All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] x86/mce: Make machine check speculation protected
@ 2018-01-18 15:28 Thomas Gleixner
  2018-01-18 15:46 ` Peter Zijlstra
                   ` (4 more replies)
  0 siblings, 5 replies; 6+ messages in thread
From: Thomas Gleixner @ 2018-01-18 15:28 UTC (permalink / raw)
  To: LKML; +Cc: x86, Peter Zijlstra, Borislav Petkov, David Woodhouse

The machine check idtentry uses an indirect branch directly from the low
level code. This evades the speculation protection.

Replace it by a direct call into C code and issue the indirect call there
so the compiler can apply the proper speculation protection.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 arch/x86/entry/entry_64.S        |    2 +-
 arch/x86/include/asm/traps.h     |    1 +
 arch/x86/kernel/cpu/mcheck/mce.c |    5 +++++
 3 files changed, 7 insertions(+), 1 deletion(-)

--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -1264,7 +1264,7 @@ idtentry async_page_fault	do_async_page_
 #endif
 
 #ifdef CONFIG_X86_MCE
-idtentry machine_check					has_error_code=0	paranoid=1 do_sym=*machine_check_vector(%rip)
+idtentry machine_check		do_mce			has_error_code=0	paranoid=1
 #endif
 
 /*
--- a/arch/x86/include/asm/traps.h
+++ b/arch/x86/include/asm/traps.h
@@ -88,6 +88,7 @@ dotraplinkage void do_simd_coprocessor_e
 #ifdef CONFIG_X86_32
 dotraplinkage void do_iret_error(struct pt_regs *, long);
 #endif
+dotraplinkage void do_mce(struct pt_regs *, long);
 
 static inline int get_si_code(unsigned long condition)
 {
--- a/arch/x86/kernel/cpu/mcheck/mce.c
+++ b/arch/x86/kernel/cpu/mcheck/mce.c
@@ -1785,6 +1785,11 @@ static void unexpected_machine_check(str
 void (*machine_check_vector)(struct pt_regs *, long error_code) =
 						unexpected_machine_check;
 
+dotraplinkage void do_mce(struct pt_regs *regs, long error_code)
+{
+	machine_check_vector(regs, error_code);
+}
+
 /*
  * Called for each booted CPU to set up machine checks.
  * Must be called with preempt off:

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [PATCH] x86/mce: Make machine check speculation protected
  2018-01-18 15:28 [PATCH] x86/mce: Make machine check speculation protected Thomas Gleixner
@ 2018-01-18 15:46 ` Peter Zijlstra
  2018-01-18 15:53 ` Borislav Petkov
                   ` (3 subsequent siblings)
  4 siblings, 0 replies; 6+ messages in thread
From: Peter Zijlstra @ 2018-01-18 15:46 UTC (permalink / raw)
  To: Thomas Gleixner; +Cc: LKML, x86, Borislav Petkov, David Woodhouse

On Thu, Jan 18, 2018 at 04:28:26PM +0100, Thomas Gleixner wrote:
> The machine check idtentry uses an indirect branch directly from the low
> level code. This evades the speculation protection.
> 
> Replace it by a direct call into C code and issue the indirect call there
> so the compiler can apply the proper speculation protection.
> 
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> ---
>  arch/x86/entry/entry_64.S        |    2 +-
>  arch/x86/include/asm/traps.h     |    1 +
>  arch/x86/kernel/cpu/mcheck/mce.c |    5 +++++
>  3 files changed, 7 insertions(+), 1 deletion(-)
> 
> --- a/arch/x86/entry/entry_64.S
> +++ b/arch/x86/entry/entry_64.S
> @@ -1264,7 +1264,7 @@ idtentry async_page_fault	do_async_page_
>  #endif
>  
>  #ifdef CONFIG_X86_MCE
> -idtentry machine_check					has_error_code=0	paranoid=1 do_sym=*machine_check_vector(%rip)
> +idtentry machine_check		do_mce			has_error_code=0	paranoid=1

Nice, Thanks!

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [PATCH] x86/mce: Make machine check speculation protected
  2018-01-18 15:28 [PATCH] x86/mce: Make machine check speculation protected Thomas Gleixner
  2018-01-18 15:46 ` Peter Zijlstra
@ 2018-01-18 15:53 ` Borislav Petkov
  2018-01-18 15:55 ` David Woodhouse
                   ` (2 subsequent siblings)
  4 siblings, 0 replies; 6+ messages in thread
From: Borislav Petkov @ 2018-01-18 15:53 UTC (permalink / raw)
  To: Thomas Gleixner; +Cc: LKML, x86, Peter Zijlstra, David Woodhouse

On Thu, Jan 18, 2018 at 04:28:26PM +0100, Thomas Gleixner wrote:
> The machine check idtentry uses an indirect branch directly from the low
> level code. This evades the speculation protection.
> 
> Replace it by a direct call into C code and issue the indirect call there
> so the compiler can apply the proper speculation protection.
> 
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> ---
>  arch/x86/entry/entry_64.S        |    2 +-
>  arch/x86/include/asm/traps.h     |    1 +
>  arch/x86/kernel/cpu/mcheck/mce.c |    5 +++++
>  3 files changed, 7 insertions(+), 1 deletion(-)
> 
> --- a/arch/x86/entry/entry_64.S
> +++ b/arch/x86/entry/entry_64.S
> @@ -1264,7 +1264,7 @@ idtentry async_page_fault	do_async_page_
>  #endif
>  
>  #ifdef CONFIG_X86_MCE
> -idtentry machine_check					has_error_code=0	paranoid=1 do_sym=*machine_check_vector(%rip)
> +idtentry machine_check		do_mce			has_error_code=0	paranoid=1
>  #endif
>  
>  /*
> --- a/arch/x86/include/asm/traps.h
> +++ b/arch/x86/include/asm/traps.h
> @@ -88,6 +88,7 @@ dotraplinkage void do_simd_coprocessor_e
>  #ifdef CONFIG_X86_32
>  dotraplinkage void do_iret_error(struct pt_regs *, long);
>  #endif
> +dotraplinkage void do_mce(struct pt_regs *, long);
>  
>  static inline int get_si_code(unsigned long condition)
>  {
> --- a/arch/x86/kernel/cpu/mcheck/mce.c
> +++ b/arch/x86/kernel/cpu/mcheck/mce.c
> @@ -1785,6 +1785,11 @@ static void unexpected_machine_check(str
>  void (*machine_check_vector)(struct pt_regs *, long error_code) =
>  						unexpected_machine_check;
>  
> +dotraplinkage void do_mce(struct pt_regs *regs, long error_code)
> +{
> +	machine_check_vector(regs, error_code);
> +}
> +
>  /*
>   * Called for each booted CPU to set up machine checks.
>   * Must be called with preempt off:

Reviewed-by: Borislav Petkov <bp@suse.de>

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [PATCH] x86/mce: Make machine check speculation protected
  2018-01-18 15:28 [PATCH] x86/mce: Make machine check speculation protected Thomas Gleixner
  2018-01-18 15:46 ` Peter Zijlstra
  2018-01-18 15:53 ` Borislav Petkov
@ 2018-01-18 15:55 ` David Woodhouse
  2018-01-19  8:46 ` Woodhouse, David
  2018-01-19 15:46 ` [tip:x86/pti] " tip-bot for Thomas Gleixner
  4 siblings, 0 replies; 6+ messages in thread
From: David Woodhouse @ 2018-01-18 15:55 UTC (permalink / raw)
  To: Thomas Gleixner, LKML; +Cc: x86, Peter Zijlstra, Borislav Petkov

[-- Attachment #1: Type: text/plain, Size: 446 bytes --]

On Thu, 2018-01-18 at 16:28 +0100, Thomas Gleixner wrote:
> The machine check idtentry uses an indirect branch directly from the low
> level code. This evades the speculation protection.
> 
> Replace it by a direct call into C code and issue the indirect call there
> so the compiler can apply the proper speculation protection.
> 
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>

Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>

[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5213 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [PATCH] x86/mce: Make machine check speculation protected
  2018-01-18 15:28 [PATCH] x86/mce: Make machine check speculation protected Thomas Gleixner
                   ` (2 preceding siblings ...)
  2018-01-18 15:55 ` David Woodhouse
@ 2018-01-19  8:46 ` Woodhouse, David
  2018-01-19 15:46 ` [tip:x86/pti] " tip-bot for Thomas Gleixner
  4 siblings, 0 replies; 6+ messages in thread
From: Woodhouse, David @ 2018-01-19  8:46 UTC (permalink / raw)
  To: Thomas Gleixner, LKML
  Cc: x86, Peter Zijlstra, Borislav Petkov, stable, Ghitulete, Razvan-alin

[-- Attachment #1: Type: text/plain, Size: 1904 bytes --]

On Thu, 2018-01-18 at 16:28 +0100, Thomas Gleixner wrote:
> The machine check idtentry uses an indirect branch directly from the low
> level code. This evades the speculation protection.
> 
> Replace it by a direct call into C code and issue the indirect call there
> so the compiler can apply the proper speculation protection.
> 
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>

Cc: stable for at least 4.9.

> ---
>  arch/x86/entry/entry_64.S        |    2 +-
>  arch/x86/include/asm/traps.h     |    1 +
>  arch/x86/kernel/cpu/mcheck/mce.c |    5 +++++
>  3 files changed, 7 insertions(+), 1 deletion(-)
> 
> --- a/arch/x86/entry/entry_64.S
> +++ b/arch/x86/entry/entry_64.S
> @@ -1264,7 +1264,7 @@ idtentry async_page_fault	do_async_page_
>  #endif
>  
>  #ifdef CONFIG_X86_MCE
> -idtentry machine_check					has_error_code=0	paranoid=1 do_sym=*machine_check_vector(%rip)
> +idtentry machine_check		do_mce			has_error_code=0	paranoid=1
>  #endif
>  
>  /*
> --- a/arch/x86/include/asm/traps.h
> +++ b/arch/x86/include/asm/traps.h
> @@ -88,6 +88,7 @@ dotraplinkage void do_simd_coprocessor_e
>  #ifdef CONFIG_X86_32
>  dotraplinkage void do_iret_error(struct pt_regs *, long);
>  #endif
> +dotraplinkage void do_mce(struct pt_regs *, long);
>  
>  static inline int get_si_code(unsigned long condition)
>  {
> --- a/arch/x86/kernel/cpu/mcheck/mce.c
> +++ b/arch/x86/kernel/cpu/mcheck/mce.c
> @@ -1785,6 +1785,11 @@ static void unexpected_machine_check(str
>  void (*machine_check_vector)(struct pt_regs *, long error_code) =
>  						unexpected_machine_check;
>  
> +dotraplinkage void do_mce(struct pt_regs *regs, long error_code)
> +{
> +	machine_check_vector(regs, error_code);
> +}
> +
>  /*
>   * Called for each booted CPU to set up machine checks.
>   * Must be called with preempt off:
> 

[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5210 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread
* [tip:x86/pti] x86/mce: Make machine check speculation protected
  2018-01-18 15:28 [PATCH] x86/mce: Make machine check speculation protected Thomas Gleixner
                   ` (3 preceding siblings ...)
  2018-01-19  8:46 ` Woodhouse, David
@ 2018-01-19 15:46 ` tip-bot for Thomas Gleixner
  4 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Thomas Gleixner @ 2018-01-19 15:46 UTC (permalink / raw)
  To: linux-tip-commits; +Cc: mingo, dwmw, linux-kernel, tglx, peterz, hpa

Commit-ID:  6f41c34d69eb005e7848716bbcafc979b35037d5
Gitweb:     https://git.kernel.org/tip/6f41c34d69eb005e7848716bbcafc979b35037d5
Author:     Thomas Gleixner <tglx@linutronix.de>
AuthorDate: Thu, 18 Jan 2018 16:28:26 +0100
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Fri, 19 Jan 2018 16:31:28 +0100

x86/mce: Make machine check speculation protected

The machine check idtentry uses an indirect branch directly from the low
level code. This evades the speculation protection.

Replace it by a direct call into C code and issue the indirect call there
so the compiler can apply the proper speculation protection.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by:Borislav Petkov <bp@alien8.de>
Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
Niced-by: Peter Zijlstra <peterz@infradead.org>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/alpine.DEB.2.20.1801181626290.1847@nanos

---
 arch/x86/entry/entry_64.S        | 2 +-
 arch/x86/include/asm/traps.h     | 1 +
 arch/x86/kernel/cpu/mcheck/mce.c | 5 +++++
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index d54a0ed..63f4320 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -1258,7 +1258,7 @@ idtentry async_page_fault	do_async_page_fault	has_error_code=1
 #endif
 
 #ifdef CONFIG_X86_MCE
-idtentry machine_check					has_error_code=0	paranoid=1 do_sym=*machine_check_vector(%rip)
+idtentry machine_check		do_mce			has_error_code=0	paranoid=1
 #endif
 
 /*
diff --git a/arch/x86/include/asm/traps.h b/arch/x86/include/asm/traps.h
index 31051f3..3de6933 100644
--- a/arch/x86/include/asm/traps.h
+++ b/arch/x86/include/asm/traps.h
@@ -88,6 +88,7 @@ dotraplinkage void do_simd_coprocessor_error(struct pt_regs *, long);
 #ifdef CONFIG_X86_32
 dotraplinkage void do_iret_error(struct pt_regs *, long);
 #endif
+dotraplinkage void do_mce(struct pt_regs *, long);
 
 static inline int get_si_code(unsigned long condition)
 {
diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c
index 3b413065..a9e898b 100644
--- a/arch/x86/kernel/cpu/mcheck/mce.c
+++ b/arch/x86/kernel/cpu/mcheck/mce.c
@@ -1788,6 +1788,11 @@ static void unexpected_machine_check(struct pt_regs *regs, long error_code)
 void (*machine_check_vector)(struct pt_regs *, long error_code) =
 						unexpected_machine_check;
 
+dotraplinkage void do_mce(struct pt_regs *regs, long error_code)
+{
+	machine_check_vector(regs, error_code);
+}
+
 /*
  * Called for each booted CPU to set up machine checks.
  * Must be called with preempt off:

^ permalink raw reply related	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-01-19 15:50 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-18 15:28 [PATCH] x86/mce: Make machine check speculation protected Thomas Gleixner
2018-01-18 15:46 ` Peter Zijlstra
2018-01-18 15:53 ` Borislav Petkov
2018-01-18 15:55 ` David Woodhouse
2018-01-19  8:46 ` Woodhouse, David
2018-01-19 15:46 ` [tip:x86/pti] " tip-bot for Thomas Gleixner

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.