Change add_identity_map() to take start and end [18/70] x86/boot/compressed/64: Add stage1 #VC handler [19/70] x86/boot/compressed/64: Call set_sev_encryption_mask earlier [20/70] x86/boot/compressed/64: Check return value of kernel_ident_mapping_init() [21/70] x86/boot/compressed/64: Add function to map a page unencrypted [22/70] x86/boot/compressed/64: Setup GHCB Based VC Exception handler [23/70] x86/sev-es: Add support for handling IOIO exceptions [24/70] x86/fpu: Move xgetbv()/xsetbv() into separate header [25/70] x86/sev-es: Add CPUID handling to #VC handler [26/70] x86/idt: Move IDT to data segment [27/70] x86/idt: Split idt_data setup out of set_intr_gate() [28/70] x86/idt: Move two function from k/idt.c to i/a/desc.h [29/70] x86/head/64: Install boot GDT [30/70] x86/head/64: Reload GDT after switch to virtual addresses [31/70] x86/head/64: Load segment registers earlier [32/70] x86/head/64: Switch to initial stack earlier [33/70] x86/head/64: Build k/head64.c with -fno-stack-protector [34/70] x86/head/64: Load IDT earlier [35/70] x86/head/64: Move early exception dispatch to C code [36/70] x86/sev-es: Add SEV-ES Feature Detection [37/70] x86/sev-es: Compile early handler code into kernel image [38/70] x86/sev-es: Setup early #VC handler [39/70] x86/sev-es: Setup GHCB based boot #VC handler [40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler [41/70] x86/sev-es: Add Runtime #VC Exception Handler [42/70] x86/sev-es: Support nested #VC exceptions [43/70] x86/sev-es: Wire up existing #VC exit-code handlers [44/70] x86/sev-es: Handle instruction fetches from user-space [45/70] x86/sev-es: Harden runtime #VC handler for exceptions from user-space [46/70] x86/sev-es: Filter exceptions not supported from user-space [47/70] x86/sev-es: Handle MMIO events [48/70] x86/sev-es: Handle MMIO String Instructions [49/70] x86/sev-es: Handle MSR events [50/70] x86/sev-es: Handle DR7 read/write events [51/70] x86/sev-es: Handle WBINVD Events [52/70] x86/sev-es: Handle RDTSC Events [53/70] x86/sev-es: Handle RDPMC Events [54/70] x86/sev-es: Handle INVD Events [55/70] x86/sev-es: Handle RDTSCP Events [56/70] x86/sev-es: Handle MONITOR/MONITORX Events [57/70] x86/sev-es: Handle MWAIT/MWAITX Events [58/70] x86/sev-es: Handle VMMCALL Events [59/70] x86/sev-es: Handle #AC Events [60/70] x86/sev-es: Handle #DB Events [61/70] x86/paravirt: Allow hypervisor specific VMMCALL handling under SEV-ES [62/70] x86/kvm: Add KVM specific VMMCALL handling under SEV-ES [63/70] x86/vmware: Add VMware specific handling for VMMCALL under SEV-ES [64/70] x86/realmode: Add SEV-ES specific trampoline entry point [65/70] x86/realmode: Setup AP jump table [66/70] x86/head/64: Don't call verify_cpu() on starting APs [67/70] x86/head/64: Rename start_cpu0 [68/70] x86/sev-es: Support CPU offline/online [69/70] x86/cpufeature: Add SEV_ES_GUEST CPU Feature [70/70] x86/sev-es: Add NMI state tracking

Message ID

20200319091407.1481-7-joro@8bytes.org (mailing list archive)

State

New, archived

Headers

From: Joerg Roedel <joro@8bytes.org>
To: x86@kernel.org
Cc: hpa@zytor.com, Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Hellstrom <thellstrom@vmware.com>,
        Jiri Slaby <jslaby@suse.cz>,
        Dan Williams <dan.j.williams@intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Juergen Gross <jgross@suse.com>,
        Kees Cook <keescook@chromium.org>,
        linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
        virtualization@lists.linux-foundation.org,
        Joerg Roedel <joro@8bytes.org>, Joerg Roedel <jroedel@suse.de>
Subject: [PATCH 06/70] x86/umip: Factor out instruction fetch
Date: Thu, 19 Mar 2020 10:13:03 +0100
Message-Id: <20200319091407.1481-7-joro@8bytes.org>
In-Reply-To: <20200319091407.1481-1-joro@8bytes.org>
References: <20200319091407.1481-1-joro@8bytes.org>
Sender: kvm-owner@vger.kernel.org
Precedence: bulk

Series

x86: SEV-ES Guest Support | expand

Commit Message

Joerg Roedel March 19, 2020, 9:13 a.m. UTC

From: Joerg Roedel <jroedel@suse.de>

Factor out the code to fetch the instruction from user-space to a helper
function.

Signed-off-by: Joerg Roedel <jroedel@suse.de>
---
 arch/x86/include/asm/insn-eval.h |  2 ++
 arch/x86/kernel/umip.c           | 26 +++++-----------------
 arch/x86/lib/insn-eval.c         | 38 ++++++++++++++++++++++++++++++++
 3 files changed, 46 insertions(+), 20 deletions(-)

Comments

Borislav Petkov March 26, 2020, 5:21 p.m. UTC | #1

On Thu, Mar 19, 2020 at 10:13:03AM +0100, Joerg Roedel wrote:
> From: Joerg Roedel <jroedel@suse.de>
> 
> Factor out the code to fetch the instruction from user-space to a helper
> function.

Add "No functional changes." here.

> Signed-off-by: Joerg Roedel <jroedel@suse.de>
> ---
>  arch/x86/include/asm/insn-eval.h |  2 ++
>  arch/x86/kernel/umip.c           | 26 +++++-----------------
>  arch/x86/lib/insn-eval.c         | 38 ++++++++++++++++++++++++++++++++
>  3 files changed, 46 insertions(+), 20 deletions(-)

...

> +int insn_fetch_from_user(struct pt_regs *regs,
> +			 unsigned char buf[MAX_INSN_SIZE])

No need for that linebreak - fits in 80 cols.

> +{
> +	unsigned long seg_base = 0;
> +	int not_copied;
> +
> +	/*
> +	 * If not in user-space long mode, a custom code segment could be in
> +	 * use. This is true in protected mode (if the process defined a local
> +	 * descriptor table), or virtual-8086 mode. In most of the cases
> +	 * seg_base will be zero as in USER_CS.
> +	 */
> +	if (!user_64bit_mode(regs))
> +		seg_base = insn_get_seg_base(regs, INAT_SEG_REG_CS);
> +
> +	if (seg_base == -1L)
> +		return 0;

This reads strange: seg_base is changed only inside that if test so I
guess we could test it there too:

        if (!user_64bit_mode(regs)) {
                seg_base = insn_get_seg_base(regs, INAT_SEG_REG_CS);
                if (seg_base == -1L)
                        return 0;
        }

which is a small enough change to not require a separate patch.

Thx.

diff --git a/arch/x86/include/asm/insn-eval.h b/arch/x86/include/asm/insn-eval.h
index 2b6ccf2c49f1..b8b9ef1bbd06 100644
--- a/arch/x86/include/asm/insn-eval.h
+++ b/arch/x86/include/asm/insn-eval.h
@@ -19,5 +19,7 @@  void __user *insn_get_addr_ref(struct insn *insn, struct pt_regs *regs);
 int insn_get_modrm_rm_off(struct insn *insn, struct pt_regs *regs);
 unsigned long insn_get_seg_base(struct pt_regs *regs, int seg_reg_idx);
 int insn_get_code_seg_params(struct pt_regs *regs);
+int insn_fetch_from_user(struct pt_regs *regs,
+			 unsigned char buf[MAX_INSN_SIZE]);
 
 #endif /* _ASM_X86_INSN_EVAL_H */
diff --git a/arch/x86/kernel/umip.c b/arch/x86/kernel/umip.c
index 4d732a444711..00cb157673b1 100644
--- a/arch/x86/kernel/umip.c
+++ b/arch/x86/kernel/umip.c
@@ -317,11 +317,11 @@  static void force_sig_info_umip_fault(void __user *addr, struct pt_regs *regs)
  */
 bool fixup_umip_exception(struct pt_regs *regs)
 {
-	int not_copied, nr_copied, reg_offset, dummy_data_size, umip_inst;
-	unsigned long seg_base = 0, *reg_addr;
+	int nr_copied, reg_offset, dummy_data_size, umip_inst;
 	/* 10 bytes is the maximum size of the result of UMIP instructions */
 	unsigned char dummy_data[10] = { 0 };
 	unsigned char buf[MAX_INSN_SIZE];
+	unsigned long *reg_addr;
 	void __user *uaddr;
 	struct insn insn;
 	int seg_defs;
@@ -329,26 +329,12 @@  bool fixup_umip_exception(struct pt_regs *regs)
 	if (!regs)
 		return false;
 
-	/*
-	 * If not in user-space long mode, a custom code segment could be in
-	 * use. This is true in protected mode (if the process defined a local
-	 * descriptor table), or virtual-8086 mode. In most of the cases
-	 * seg_base will be zero as in USER_CS.
-	 */
-	if (!user_64bit_mode(regs))
-		seg_base = insn_get_seg_base(regs, INAT_SEG_REG_CS);
-
-	if (seg_base == -1L)
-		return false;
-
-	not_copied = copy_from_user(buf, (void __user *)(seg_base + regs->ip),
-				    sizeof(buf));
-	nr_copied = sizeof(buf) - not_copied;
+	nr_copied = insn_fetch_from_user(regs, buf);
 
 	/*
-	 * The copy_from_user above could have failed if user code is protected
-	 * by a memory protection key. Give up on emulation in such a case.
-	 * Should we issue a page fault?
+	 * The insn_fetch_from_user above could have failed if user code
+	 * is protected by a memory protection key. Give up on emulation
+	 * in such a case.  Should we issue a page fault?
 	 */
 	if (!nr_copied)
 		return false;
diff --git a/arch/x86/lib/insn-eval.c b/arch/x86/lib/insn-eval.c
index 31600d851fd8..95ae3953e2a2 100644
--- a/arch/x86/lib/insn-eval.c
+++ b/arch/x86/lib/insn-eval.c
@@ -1369,3 +1369,41 @@  void __user *insn_get_addr_ref(struct insn *insn, struct pt_regs *regs)
 		return (void __user *)-1L;
 	}
 }
+
+/**
+ * insn_fetch_from_user() - Copy instruction bytes from user-space memory
+ * @regs:	Structure with register values as seen when entering kernel mode
+ * @buf:	Array to store the fetched instruction
+ *
+ * Gets the linear address of the instruction and copies the instruction bytes
+ * to the buf.
+ *
+ * Returns:
+ *
+ * Number of instruction bytes copied.
+ *
+ * 0 if nothing was copied.
+ */
+int insn_fetch_from_user(struct pt_regs *regs,
+			 unsigned char buf[MAX_INSN_SIZE])
+{
+	unsigned long seg_base = 0;
+	int not_copied;
+
+	/*
+	 * If not in user-space long mode, a custom code segment could be in
+	 * use. This is true in protected mode (if the process defined a local
+	 * descriptor table), or virtual-8086 mode. In most of the cases
+	 * seg_base will be zero as in USER_CS.
+	 */
+	if (!user_64bit_mode(regs))
+		seg_base = insn_get_seg_base(regs, INAT_SEG_REG_CS);
+
+	if (seg_base == -1L)
+		return 0;
+
+	not_copied = copy_from_user(buf, (void __user *)(seg_base + regs->ip),
+				    MAX_INSN_SIZE);
+
+	return MAX_INSN_SIZE - not_copied;
+}

[06/70] x86/umip: Factor out instruction fetch

Commit Message

Comments

Patch