From patchwork Tue Oct 20 20:36:09 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chris Metcalf X-Patchwork-Id: 7450461 Return-Path: X-Original-To: patchwork-linux-arm@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 557B8BEEA4 for ; Tue, 20 Oct 2015 20:39:35 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 3CB7F20867 for ; Tue, 20 Oct 2015 20:39:34 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.9]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1DAEF20866 for ; Tue, 20 Oct 2015 20:39:33 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1ZodfI-0000t7-Td; Tue, 20 Oct 2015 20:37:48 +0000 Received: from mail-am1on0067.outbound.protection.outlook.com ([157.56.112.67] helo=emea01-am1-obe.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1Zodf6-0000nx-HF for linux-arm-kernel@lists.infradead.org; Tue, 20 Oct 2015 20:37:37 +0000 Received: from DB3PR02CA0012.eurprd02.prod.outlook.com (10.242.134.22) by AM2PR02MB0417.eurprd02.prod.outlook.com (10.160.54.23) with Microsoft SMTP Server (TLS) id 15.1.300.14; Tue, 20 Oct 2015 20:37:13 +0000 Received: from DB3FFO11FD005.protection.gbl (2a01:111:f400:7e04::132) by DB3PR02CA0012.outlook.office365.com (2a01:111:e400:9814::22) with Microsoft SMTP Server (TLS) id 15.1.306.13 via Frontend Transport; Tue, 20 Oct 2015 20:37:13 +0000 Authentication-Results: spf=fail (sender IP is 12.216.194.146) smtp.mailfrom=ezchip.com; ezchip.com; dkim=none (message not signed) header.d=none; ezchip.com; dmarc=none action=none header.from=ezchip.com; Received-SPF: Fail (protection.outlook.com: domain of ezchip.com does not designate 12.216.194.146 as permitted sender) receiver=protection.outlook.com; client-ip=12.216.194.146; helo=ld-1.internal.tilera.com; Received: from ld-1.internal.tilera.com (12.216.194.146) by DB3FFO11FD005.mail.protection.outlook.com (10.47.216.94) with Microsoft SMTP Server (TLS) id 15.1.300.4 via Frontend Transport; Tue, 20 Oct 2015 20:37:12 +0000 Received: (from cmetcalf@localhost) by ld-1.internal.tilera.com (8.14.4/8.14.4/Submit) id t9KKbBOh006643; Tue, 20 Oct 2015 16:37:11 -0400 From: Chris Metcalf To: Gilad Ben Yossef , Steven Rostedt , Ingo Molnar , Peter Zijlstra , Andrew Morton , "Rik van Riel" , Tejun Heo , Frederic Weisbecker , Thomas Gleixner , "Paul E. McKenney" , Christoph Lameter , Viresh Kumar , Catalin Marinas , Will Deacon , Andy Lutomirski , , Subject: [PATCH v8 11/14] arch/arm64: enable task isolation functionality Date: Tue, 20 Oct 2015 16:36:09 -0400 Message-ID: <1445373372-6567-12-git-send-email-cmetcalf@ezchip.com> X-Mailer: git-send-email 2.1.2 In-Reply-To: <1445373372-6567-1-git-send-email-cmetcalf@ezchip.com> References: <1445373372-6567-1-git-send-email-cmetcalf@ezchip.com> X-EOPAttributedMessage: 0 X-Microsoft-Exchange-Diagnostics: 1; DB3FFO11FD005; 1:28jRihBil9x+ZqKELHft+nxSnQ0ZLwyK5scBlfMbm9tPBMq0Rv7mBzHsVkAiV2zmFg1+VAc74UKh/UryeAWjj1RCUUlIE0Z98lxXjyqkDxvRkTVedjNr1ViJ3xiAE3WIV9/WUq3suQovAQa639NKunkZzj7F8baUuy/QO/EOaQdh1UduEYS2T0zs6Ly9qWnuQcactjOcsLRZrWSllAuOlm3ayWDy7E/jxgPcsd1IZtjdR3I/IFooRWN+wC/UAhPM4Q5uZxu0S/KJoTHXybsEJlb2lH6TtNEPAOaOMilZi0EYSFggaqssYtgp6cNa9L2t1fn0u8cEowsEWAQsWFb5pKJyrQVtgfh30ZpSskaF0Os= X-Forefront-Antispam-Report: CIP:12.216.194.146; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(2980300002)(1109001)(1110001)(339900001)(199003)(189002)(87936001)(46102003)(85426001)(50226001)(5001960100002)(2950100001)(11100500001)(92566002)(5007970100001)(104016004)(19580405001)(6806005)(50986999)(189998001)(36756003)(106466001)(33646002)(106356001)(107886002)(5008740100001)(105606002)(106476002)(50466002)(48376002)(5001920100001)(229853001)(2201001)(86362001)(97736004)(81156007)(5001770100001)(19580395003)(42186005)(64706001)(76176999)(47776003)(5003940100001)(9376005)(921003)(83996005)(4001430100001)(2101003)(1121003); DIR:OUT; SFP:1101; SCL:1; SRVR:AM2PR02MB0417; H:ld-1.internal.tilera.com; FPR:; SPF:Fail; PTR:InfoNoRecords; A:1; MX:1; LANG:en; MIME-Version: 1.0 X-Microsoft-Exchange-Diagnostics: 1; AM2PR02MB0417; 2:s0KhCNP39Uh6ehBtheyW3Q4MyjhdpkbmhGJexT741dg5Ga+ibNzlNvSObLWs2YjKYPaAwyUsf4wKcXt7hLR69JFuxPnNU4M35uYZ36KXTHTLR936lPTgmjeWgn4lJfmAv0bdqp6nDEBPqt7BTpiQgat2Jpc3I6FCPSihjpUoj6o=; 3:xPtUZC7Kgh04hvVwe//HXHeiY/8AT32DLZghpeaVNk2QXiN4fO6WDpdFSXDXEfbQ/jQFUCrnfGdlBCZyHVVvyNzrgFq0Hzl+JH09S/XSB2O9R9Tz3QKIZavVmg3dwPhCWQ2kQ8NPiRZhv52pO6z/ORUBmsgvIFPM2vAYeWXmmnjU0gV6bTp4NwWY0mMEnQ+fD74MP1UIt95/yifyowd4ZtTFwl+nhKjZyd3ycjUY+Wn7iN8VKVaYOP5JJ9g7JDcr; 25:Mq3wsSXlDbF2ko23568qsGDfKNfylbwsXePh0x60GD9pPqm/RG5BSCnqQ/+jbUgck4tHQCXRPZ7wbNwtBxWmVyXMNoImabqhJs5/8bV67UmXiWLHVfTJzm22PzKZkvDACXYOzpKUUK7taV+POoVusF8of5snJ/Y4A4VIa+JEqop5k7oSRoVh8/zcUpLIFnh6yFS8WGYPkyQIfU3ZrxtE2N1ol2LBDy707oZd9Mq6YuzDCwDpUHemN9X5DAxOfWG5ViyEqqG5xNWe1FXTuYvsYg==; 20:6l0jBHPnuQ4zSvP1JCAoLBvGZTg6sE10Zln5xHoybVmzoJUDjMvHBFhovXRgYdmGYYmdYcEvM3SjtRGId5e/SChmivBUmzVthLORT1NvwijbDV38WalVErvm6J5KtoofJeYxNJc2qZ30arN4OhtGWDg/Iw6/spx2hMBJOG9C/uA= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AM2PR02MB0417; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(121898900299872); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(520078)(5005006)(8121501046)(3002001); SRVR:AM2PR02MB0417; BCL:0; PCL:0; RULEID:; SRVR:AM2PR02MB0417; X-Microsoft-Exchange-Diagnostics: 1; AM2PR02MB0417; 4:Y8Yq9OKU4iGCivIfgXxLOq+v74IjKloeTShL9qbMWKxVttz/YMUjAMGyj1iQRmbdkeB+lib/9ud8zhAfTK27CYyAHhj+waT1x4JlIuCEcpPsq1iFXk/YdUALRpklTwkvObE/zwnJLTVb9BfMIch1W+EneIYnvHklsKQnW/rRYmRVNv2eCXTHC1tfq2MMJYZxrZQp2Ze5EsInekVzakjAQaqQM45/xrgo2XxOF9Bwz9niO0mOb5Bq4TG/9GFgKNtWn67Lvg/3Bg2Jo65qIWt+DsSUDSIn3S0pYAU/cHW8o6alGX9Vu925rl1lnRopaPdwnU86FSUZUlxVRSGZbErXjVAFcOg35vube/W1C2ZR0cQ= X-Forefront-PRVS: 073515755F X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; AM2PR02MB0417; 23:gOZYSNQ82SCSD03mMtOvqnbCv6ilvrhV8OqwsZtj/?= =?us-ascii?Q?e0bdCxybeHX29Nz+ou+B9aPHoAX3/MOeTiUc51n0zOOW5Cc3wuU6JKM7KK5K?= =?us-ascii?Q?VRqnkgD8Id9IoI06eE7tMi5WBIsHoF4W4u2oFS+yAPTrkgt8Q54SWz2hCDlE?= =?us-ascii?Q?wq03ja7yBhyUoG1xDeO8pN04P0N2miFe65slDnKSdwMcsU+ZaOQMfIXg1vsA?= =?us-ascii?Q?0JXns+8BuSgEZEBhRjsgWMcArovs8BCqSp4QhRi03vo7UogJLTx6BesrpeSM?= =?us-ascii?Q?2zL88FzE2pDu9j1kT1LDh6185B3zVBtBN3ecSJcma3jM+WdcpWZ40IVQz+NF?= =?us-ascii?Q?PzaqCxW3l4oUfyaNDukVIxMpGnakwCicFjjCzkghDBItnx71ouq858u+5Ft1?= =?us-ascii?Q?lCkcSL7B1aUlx39bEJaBD2kpNa1Z8oAXhTt14dn1ZOHgk3TV64CXf3UuV50J?= =?us-ascii?Q?uEdNaAsxYXKnVJZpbSQul+Yx0fT84yEWgbcypmCle7zjtijqdk1B8+vfpKzE?= =?us-ascii?Q?0tNwMeKxFqq8kzXy7D+L16oIHNuBNoHtBF3KlYfnJTcHAPcHy1bolR+nCZS2?= =?us-ascii?Q?nmFGq8jiCHZow6+oIypBoGmYjRZIdEKXVyF1LFcvWBmcSeMZucjNGcLVgAma?= =?us-ascii?Q?ZzKWTQFPERIaDpgdnbetHl6m/qw7f+4zjlThNsIJgL3BBbPnk4TN/3M0V+Ws?= =?us-ascii?Q?Y77hb9NOARKEBDkD7ZpFM7Gzi0aB3qNYcLhQpm7xsGf+d0FTUVBWB7cxnMsf?= =?us-ascii?Q?0HYJB2zJDpNG+/8MF16Qsm4V0ZhxNsPW3jFnzso5pLxP1MXrXlR64WnMr/Xy?= =?us-ascii?Q?pAhGW0q/xeH+Yf2oXAJiqCXIs/17AvizbOocObXmM4ol88bp7gjFDd25FioR?= =?us-ascii?Q?phxFrO5R+B3gn+0EnfIiEvH9DossbDy2koiZ/hb7ITpLd1E/oMh/tMXObGoT?= =?us-ascii?Q?1ycXXZRXdMwBbxuF2gSA6LldHROmzxRycuNdRfXRtnlK4Dwbk55x+PMr9mY3?= =?us-ascii?Q?O7OrOdf2WvLhOYAyrP3Xdlkm1+AVbd5ZOiQiEerKkffoVedkYhLaVKz5B0RU?= =?us-ascii?Q?+gwRjdO2DgS5bN0Z/RQjk5Kuz4eoyjSnIYz+XyvTLXl7MwN/GFBoOgoAoBju?= =?us-ascii?Q?7R/ZJNBais0GajsIALtLnOcRPX6RKiNCQ6Q4mG7LszX4r9muGNrba/epoNsY?= =?us-ascii?Q?WTkmXgiA7f/UDqnP0lHqeixCerb5AQatwdtp3xaGs4o17XD9RzYzmikePAif?= =?us-ascii?Q?H/fr/AB75silgzHg8nIueeke2KOV1n2zWa1m+D6gSepe9Gh6CKPkkYEz4I7Z?= =?us-ascii?Q?8N6gkUinjSCOo9RS64JQ8s=3D?= X-Microsoft-Exchange-Diagnostics: 1; AM2PR02MB0417; 5:p3ortoKZfzFUWE5KWIhseYMym001JVIpy0r9myFcyC6wW4obIgmfJx8ycK3/8Wcv7b5abX7XCOptP1PIzBELbxRG2M2H5epjNvgfACDq6t7zN7QAqf2TuYY+QC8vleUBEhfOhXospGn6wK9AXtcFUQ==; 24:AJQM3ppqrswRl7DxvLXvxiqhOJF3n7Baou0fgtcZbL5HiwHjjBXY6JpsObK6ze46T1AhxsVJEu4+f4Mdk9C5DiO5TNM1xNblIakDqpHwvCk=; 20:u90PJPkMsztiB8Yw/OQ6TRAhoBFsPmTxd/yD1nH1GyaOLYfTKP2vfo7URge7J0237SfupLacJPl/6j+qCrjU/g== SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: ezchip.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Oct 2015 20:37:12.7939 (UTC) X-MS-Exchange-CrossTenant-Id: 0fc16e0a-3cd3-4092-8b2f-0a42cff122c3 X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=0fc16e0a-3cd3-4092-8b2f-0a42cff122c3; Ip=[12.216.194.146]; Helo=[ld-1.internal.tilera.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM2PR02MB0417 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20151020_133737_059688_819AA1C9 X-CRM114-Status: GOOD ( 18.79 ) X-Spam-Score: -1.9 (-) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Chris Metcalf Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Spam-Status: No, score=-4.2 required=5.0 tests=BAD_ENC_HEADER,BAYES_00, RCVD_IN_DNSWL_MED, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP We need to call task_isolation_enter() from prepare_exit_to_usermode(), so that we can both ensure we do it last before returning to userspace, and we also are able to re-run signal handling, etc., if something occurs while task_isolation_enter() has interrupts enabled. To do this we add _TIF_NOHZ to the _TIF_WORK_MASK if we have CONFIG_TASK_ISOLATION enabled, which brings us into prepare_exit_to_usermode() on all return to userspace. But we don't put _TIF_NOHZ in the flags that we use to loop back and recheck, since we don't need to loop back only because the flag is set. Instead we unconditionally call task_isolation_enter() at the end of the loop if any other work is done. To make the assembly code continue to be as optimized as before, we renumber the _TIF flags so that both _TIF_WORK_MASK and _TIF_SYSCALL_WORK still have contiguous runs of bits in the immediate operand for the "and" instruction, as required by the ARM64 ISA. Since TIF_NOHZ is in both masks, it must be the middle bit in the contiguous run that starts with the _TIF_WORK_MASK bits and ends with the _TIF_SYSCALL_WORK bits. We tweak syscall_trace_enter() slightly to carry the "flags" value from current_thread_info()->flags for each of the tests, rather than doing a volatile read from memory for each one. This avoids a small overhead for each test, and in particular avoids that overhead for TIF_NOHZ when TASK_ISOLATION is not enabled. Finally, add an explicit check for STRICT mode in do_mem_abort() to handle the case of page faults. Signed-off-by: Chris Metcalf --- arch/arm64/include/asm/thread_info.h | 18 ++++++++++++------ arch/arm64/kernel/ptrace.c | 12 +++++++++--- arch/arm64/kernel/signal.c | 7 +++++-- arch/arm64/mm/fault.c | 4 ++++ 4 files changed, 30 insertions(+), 11 deletions(-) diff --git a/arch/arm64/include/asm/thread_info.h b/arch/arm64/include/asm/thread_info.h index dcd06d18a42a..4c36c4ee3528 100644 --- a/arch/arm64/include/asm/thread_info.h +++ b/arch/arm64/include/asm/thread_info.h @@ -101,11 +101,11 @@ static inline struct thread_info *current_thread_info(void) #define TIF_NEED_RESCHED 1 #define TIF_NOTIFY_RESUME 2 /* callback before returning to user */ #define TIF_FOREIGN_FPSTATE 3 /* CPU's FP state is not current's */ -#define TIF_NOHZ 7 -#define TIF_SYSCALL_TRACE 8 -#define TIF_SYSCALL_AUDIT 9 -#define TIF_SYSCALL_TRACEPOINT 10 -#define TIF_SECCOMP 11 +#define TIF_NOHZ 4 +#define TIF_SYSCALL_TRACE 5 +#define TIF_SYSCALL_AUDIT 6 +#define TIF_SYSCALL_TRACEPOINT 7 +#define TIF_SECCOMP 8 #define TIF_MEMDIE 18 /* is terminating due to OOM killer */ #define TIF_FREEZE 19 #define TIF_RESTORE_SIGMASK 20 @@ -124,9 +124,15 @@ static inline struct thread_info *current_thread_info(void) #define _TIF_SECCOMP (1 << TIF_SECCOMP) #define _TIF_32BIT (1 << TIF_32BIT) -#define _TIF_WORK_MASK (_TIF_NEED_RESCHED | _TIF_SIGPENDING | \ +#define _TIF_WORK_LOOP_MASK (_TIF_NEED_RESCHED | _TIF_SIGPENDING | \ _TIF_NOTIFY_RESUME | _TIF_FOREIGN_FPSTATE) +#ifdef CONFIG_TASK_ISOLATION +# define _TIF_WORK_MASK (_TIF_WORK_LOOP_MASK | _TIF_NOHZ) +#else +# define _TIF_WORK_MASK _TIF_WORK_LOOP_MASK +#endif + #define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \ _TIF_SYSCALL_TRACEPOINT | _TIF_SECCOMP | \ _TIF_NOHZ) diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index 1971f491bb90..69ed3ba81650 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -37,6 +37,7 @@ #include #include #include +#include #include #include @@ -1240,14 +1241,19 @@ static void tracehook_report_syscall(struct pt_regs *regs, asmlinkage int syscall_trace_enter(struct pt_regs *regs) { - /* Do the secure computing check first; failures should be fast. */ + unsigned long work = ACCESS_ONCE(current_thread_info()->flags); + + if ((work & _TIF_NOHZ) && task_isolation_check_syscall(regs->syscallno)) + return -1; + + /* Do the secure computing check early; failures should be fast. */ if (secure_computing() == -1) return -1; - if (test_thread_flag(TIF_SYSCALL_TRACE)) + if (work & _TIF_SYSCALL_TRACE) tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER); - if (test_thread_flag(TIF_SYSCALL_TRACEPOINT)) + if (work & _TIF_SYSCALL_TRACEPOINT) trace_sys_enter(regs, regs->syscallno); audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1], diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c index fde59c1139a9..641c828653c7 100644 --- a/arch/arm64/kernel/signal.c +++ b/arch/arm64/kernel/signal.c @@ -25,6 +25,7 @@ #include #include #include +#include #include #include @@ -419,10 +420,12 @@ asmlinkage void prepare_exit_to_usermode(struct pt_regs *regs, if (thread_flags & _TIF_FOREIGN_FPSTATE) fpsimd_restore_current_state(); + task_isolation_enter(); + local_irq_disable(); thread_flags = READ_ONCE(current_thread_info()->flags) & - _TIF_WORK_MASK; + _TIF_WORK_LOOP_MASK; - } while (thread_flags); + } while (thread_flags || !task_isolation_ready()); } diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c index 9fadf6d7039b..a726f9f3ef3c 100644 --- a/arch/arm64/mm/fault.c +++ b/arch/arm64/mm/fault.c @@ -29,6 +29,7 @@ #include #include #include +#include #include #include @@ -466,6 +467,9 @@ asmlinkage void __exception do_mem_abort(unsigned long addr, unsigned int esr, const struct fault_info *inf = fault_info + (esr & 63); struct siginfo info; + if (user_mode(regs)) + task_isolation_check_exception("%s at %#lx", inf->name, addr); + if (!inf->fn(addr, esr, regs)) return;