From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (146.0.238.70:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 21 Jan 2019 19:54:52 -0000 Received: from mga11.intel.com ([192.55.52.93]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gkeqZ-0003Nb-Jf for speck@linutronix.de; Sat, 19 Jan 2019 01:50:52 +0100 From: Andi Kleen Subject: [MODERATED] [PATCH v5 24/27] MDSv5 5 Date: Fri, 18 Jan 2019 16:50:39 -0800 Message-Id: <005ac38c17b43d83ac9fa863bd75328d68060db0.1547858934.git.ak@linux.intel.com> In-Reply-To: References: In-Reply-To: References: To: speck@linutronix.de Cc: Andi Kleen List-ID: From: Andi Kleen Subject: mds: mark kernel/* timers safe as not touching user data Some preliminary auditing of kernel/* shows no timers touch other processes' user data. Mark all the timers in kernel/* as not needed an implicit cpu clear. More auditing here would be useful. Signed-off-by: Andi Kleen --- kernel/events/core.c | 6 ++++-- kernel/fork.c | 3 ++- kernel/futex.c | 6 +++--- kernel/sched/core.c | 5 +++-- kernel/sched/deadline.c | 6 ++++-- kernel/sched/fair.c | 6 ++++-- kernel/sched/idle.c | 3 ++- kernel/sched/rt.c | 3 ++- kernel/time/alarmtimer.c | 2 +- kernel/time/hrtimer.c | 6 +++--- kernel/time/posix-timers.c | 6 ++++-- kernel/time/sched_clock.c | 3 ++- kernel/time/tick-sched.c | 6 ++++-- kernel/watchdog.c | 3 ++- 14 files changed, 40 insertions(+), 24 deletions(-) diff --git a/kernel/events/core.c b/kernel/events/core.c index 3cd13a30f732..5d9a4ed0cf58 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -1102,7 +1102,8 @@ static void __perf_mux_hrtimer_init(struct perf_cpu_context *cpuctx, int cpu) cpuctx->hrtimer_interval = ns_to_ktime(NSEC_PER_MSEC * interval); raw_spin_lock_init(&cpuctx->hrtimer_lock); - hrtimer_init(timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS_PINNED); + hrtimer_init(timer, CLOCK_MONOTONIC, + HRTIMER_MODE_ABS_PINNED|HRTIMER_MODE_NO_USER); timer->function = perf_mux_hrtimer_handler; } @@ -9202,7 +9203,8 @@ static void perf_swevent_init_hrtimer(struct perf_event *event) if (!is_sampling_event(event)) return; - hrtimer_init(&hwc->hrtimer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(&hwc->hrtimer, CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); hwc->hrtimer.function = perf_swevent_hrtimer; /* diff --git a/kernel/fork.c b/kernel/fork.c index b69248e6f0e0..acb2626e40a1 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1542,7 +1542,8 @@ static int copy_signal(unsigned long clone_flags, struct task_struct *tsk) #ifdef CONFIG_POSIX_TIMERS INIT_LIST_HEAD(&sig->posix_timers); - hrtimer_init(&sig->real_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(&sig->real_timer, CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); sig->real_timer.function = it_real_fn; #endif diff --git a/kernel/futex.c b/kernel/futex.c index be3bff2315ff..4ac7a412f04b 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -2691,7 +2691,7 @@ static int futex_wait(u32 __user *uaddr, unsigned int flags, u32 val, hrtimer_init_on_stack(&to->timer, (flags & FLAGS_CLOCKRT) ? CLOCK_REALTIME : CLOCK_MONOTONIC, - HRTIMER_MODE_ABS); + HRTIMER_MODE_ABS|HRTIMER_MODE_NO_USER); hrtimer_init_sleeper(to, current); hrtimer_set_expires_range_ns(&to->timer, *abs_time, current->timer_slack_ns); @@ -2792,7 +2792,7 @@ static int futex_lock_pi(u32 __user *uaddr, unsigned int flags, if (time) { to = &timeout; hrtimer_init_on_stack(&to->timer, CLOCK_REALTIME, - HRTIMER_MODE_ABS); + HRTIMER_MODE_ABS|HRTIMER_MODE_NO_USER); hrtimer_init_sleeper(to, current); hrtimer_set_expires(&to->timer, *time); } @@ -3192,7 +3192,7 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, unsigned int flags, to = &timeout; hrtimer_init_on_stack(&to->timer, (flags & FLAGS_CLOCKRT) ? CLOCK_REALTIME : CLOCK_MONOTONIC, - HRTIMER_MODE_ABS); + HRTIMER_MODE_ABS|HRTIMER_MODE_NO_USER); hrtimer_init_sleeper(to, current); hrtimer_set_expires_range_ns(&to->timer, *abs_time, current->timer_slack_ns); diff --git a/kernel/sched/core.c b/kernel/sched/core.c index b04918e9115c..6ca60c91cf30 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -302,7 +302,7 @@ void hrtick_start(struct rq *rq, u64 delay) */ delay = max_t(u64, delay, 10000LL); hrtimer_start(&rq->hrtick_timer, ns_to_ktime(delay), - HRTIMER_MODE_REL_PINNED); + HRTIMER_MODE_REL_PINNED|HRTIMER_MODE_NO_USER); } #endif /* CONFIG_SMP */ @@ -316,7 +316,8 @@ static void hrtick_rq_init(struct rq *rq) rq->hrtick_csd.info = rq; #endif - hrtimer_init(&rq->hrtick_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(&rq->hrtick_timer, CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); rq->hrtick_timer.function = hrtick; } #else /* CONFIG_SCHED_HRTICK */ diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c index fb8b7b5d745d..dce637e0b3bd 100644 --- a/kernel/sched/deadline.c +++ b/kernel/sched/deadline.c @@ -1054,7 +1054,8 @@ void init_dl_task_timer(struct sched_dl_entity *dl_se) { struct hrtimer *timer = &dl_se->dl_timer; - hrtimer_init(timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(timer, CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); timer->function = dl_task_timer; } @@ -1293,7 +1294,8 @@ void init_dl_inactive_task_timer(struct sched_dl_entity *dl_se) { struct hrtimer *timer = &dl_se->inactive_timer; - hrtimer_init(timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(timer, CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); timer->function = inactive_task_timer; } diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c index 50aa2aba69bd..b8cb9aad6b74 100644 --- a/kernel/sched/fair.c +++ b/kernel/sched/fair.c @@ -4889,9 +4889,11 @@ void init_cfs_bandwidth(struct cfs_bandwidth *cfs_b) cfs_b->period = ns_to_ktime(default_cfs_period()); INIT_LIST_HEAD(&cfs_b->throttled_cfs_rq); - hrtimer_init(&cfs_b->period_timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS_PINNED); + hrtimer_init(&cfs_b->period_timer, CLOCK_MONOTONIC, + HRTIMER_MODE_ABS_PINNED|HRTIMER_MODE_NO_USER); cfs_b->period_timer.function = sched_cfs_period_timer; - hrtimer_init(&cfs_b->slack_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(&cfs_b->slack_timer, CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); cfs_b->slack_timer.function = sched_cfs_slack_timer; cfs_b->distribute_running = 0; } diff --git a/kernel/sched/idle.c b/kernel/sched/idle.c index f5516bae0c1b..6a4cc46d8c4b 100644 --- a/kernel/sched/idle.c +++ b/kernel/sched/idle.c @@ -330,7 +330,8 @@ void play_idle(unsigned long duration_ms) cpuidle_use_deepest_state(true); it.done = 0; - hrtimer_init_on_stack(&it.timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init_on_stack(&it.timer, CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); it.timer.function = idle_inject_timer_fn; hrtimer_start(&it.timer, ms_to_ktime(duration_ms), HRTIMER_MODE_REL_PINNED); diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c index e4f398ad9e73..24b90b260682 100644 --- a/kernel/sched/rt.c +++ b/kernel/sched/rt.c @@ -46,7 +46,8 @@ void init_rt_bandwidth(struct rt_bandwidth *rt_b, u64 period, u64 runtime) raw_spin_lock_init(&rt_b->rt_runtime_lock); hrtimer_init(&rt_b->rt_period_timer, - CLOCK_MONOTONIC, HRTIMER_MODE_REL); + CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); rt_b->rt_period_timer.function = sched_rt_period_timer; } diff --git a/kernel/time/alarmtimer.c b/kernel/time/alarmtimer.c index 2c97e8c2d29f..f2efd9b5d0b7 100644 --- a/kernel/time/alarmtimer.c +++ b/kernel/time/alarmtimer.c @@ -344,7 +344,7 @@ void alarm_init(struct alarm *alarm, enum alarmtimer_type type, enum alarmtimer_restart (*function)(struct alarm *, ktime_t)) { hrtimer_init(&alarm->timer, alarm_bases[type].base_clockid, - HRTIMER_MODE_ABS); + HRTIMER_MODE_ABS|HRTIMER_MODE_NO_USER); __alarm_init(alarm, type, function); } EXPORT_SYMBOL_GPL(alarm_init); diff --git a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c index e2c8776ba2a4..58beefd3543a 100644 --- a/kernel/time/hrtimer.c +++ b/kernel/time/hrtimer.c @@ -1713,7 +1713,7 @@ static long __sched hrtimer_nanosleep_restart(struct restart_block *restart) int ret; hrtimer_init_on_stack(&t.timer, restart->nanosleep.clockid, - HRTIMER_MODE_ABS); + HRTIMER_MODE_ABS|HRTIMER_MODE_NO_USER); hrtimer_set_expires_tv64(&t.timer, restart->nanosleep.expires); ret = do_nanosleep(&t, HRTIMER_MODE_ABS); @@ -1733,7 +1733,7 @@ long hrtimer_nanosleep(const struct timespec64 *rqtp, if (dl_task(current) || rt_task(current)) slack = 0; - hrtimer_init_on_stack(&t.timer, clockid, mode); + hrtimer_init_on_stack(&t.timer, clockid, mode|HRTIMER_MODE_NO_USER); hrtimer_set_expires_range_ns(&t.timer, timespec64_to_ktime(*rqtp), slack); ret = do_nanosleep(&t, mode); if (ret != -ERESTART_RESTARTBLOCK) @@ -1932,7 +1932,7 @@ schedule_hrtimeout_range_clock(ktime_t *expires, u64 delta, return -EINTR; } - hrtimer_init_on_stack(&t.timer, clock_id, mode); + hrtimer_init_on_stack(&t.timer, clock_id, mode|HRTIMER_MODE_NO_USER); hrtimer_set_expires_range_ns(&t.timer, *expires, delta); hrtimer_init_sleeper(&t, current); diff --git a/kernel/time/posix-timers.c b/kernel/time/posix-timers.c index 0e84bb72a3da..0faf661cb4c8 100644 --- a/kernel/time/posix-timers.c +++ b/kernel/time/posix-timers.c @@ -464,7 +464,8 @@ static void release_posix_timer(struct k_itimer *tmr, int it_id_set) static int common_timer_create(struct k_itimer *new_timer) { - hrtimer_init(&new_timer->it.real.timer, new_timer->it_clock, 0); + hrtimer_init(&new_timer->it.real.timer, new_timer->it_clock, + HRTIMER_MODE_NO_USER); return 0; } @@ -789,7 +790,8 @@ static void common_hrtimer_arm(struct k_itimer *timr, ktime_t expires, if (timr->it_clock == CLOCK_REALTIME) timr->kclock = absolute ? &clock_realtime : &clock_monotonic; - hrtimer_init(&timr->it.real.timer, timr->it_clock, mode); + hrtimer_init(&timr->it.real.timer, timr->it_clock, + mode|HRTIMER_MODE_NO_USER); timr->it.real.timer.function = posix_timer_fn; if (!absolute) diff --git a/kernel/time/sched_clock.c b/kernel/time/sched_clock.c index 094b82ca95e5..e0a59ed9199f 100644 --- a/kernel/time/sched_clock.c +++ b/kernel/time/sched_clock.c @@ -249,7 +249,8 @@ void __init generic_sched_clock_init(void) * Start the timer to keep sched_clock() properly updated and * sets the initial epoch. */ - hrtimer_init(&sched_clock_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(&sched_clock_timer, CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); sched_clock_timer.function = sched_clock_poll; hrtimer_start(&sched_clock_timer, cd.wrap_kt, HRTIMER_MODE_REL); } diff --git a/kernel/time/tick-sched.c b/kernel/time/tick-sched.c index 6fa52cd6df0b..b95f6f1e7bc3 100644 --- a/kernel/time/tick-sched.c +++ b/kernel/time/tick-sched.c @@ -1205,7 +1205,8 @@ static void tick_nohz_switch_to_nohz(void) * Recycle the hrtimer in ts, so we can share the * hrtimer_forward with the highres code. */ - hrtimer_init(&ts->sched_timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS); + hrtimer_init(&ts->sched_timer, CLOCK_MONOTONIC, + HRTIMER_MODE_ABS|HRTIMER_MODE_NO_USER); /* Get the next period */ next = tick_init_jiffy_update(); @@ -1302,7 +1303,8 @@ void tick_setup_sched_timer(void) /* * Emulate tick processing via per-CPU hrtimers: */ - hrtimer_init(&ts->sched_timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS); + hrtimer_init(&ts->sched_timer, CLOCK_MONOTONIC, + HRTIMER_MODE_ABS|HRTIMER_MODE_NO_USER); ts->sched_timer.function = tick_sched_timer; /* Get the next period (per-CPU) */ diff --git a/kernel/watchdog.c b/kernel/watchdog.c index 977918d5d350..d3c9da0a4fce 100644 --- a/kernel/watchdog.c +++ b/kernel/watchdog.c @@ -483,7 +483,8 @@ static void watchdog_enable(unsigned int cpu) * Start the timer first to prevent the NMI watchdog triggering * before the timer has a chance to fire. */ - hrtimer_init(hrtimer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); + hrtimer_init(hrtimer, CLOCK_MONOTONIC, + HRTIMER_MODE_REL|HRTIMER_MODE_NO_USER); hrtimer->function = watchdog_timer_fn; hrtimer_start(hrtimer, ns_to_ktime(sample_period), HRTIMER_MODE_REL_PINNED); -- 2.17.2