From patchwork Wed Mar 2 20:09:36 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chris Metcalf X-Patchwork-Id: 8485191 Return-Path: X-Original-To: patchwork-linux-arm@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 42CFE9F2F0 for ; Wed, 2 Mar 2016 20:13:17 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 3E3E32037C for ; Wed, 2 Mar 2016 20:13:16 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.9]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2442C2034A for ; Wed, 2 Mar 2016 20:13:15 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1abD7E-0008HD-Tv; Wed, 02 Mar 2016 20:11:24 +0000 Received: from mail-am1on0053.outbound.protection.outlook.com ([157.56.112.53] helo=emea01-am1-obe.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1abD78-0008BB-Gl for linux-arm-kernel@lists.infradead.org; Wed, 02 Mar 2016 20:11:20 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Mellanox.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=BmfbL8fNvVGSBnm6KX1I2a7xsz5PBDqDMcfgBM3L6Yg=; b=sDwK+EpVztHxZtGdFVTxB1vc73/5e1gNnAjJAgUtcMCHhIygTJqkAcjBptJd0Y19Z137sUvoOUku1nKPsPrWstO38IC+HkkagzkJtoRz4oVP7VJTxuDdbJSxrj1Bcd8BJc/EKT4My/FEhD5HlU2aFl7p9x+Pm6ifDlqQGjP8W7g= Received: from VI1PR05CA0041.eurprd05.prod.outlook.com (10.162.33.179) by VI1PR05MB1696.eurprd05.prod.outlook.com (10.165.235.158) with Microsoft SMTP Server (TLS) id 15.1.427.16; Wed, 2 Mar 2016 20:10:42 +0000 Received: from DB3FFO11FD033.protection.gbl (2a01:111:f400:7e04::199) by VI1PR05CA0041.outlook.office365.com (2a01:111:e400:5840::51) with Microsoft SMTP Server (TLS) id 15.1.415.20 via Frontend Transport; Wed, 2 Mar 2016 20:10:42 +0000 Authentication-Results: spf=fail (sender IP is 12.216.194.146) smtp.mailfrom=ezchip.com; ezchip.com; dkim=none (message not signed) header.d=none; ezchip.com; dmarc=none action=none header.from=ezchip.com; Received-SPF: Fail (protection.outlook.com: domain of ezchip.com does not designate 12.216.194.146 as permitted sender) receiver=protection.outlook.com; client-ip=12.216.194.146; helo=ld-1.internal.tilera.com; Received: from ld-1.internal.tilera.com (12.216.194.146) by DB3FFO11FD033.mail.protection.outlook.com (10.47.217.64) with Microsoft SMTP Server (TLS) id 15.1.427.7 via Frontend Transport; Wed, 2 Mar 2016 20:10:40 +0000 Received: (from cmetcalf@localhost) by ld-1.internal.tilera.com (8.14.4/8.14.4/Submit) id u22KAd9e004984; Wed, 2 Mar 2016 15:10:39 -0500 From: Chris Metcalf To: Gilad Ben Yossef , Steven Rostedt , Ingo Molnar , Peter Zijlstra , Andrew Morton , "Rik van Riel" , Tejun Heo , Frederic Weisbecker , Thomas Gleixner , "Paul E. McKenney" , Christoph Lameter , Viresh Kumar , Catalin Marinas , Will Deacon , Andy Lutomirski , Mark Rutland , , Subject: [PATCH v10 12/12] arch/arm64: enable task isolation functionality Date: Wed, 2 Mar 2016 15:09:36 -0500 Message-ID: <1456949376-4910-13-git-send-email-cmetcalf@ezchip.com> X-Mailer: git-send-email 2.1.2 In-Reply-To: <1456949376-4910-1-git-send-email-cmetcalf@ezchip.com> References: <1456949376-4910-1-git-send-email-cmetcalf@ezchip.com> X-EOPAttributedMessage: 0 X-Forefront-Antispam-Report: CPI:12.216.194.146; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(2980300002)(1109001)(339900001)(189002)(199003)(5003940100001)(33646002)(19580405001)(2201001)(189998001)(19580395003)(50226001)(5001970100001)(107886002)(5008740100001)(85426001)(50466002)(81156011)(2950100001)(48376002)(11100500001)(104016004)(229853001)(6806005)(5001770100001)(2906002)(1096002)(106466001)(87936001)(50986999)(76176999)(4326007)(586003)(42186005)(105606002)(36756003)(47776003)(92566002)(4001430100002)(1220700001)(921003)(42882005)(1121003)(83996005)(2101003); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR05MB1696; H:ld-1.internal.tilera.com; FPR:; SPF:Fail; MLV:sfv; MX:1; A:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; DB3FFO11FD033; 1:32qWnNWm4vXtDacRF7VdKIRK/EexsUW1oC1hRd9R1i98YXpOThiPf7UJwzdEhLklw98N1sJ6IVCLe89cFw//P8YuLDC2UMs+oCIJIJ7b/pcWkZED2XfOKhlguba5/HR4egg6ygH+ajjZk+3Lj4+sPJQf6NrkaM53EiATNyrzN+QpJjodQH6lWWNAumrRctAKECHMJXg+oToyk2RCCeBSFP7mIhavuTLRjnOxznFKOn5cYAFx+upGir9mQcV/rTyv1Q28TP3XzEjncBFj/cpl1hxFL3oqte1Cex/t3IPKyJnDR+BSzy9HZ/mXSFjPVae7bmyv23XsdH216UZegCZjs+HkCN0Cc1iKPoBIiIVUwMYBNBrHe19Of8B8wGMUwqAYzntKySe3+2ZzlrHM+BpJCLPBvCTEbligWrC4mvk2e/wVUXHRgL9BJzyJVKAEpTFUUoOMf8Uzt6dUX9xjWR/fHdRa6YAABqRPoQ49yl3F4RtnuVrWWc2T9ZzFszqu1HuN MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: 800fd8ac-40ba-458d-8194-08d342d6ba87 X-Microsoft-Exchange-Diagnostics: 1; VI1PR05MB1696; 2:eX9mgQbuhRNHxrNlk24Ae8yBW0Mrddc6QzvOflKpI6794O+A/bw5X+eBu7KSj7tjqM8C4O2Ff1zkZ9CWbgwtuRDB7BmkRlxgtRFx0rAggMa//Ksi7Wq/IsFq3nE288s/cCyq4oU383RlaKMWOox6/F+rTyFnD9xFmmNuvuDI4EmVsQoVnK0yQCIqEy+NEZe0; 3:PRpjvI/23Yk/asCsRj301StaF4Rca/I/zhT7MgVo57V4V4qg5ni6vAatHHDsHRxX4uYtQWp3Qe2Pq4VP5nI6j5E3Oev7jm+lGoQk7hX4USzWT+8rJmCBB0U0PVsKT/60pC19aL5J+poFX+HWuQEWVNtx07s80M/ofbLIx7T4uav9sl4Zd5Ujo1OaRoPE+obv; 25:dpCCA0WU/uTQ+YsSX1Gi5eZMbuCb+DQmlDH0Tt2ZQ1xAct+RCKjMsTS/8dk6HIEJzfDDkSUoWWFbdxcrb2Yib5rd6xYkbEjQrxV5HiJGz8y6sd7gdEwO1rH4eSbKA8nvw5yuDcp+/xO+sfMmHZrY4o00qXodVdo7xiV4D2i3VhKR4CLiHCa3hx8MDnORBZjp322SK3yKYtu492uszmXBg5nB3rWBuYkFbMCxfZkdM8iZI1KRVvti9HmEZw/OK2YJfnTf4665ZiN5J+W+7kMRl8ZuPCI2NY/PoNrvs5gPwwn92iGWeeoG3kivl0DBuasKz+XZMY0Qo3MZz83K++GcFQ== X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:VI1PR05MB1696; X-MLNXRule-EZCH-Linux: Rule triggered X-MLNXRule-Acc-Dom-4: Rule triggered X-Microsoft-Exchange-Diagnostics: 1; VI1PR05MB1696; 20:U/4tteu14pVe13MqIZyQFk7o1lUbxSkLmVRnGjpKmLofXvwf0WkSrJopMX1jWUCZtXujhEbVWo2dJv29pzi5GA34ikNTmdu8IkqOYsJ+zaCJxopy+lZQMTurbP/ODeiosvKkdHUAljeRA3RqFdfDUm/21HqWhp/DcmRNh3Dn82YdQ8W7l8lowHaEyyDsZTYB7MLbiwhLc7czGOZVFDPe4V2xA23L7WqLbHbO89XL0fRlSD8m7+SNU5nWWLeNUNIQX7jXNYvffr+A0OuTa2JK6eJ/Rm/sdrDQ2E7i7eCtLA1IlXunvpSByMQtg3bb892V1lQq1XSUrM0vl7umy45ujWu8Ep3jDn7nTXKY389ij0bB+3JGnW3kIr7cmIMjji+ZlLrLj0Clt98jtzKqv2bNIVr0bqvlAzkYF0KJhvMxTjGBQ2FzgArh1EutjluInubdfpPHRtPm06dbGXHgshxtbu6PU672rRgNZHn/oNLGY+23SdF4UsCKtfLG2aXkUXU44m8U4cKDeOPwdPTNyYzxrIew/uFN58G+bY7qrhwTCi1GXzWgkpJ6r2GQnm5TJgnnbsNVIA3ER5mQ8x4ypLMeG4Ci0k6sZ3727rq6VTwQqSo= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(13015025)(13017025)(13023025)(13024025)(5005006)(8121501046)(13018025)(3002001)(10201501046); SRVR:VI1PR05MB1696; BCL:0; PCL:0; RULEID:; SRVR:VI1PR05MB1696; X-Microsoft-Exchange-Diagnostics: 1; VI1PR05MB1696; 4:XKodbG7LaxAoLcg3/NkTaPeZ57w8+IwJuM7A8TnmyaykAtHdTauR3ZZl9sk5iHJnyTsmL4JSv+pHxRD0vXjCYoOQ2eUonb5lVY+uvE6Q8dtZtxxkGxeTOa8cQIgaOSpq+R7aScj2bx4bQFimYLeyICAQVmd4CwPqknOj3Cwjb1GVEsZtPKAi1hJn9JvOttsXbijpS8RJJtguR9DBzt9+fodkJ75R9wtkrEGB1UltIIaWxWyNQNynfxlSU+yCy65FQwcMVdGy+l3oraIHqN64zcjS7Z0Xi6sx6XYLYsPG7HuBF5F0SJbGH+aElUY1k2iRh0VTrjNmnlq+01jSZDbHWV0v7Jj71nw4KxGCImvG0V/XMxoI80fvkxSMksrvZtAjs4xAgT/X2NyZrdOWzgF8MRcQtL1ytcPConvV9sMBql1JJ9isakvCEt1OJ4RZs14w8E4GGWjySP/BbuZYYPHZHg== X-Forefront-PRVS: 086943A159 X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; VI1PR05MB1696; 23:DvWk+3Ew3oPRyYbe3znWSFHpB9vFcw7MLkHoLEdgh?= =?us-ascii?Q?RbE3nKCmd834OfTPuxfZcXVF+bmQ9CI9g+RBgS0MR1ujt+MzhLEqulTKNMPA?= =?us-ascii?Q?2aJiTma+xNyB2MESvg86zxAB/YEhsi8gljBsT4iRcAOskJaOBZ9TBrX4vQJh?= =?us-ascii?Q?k5jpm1GVlWEfzkFlp5Ov7maLwGj9fHv+tu9QaVwFNvCnBHPvO+hfWazCzG6t?= =?us-ascii?Q?Zmel+pmA+6outDeOsNwdz2gQfvjpGQ01aWqZbk10ECQPEzuHnXPPi/xTR4si?= =?us-ascii?Q?1h4RjTQWVY4EEwabIrCr1Yu3kXkz6EEil9mFgqcYsj//OrVevLznNQfrV9CX?= =?us-ascii?Q?AwNM6X/h30axLQSDulkMEmQogr9w6aNkdTg9IEmzszGe2NAPAk8Fzlt4W+it?= =?us-ascii?Q?h7s6oWtIeoq5wt8PCQ+TYPJb63Nnji1aXL0b9GHGC+ka4A/s8Ah/IMOMdhMM?= =?us-ascii?Q?6R2/eoe5xA3Yc2b8dVbNhlUk29ArrDYGuK7+5+8TUw7HIU64OKaENvKpAbuE?= =?us-ascii?Q?LzOHZJ/qqA2RzeYzs9YYRW5xSYVn3vefijzm9Wcr/MwtgHGj+4bId4BxQqCB?= =?us-ascii?Q?6qX9DBsEDo0ufJJBeU1RQJ4umiEj7XNkjOuLqQbafwLzW0fivpncFSh/iPyK?= =?us-ascii?Q?FYcpIPLP7uEXryqOgOIQCb+bwogyp/7RQ/g9aUaoPsBLdtVt7nM7KyC2Q4lh?= =?us-ascii?Q?Ceq/ujyBtKlKiiE/zodvRvbhGxUNdVFYOn/U1akWpdewCJQ0j7BYol4ga7aR?= =?us-ascii?Q?0dnUcNBZP28QfPv1B5CnASS/RQhItR0CDLnDCtaY4/qmCC8szQcG5zatFcr7?= =?us-ascii?Q?QZlCYsIrSM/LCgnLMpMwe/Kj2aoJQh6BNK2aSt3P67vEDlhfzGWrjCtNzOBc?= =?us-ascii?Q?LKqfseQk5tSkIRiDK83whsaowAAgYU2C+MVVt1P5bBjuOS3h58gCU1beslzA?= =?us-ascii?Q?3hmbRagbSqhxMFtfUvvSmnEcHU6i8MXwXj9oaLtLNDV5awbuj0a0Cuydd+zs?= =?us-ascii?Q?1Te4DWvvlJ7Z26QYeLAWIcUDvKYuoIj+jQliLpYgSOQ+D8L5aEzT8u+yW/8/?= =?us-ascii?Q?84osfOfye0KKr6oMjSa/W7D3CoXsh2YfRM8VDEmP1fmG9k10joyOfctStUQO?= =?us-ascii?Q?15zv8j56DxlgmGdnpwtPPiJHqt/JN+9jJg8A6tmADdCdEEHVaowhG6+uJzk/?= =?us-ascii?Q?oyonQ6xporqDfx9oN8A5pfv6XKK8k7a209M?= X-Microsoft-Exchange-Diagnostics: 1; VI1PR05MB1696; 5:sHR8vNSqGTVJlQsDvIk30EHBlMuiqhSxWgRxtTAUmeoXKUeTxExrNjxrrJuSX1+JKSjuSHDLiiqpq5YpDVCbfboz/44TI6wj6ibIEDJLmw6qFOLzOHhRWsPt9QKtWLHAg4NNrTZPWD5LtMq1chrGiw==; 24:G1svPK6jvjbwmR1bFKnqVrRwOm0p+z0FFlay58OhoXrHYbWeTAYW67ahJCVcw63HFaEhWXuFjJPFEhFJ9W1ZaehYNIPjui5u81Ojzn33hX0= X-OriginatorOrg: ezchip.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Mar 2016 20:10:40.4569 (UTC) X-MS-Exchange-CrossTenant-Id: a652971c-7d2e-4d9b-a6a4-d149256f461b X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=a652971c-7d2e-4d9b-a6a4-d149256f461b; Ip=[12.216.194.146]; Helo=[ld-1.internal.tilera.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR05MB1696 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160302_121119_221225_7F35861E X-CRM114-Status: GOOD ( 15.83 ) X-Spam-Score: -1.9 (-) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Chris Metcalf Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Spam-Status: No, score=-4.1 required=5.0 tests=BAD_ENC_HEADER,BAYES_00, DKIM_SIGNED,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In do_notify_resume(), call task_isolation_ready() when we are checking the thread-info flags; and after we've handled the other work, call task_isolation_enter() unconditionally. To ensure we always call task_isolation_enter() when returning to userspace, modify _TIF_WORK_MASK to be _TIF_NOHZ, which is set in every task, when we build with TASK_ISOLATION configured. We tweak syscall_trace_enter() slightly to carry the "flags" value from current_thread_info()->flags for each of the tests, rather than doing a volatile read from memory for each one. This avoids a small overhead for each test, and in particular avoids that overhead for TIF_NOHZ when TASK_ISOLATION is not enabled. We instrument the smp_cross_call() routine so that it checks for isolated tasks and generates a suitable warning if we are about to disturb one of them in strict or debug mode. Finally, add an explicit check for STRICT mode in do_mem_abort() to handle the case of page faults. Signed-off-by: Chris Metcalf --- arch/arm64/include/asm/thread_info.h | 8 +++++++- arch/arm64/kernel/ptrace.c | 12 +++++++++--- arch/arm64/kernel/signal.c | 6 +++++- arch/arm64/kernel/smp.c | 2 ++ arch/arm64/mm/fault.c | 4 ++++ 5 files changed, 27 insertions(+), 5 deletions(-) diff --git a/arch/arm64/include/asm/thread_info.h b/arch/arm64/include/asm/thread_info.h index abd64bd1f6d9..89c72888cb54 100644 --- a/arch/arm64/include/asm/thread_info.h +++ b/arch/arm64/include/asm/thread_info.h @@ -131,9 +131,15 @@ static inline struct thread_info *current_thread_info(void) #define _TIF_SECCOMP (1 << TIF_SECCOMP) #define _TIF_32BIT (1 << TIF_32BIT) -#define _TIF_WORK_MASK (_TIF_NEED_RESCHED | _TIF_SIGPENDING | \ +#define _TIF_WORK_LOOP_MASK (_TIF_NEED_RESCHED | _TIF_SIGPENDING | \ _TIF_NOTIFY_RESUME | _TIF_FOREIGN_FPSTATE) +#ifdef CONFIG_TASK_ISOLATION +# define _TIF_WORK_MASK _TIF_NOHZ /* always set */ +#else +# define _TIF_WORK_MASK _TIF_WORK_LOOP_MASK +#endif + #define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \ _TIF_SYSCALL_TRACEPOINT | _TIF_SECCOMP | \ _TIF_NOHZ) diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index ff7f13239515..43aa6d016f46 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -37,6 +37,7 @@ #include #include #include +#include #include #include @@ -1246,14 +1247,19 @@ static void tracehook_report_syscall(struct pt_regs *regs, asmlinkage int syscall_trace_enter(struct pt_regs *regs) { - /* Do the secure computing check first; failures should be fast. */ + unsigned long work = ACCESS_ONCE(current_thread_info()->flags); + + if ((work & _TIF_NOHZ) && task_isolation_check_syscall(regs->syscallno)) + return -1; + + /* Do the secure computing check early; failures should be fast. */ if (secure_computing() == -1) return -1; - if (test_thread_flag(TIF_SYSCALL_TRACE)) + if (work & _TIF_SYSCALL_TRACE) tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER); - if (test_thread_flag(TIF_SYSCALL_TRACEPOINT)) + if (work & _TIF_SYSCALL_TRACEPOINT) trace_sys_enter(regs, regs->syscallno); audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1], diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c index 3432e14b7d6e..53fcd6c305d6 100644 --- a/arch/arm64/kernel/signal.c +++ b/arch/arm64/kernel/signal.c @@ -25,6 +25,7 @@ #include #include #include +#include #include #include @@ -419,12 +420,15 @@ asmlinkage void do_notify_resume(struct pt_regs *regs, if (thread_flags & _TIF_FOREIGN_FPSTATE) fpsimd_restore_current_state(); + + task_isolation_enter(); } local_irq_disable(); thread_flags = READ_ONCE(current_thread_info()->flags); - if (!(thread_flags & _TIF_WORK_MASK)) + if (!(thread_flags & _TIF_WORK_LOOP_MASK) && + task_isolation_ready()) break; } } diff --git a/arch/arm64/kernel/smp.c b/arch/arm64/kernel/smp.c index b1adc51b2c2e..dcb3282d04a2 100644 --- a/arch/arm64/kernel/smp.c +++ b/arch/arm64/kernel/smp.c @@ -37,6 +37,7 @@ #include #include #include +#include #include #include @@ -632,6 +633,7 @@ static const char *ipi_types[NR_IPI] __tracepoint_string = { static void smp_cross_call(const struct cpumask *target, unsigned int ipinr) { trace_ipi_raise(target, ipi_types[ipinr]); + task_isolation_debug_cpumask(target); __smp_cross_call(target, ipinr); } diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c index abe2a9542b3a..644cd634dd1d 100644 --- a/arch/arm64/mm/fault.c +++ b/arch/arm64/mm/fault.c @@ -29,6 +29,7 @@ #include #include #include +#include #include #include @@ -473,6 +474,9 @@ asmlinkage void __exception do_mem_abort(unsigned long addr, unsigned int esr, const struct fault_info *inf = fault_info + (esr & 63); struct siginfo info; + if (user_mode(regs)) + task_isolation_check_exception("%s at %#lx", inf->name, addr); + if (!inf->fn(addr, esr, regs)) return;