From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E4D1EC433EF for ; Tue, 15 Feb 2022 10:54:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236770AbiBOKyr (ORCPT ); Tue, 15 Feb 2022 05:54:47 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:46472 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236716AbiBOKyj (ORCPT ); Tue, 15 Feb 2022 05:54:39 -0500 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BFB00D76D4; Tue, 15 Feb 2022 02:54:29 -0800 (PST) Date: Tue, 15 Feb 2022 10:54:27 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1644922468; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5nGjshnScl7Lj2Qz1FaibC7hv81sSJLMLQxmOC35010=; b=0KCQl6U0/qTlBTfklXe5zc/mtnFlnEVF56bfympDOHQGpABd3mdKw2JNo2hLHE8d4X2vYk wVrT/ccnySiPP58iuH3sMCqz3a+xyE5OJc+N87ydefQXXSebhDoAUT7Mm3FWKXabcuhjgY I7jmBBEwqGQiKIMmeicPi1DfwgtWQ+oBY4dNtJP/oGZttSeK4Chg5gUOPFCgxlSg6ENBVa aDRQo+38ZhJPy4Dh7brjhLY20Bjo66P9X9aCDhc2H0fU6bQlQZ+RC/QAhycsEur2Tjt5OE hmRGHVNc7gQIc+8rShnSFEqV26wrqkpIqwCepjp58SCwpDJMCHF6yIWOiJO2EA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1644922468; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5nGjshnScl7Lj2Qz1FaibC7hv81sSJLMLQxmOC35010=; b=pSkaGmyJ3ABRgnX+bJJmTA2m7XI6KeSP5KutFOQUExrRPfAhfFKXHoWBxjld3L5vrgIU7T iiNiG03gYAcELVAQ== From: "tip-bot2 for Fenghua Yu" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/pasid] x86/traps: Demand-populate PASID MSR via #GP Cc: Fenghua Yu , Borislav Petkov , Tony Luck , Thomas Gleixner , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20220207230254.3342514-9-fenghua.yu@intel.com> References: <20220207230254.3342514-9-fenghua.yu@intel.com> MIME-Version: 1.0 Message-ID: <164492246742.16921.8526058476593067462.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The following commit has been merged into the x86/pasid branch of tip: Commit-ID: fa6af69f38d3f409bedc55d0112eec36ed526d4b Gitweb: https://git.kernel.org/tip/fa6af69f38d3f409bedc55d0112eec36ed526d4b Author: Fenghua Yu AuthorDate: Mon, 07 Feb 2022 15:02:51 -08:00 Committer: Borislav Petkov CommitterDate: Tue, 15 Feb 2022 11:31:43 +01:00 x86/traps: Demand-populate PASID MSR via #GP All tasks start with PASID state disabled. This means that the first time they execute an ENQCMD instruction they will take a #GP fault. Modify the #GP fault handler to check if the "mm" for the task has already been allocated a PASID. If so, try to fix the #GP fault by loading the IA32_PASID MSR. Signed-off-by: Fenghua Yu Signed-off-by: Borislav Petkov Reviewed-by: Tony Luck Reviewed-by: Thomas Gleixner Link: https://lore.kernel.org/r/20220207230254.3342514-9-fenghua.yu@intel.com --- arch/x86/kernel/traps.c | 55 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 55 insertions(+) diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c index c9d566d..7ef00de 100644 --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kernel/traps.c @@ -39,6 +39,7 @@ #include #include #include +#include #include #include @@ -559,6 +560,57 @@ static bool fixup_iopl_exception(struct pt_regs *regs) return true; } +/* + * The unprivileged ENQCMD instruction generates #GPs if the + * IA32_PASID MSR has not been populated. If possible, populate + * the MSR from a PASID previously allocated to the mm. + */ +static bool try_fixup_enqcmd_gp(void) +{ +#ifdef CONFIG_IOMMU_SVA + u32 pasid; + + /* + * MSR_IA32_PASID is managed using XSAVE. Directly + * writing to the MSR is only possible when fpregs + * are valid and the fpstate is not. This is + * guaranteed when handling a userspace exception + * in *before* interrupts are re-enabled. + */ + lockdep_assert_irqs_disabled(); + + /* + * Hardware without ENQCMD will not generate + * #GPs that can be fixed up here. + */ + if (!cpu_feature_enabled(X86_FEATURE_ENQCMD)) + return false; + + pasid = current->mm->pasid; + + /* + * If the mm has not been allocated a + * PASID, the #GP can not be fixed up. + */ + if (!pasid_valid(pasid)) + return false; + + /* + * Did this thread already have its PASID activated? + * If so, the #GP must be from something else. + */ + if (current->pasid_activated) + return false; + + wrmsrl(MSR_IA32_PASID, pasid | MSR_IA32_PASID_VALID); + current->pasid_activated = 1; + + return true; +#else + return false; +#endif +} + DEFINE_IDTENTRY_ERRORCODE(exc_general_protection) { char desc[sizeof(GPFSTR) + 50 + 2*sizeof(unsigned long) + 1] = GPFSTR; @@ -567,6 +619,9 @@ DEFINE_IDTENTRY_ERRORCODE(exc_general_protection) unsigned long gp_addr; int ret; + if (user_mode(regs) && try_fixup_enqcmd_gp()) + return; + cond_local_irq_enable(regs); if (static_cpu_has(X86_FEATURE_UMIP)) {