From: Kees Cook <keescook@chromium.org>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: LKML <linux-kernel@vger.kernel.org>,
x86@kernel.org, linux-arch@vger.kernel.org,
Will Deacon <will@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
Mark Rutland <mark.rutland@arm.com>,
Keno Fischer <keno@juliacomputing.com>,
Paolo Bonzini <pbonzini@redhat.com>,
kvm@vger.kernel.org
Subject: Re: [patch V3 02/13] entry: Provide generic syscall exit function
Date: Thu, 16 Jul 2020 13:55:11 -0700 [thread overview]
Message-ID: <202007161354.62030182F@keescook> (raw)
In-Reply-To: <20200716185424.116500611@linutronix.de>
On Thu, Jul 16, 2020 at 08:22:10PM +0200, Thomas Gleixner wrote:
> From: Thomas Gleixner <tglx@linutronix.de>
>
> Like syscall entry all architectures have similar and pointlessly different
> code to handle pending work before returning from a syscall to user space.
>
> 1) One-time syscall exit work:
> - rseq syscall exit
> - audit
> - syscall tracing
> - tracehook (single stepping)
>
> 2) Preparatory work
> - Exit to user mode loop (common TIF handling).
> - Architecture specific one time work arch_exit_to_user_mode_prepare()
> - Address limit and lockdep checks
>
> 3) Final transition (lockdep, tracing, context tracking, RCU). Invokes
> arch_exit_to_user_mode() to handle e.g. speculation mitigations
>
> Provide a generic version based on the x86 code which has all the RCU and
> instrumentation protections right.
>
> Provide a variant for interrupt return to user mode as well which shares
> the above #2 and #3 work items.
>
> After syscall_exit_to_user_mode() and irqentry_exit_to_user_mode() the
> architecture code just has to return to user space. The code after
> returning from these functions must not be instrumented.
>
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
This looks correct to me. Did you happen to run the seccomp selftests
under this series?
Reviewed-by: Kees Cook <keescook@chromium.org>
--
Kees Cook
next prev parent reply other threads:[~2020-07-16 20:55 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-16 18:22 [patch V3 00/13] entry, x86, kvm: Generic entry/exit functionality for host and guest Thomas Gleixner
2020-07-16 18:22 ` [patch V3 01/13] entry: Provide generic syscall entry functionality Thomas Gleixner
2020-07-16 20:52 ` Kees Cook
2020-07-16 21:55 ` Thomas Gleixner
2020-07-17 17:49 ` Kees Cook
2020-07-17 19:29 ` Thomas Gleixner
2020-07-17 21:56 ` Andy Lutomirski
2020-07-18 14:16 ` Thomas Gleixner
2020-07-18 14:41 ` Andy Lutomirski
2020-07-19 10:17 ` Thomas Gleixner
2020-07-19 10:17 ` Thomas Gleixner
2020-07-19 10:17 ` Thomas Gleixner
2020-07-19 15:25 ` Andy Lutomirski
2020-07-20 6:50 ` Thomas Gleixner
2020-07-27 22:28 ` Andy Lutomirski
2020-07-16 18:22 ` [patch V3 02/13] entry: Provide generic syscall exit function Thomas Gleixner
2020-07-16 20:55 ` Kees Cook [this message]
2020-07-16 21:28 ` Thomas Gleixner
2020-07-16 18:22 ` [patch V3 03/13] entry: Provide generic interrupt entry/exit code Thomas Gleixner
2020-07-16 18:22 ` [patch V3 04/13] entry: Provide infrastructure for work before exiting to guest mode Thomas Gleixner
2020-07-16 18:22 ` [patch V3 05/13] x86/entry: Consolidate check_user_regs() Thomas Gleixner
2020-07-16 20:56 ` Kees Cook
2020-07-16 18:22 ` [patch V3 06/13] x86/entry: Consolidate 32/64 bit syscall entry Thomas Gleixner
2020-07-16 18:22 ` [patch V3 07/13] x86/ptrace: Provide pt_regs helpers for entry/exit Thomas Gleixner
2020-07-16 20:57 ` Kees Cook
2020-07-16 18:22 ` [patch V3 08/13] x86/entry: Use generic syscall entry function Thomas Gleixner
2020-07-16 21:13 ` Kees Cook
2020-07-16 21:33 ` Thomas Gleixner
2020-07-16 18:22 ` [patch V3 09/13] x86/entry: Use generic syscall exit functionality Thomas Gleixner
2020-07-16 18:22 ` [patch V3 10/13] x86/entry: Cleanup idtentry_entry/exit_user Thomas Gleixner
2020-07-16 18:22 ` [patch V3 11/13] x86/entry: Use generic interrupt entry/exit code Thomas Gleixner
2020-07-16 18:22 ` [patch V3 12/13] x86/entry: Cleanup idtentry_enter/exit Thomas Gleixner
2020-07-16 18:22 ` [patch V3 13/13] x86/kvm: Use generic exit to guest work function Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202007161354.62030182F@keescook \
--to=keescook@chromium.org \
--cc=arnd@arndb.de \
--cc=keno@juliacomputing.com \
--cc=kvm@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=pbonzini@redhat.com \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.