Re: [PATCH 1/2] x86/arch_prctl: add ARCH_SET_{COMPAT,NATIVE} to change compatible mode

From: Andy Lutomirski <luto@amacapital.net>
To: Dmitry Safonov <dsafonov@virtuozzo.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
	Shuah Khan <shuahkh@osg.samsung.com>,
	Ingo Molnar <mingo@redhat.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Borislav Petkov <bp@alien8.de>,
	khorenko@virtuozzo.com, X86 ML <x86@kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	xemul@virtuozzo.com, linux-kselftest@vger.kernel.org,
	Cyrill Gorcunov <gorcunov@openvz.org>,
	Dmitry Safonov <0x7f454c46@gmail.com>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"H. Peter Anvin" <hpa@zytor.com>
Subject: Re: [PATCH 1/2] x86/arch_prctl: add ARCH_SET_{COMPAT,NATIVE} to change compatible mode
Date: Fri, 8 Apr 2016 13:44:22 -0700	[thread overview]
Message-ID: <CALCETrWKb-OZuRrjxk7f4KD2zXEMs2j5ONj+dXcvyx65-nDcYA@mail.gmail.com> (raw)
In-Reply-To: <5707D9F1.3090102@virtuozzo.com>

On Apr 8, 2016 9:20 AM, "Dmitry Safonov" <dsafonov@virtuozzo.com> wrote:
>
> On 04/08/2016 06:56 PM, Andy Lutomirski wrote:
>>
>> On Fri, Apr 8, 2016 at 6:50 AM, Dmitry Safonov <dsafonov@virtuozzo.com> wrote:
>>>
>>> Hello again,
>>> what do you think about attached patch?
>>> I think it should fix landing problem for i386 vdso mremap.
>>> It does not touch fast syscall path, so there should be no
>>> speed regression.
>>
>> For this thing:
>>
>>
>> +    /* Fixing userspace landing - look at do_fast_syscall_32 */
>> +    if (current_thread_info()->status & TS_COMPAT)
>> +        regs->ip = (unsigned long)current->mm->context.vdso +
>> +            vdso_image_32.sym_int80_landing_pad;
>>
>> Either check that ip was where you expected it
>
> And if it's not there - return error?

No, just leave IP unchanged.

>
>>   or simply remove this
>> code -- user programs that are mremapping the vdso are already playing
>> with fire and can just use int $0x80 to do it.
>>
>> Other than that, it looks generally sane.  The .mremap hook didn't
>> exist last time I looked at this :)
>>
>> The main downside of your approach is that it doesn't allow switching
>> between the 32-bit, 64-bit, and x32 images.  Also, it requires
>> awareness of how vvar and vdso line up, whereas a dedicated API could
>> do the whole thing.
>
> Yes, I'm working on it. This patch will only allow moving vdso
> image with general mremap - so I could use arch_prctl for
> that API, as for native i386 one may move vdso with mremap
> and cannot map any other vdso blobs.
> Does it sound fine?
>
> So, I have some difficulties with removing TIF_IA32 flag:
> it's checked by perf for interpreting stack frames/instructions
> and may be checked out of syscall executing (when tracing
> page fault events, for example).

Feel free to ask for help on some of these details.  user_64bit_mode
will be helpful too.

> I doubt, is it sane to remove
> TS_COMPAT instead, leaving TIF_IA32, as for some cases
> we need to know if task is compatible outside of syscall's path?

No.  TS_COMPAT is important, and it's also better behaved than
TIF_IA32 -- it has a very specific meaning: "am I currently executing
a 32-bit syscall".

> And the comment in asm/syscall.h says:
> >  * TIF_IA32 tasks should always have TS_COMPAT set at
> >  * system call time.
> that means, that TS_COMPAT is always set on TIF_IA32, so
> is meaningless.
> What do you think?

The comment is wrong :). TS_COMPAT is true on int80 or 32-bit vdso
syscall entries and is false otherwise.  64-bit tasks can use int80
and, with your patches, will be able to use the 32-bit vdso entry as
well.

>
> Thanks,
> Dmitry.