From: kernel test robot <lkp@intel.com>
To: kbuild-all@lists.01.org
Subject: Re: [PATCH v4 3/5] x86/mm: Optionally flush L1D on context switch
Date: Sat, 09 Jan 2021 01:31:00 +0800 [thread overview]
Message-ID: <202101090141.63dVYp0V-lkp@intel.com> (raw)
In-Reply-To: <20210108121056.21940-4-sblbir@amazon.com>
[-- Attachment #1: Type: text/plain, Size: 5551 bytes --]
Hi Balbir,
I love your patch! Perhaps something to improve:
[auto build test WARNING on next-20210108]
[also build test WARNING on v5.11-rc2]
[cannot apply to tip/x86/mm tip/master linus/master tip/x86/core v5.11-rc2 v5.11-rc1 v5.10]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Balbir-Singh/Next-revision-of-the-L1D-flush-patches/20210108-201551
base: 1c925d2030afd354a02c23500386e620e662622b
config: x86_64-randconfig-s022-20210108 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
reproduce:
# apt-get install sparse
# sparse version: v0.6.3-208-g46a52ca4-dirty
# https://github.com/0day-ci/linux/commit/9dcce59b808dbd79d6535898f9262c0e4073aff0
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Balbir-Singh/Next-revision-of-the-L1D-flush-patches/20210108-201551
git checkout 9dcce59b808dbd79d6535898f9262c0e4073aff0
# save the attached .config to linux build tree
make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=x86_64
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
"sparse warnings: (new ones prefixed by >>)"
>> arch/x86/mm/tlb.c:413:14: sparse: sparse: incorrect type in initializer (different address spaces) @@ expected void const [noderef] __percpu *__vpp_verify @@ got bool * @@
arch/x86/mm/tlb.c:413:14: sparse: expected void const [noderef] __percpu *__vpp_verify
arch/x86/mm/tlb.c:413:14: sparse: got bool *
vim +413 arch/x86/mm/tlb.c
334
335 static void cond_mitigation(struct task_struct *next)
336 {
337 unsigned long prev_mm, next_mm;
338
339 if (!next || !next->mm)
340 return;
341
342 next_mm = mm_mangle_tif_spec_bits(next);
343 prev_mm = this_cpu_read(cpu_tlbstate.last_user_mm_spec);
344
345 /*
346 * Avoid user/user BTB poisoning by flushing the branch predictor
347 * when switching between processes. This stops one process from
348 * doing Spectre-v2 attacks on another.
349 *
350 * Both, the conditional and the always IBPB mode use the mm
351 * pointer to avoid the IBPB when switching between tasks of the
352 * same process. Using the mm pointer instead of mm->context.ctx_id
353 * opens a hypothetical hole vs. mm_struct reuse, which is more or
354 * less impossible to control by an attacker. Aside of that it
355 * would only affect the first schedule so the theoretically
356 * exposed data is not really interesting.
357 */
358 if (static_branch_likely(&switch_mm_cond_ibpb)) {
359 /*
360 * This is a bit more complex than the always mode because
361 * it has to handle two cases:
362 *
363 * 1) Switch from a user space task (potential attacker)
364 * which has TIF_SPEC_IB set to a user space task
365 * (potential victim) which has TIF_SPEC_IB not set.
366 *
367 * 2) Switch from a user space task (potential attacker)
368 * which has TIF_SPEC_IB not set to a user space task
369 * (potential victim) which has TIF_SPEC_IB set.
370 *
371 * This could be done by unconditionally issuing IBPB when
372 * a task which has TIF_SPEC_IB set is either scheduled in
373 * or out. Though that results in two flushes when:
374 *
375 * - the same user space task is scheduled out and later
376 * scheduled in again and only a kernel thread ran in
377 * between.
378 *
379 * - a user space task belonging to the same process is
380 * scheduled in after a kernel thread ran in between
381 *
382 * - a user space task belonging to the same process is
383 * scheduled in immediately.
384 *
385 * Optimize this with reasonably small overhead for the
386 * above cases. Mangle the TIF_SPEC_IB bit into the mm
387 * pointer of the incoming task which is stored in
388 * cpu_tlbstate.last_user_mm_spec for comparison.
389 *
390 * Issue IBPB only if the mm's are different and one or
391 * both have the IBPB bit set.
392 */
393 if (next_mm != prev_mm &&
394 (next_mm | prev_mm) & LAST_USER_MM_IBPB)
395 indirect_branch_prediction_barrier();
396 }
397
398 if (static_branch_unlikely(&switch_mm_always_ibpb)) {
399 /*
400 * Only flush when switching to a user space task with a
401 * different context than the user space task which ran
402 * last on this CPU.
403 */
404 if ((prev_mm & ~LAST_USER_MM_SPEC_MASK) !=
405 (unsigned long)next->mm)
406 indirect_branch_prediction_barrier();
407 }
408
409 /*
410 * Flush only if SMT is disabled as per the contract, which is checked
411 * when the feature is enabled.
412 */
> 413 if (!this_cpu_read(cpu_info.smt_active) &&
414 (prev_mm & LAST_USER_MM_L1D_FLUSH))
415 l1d_flush_hw();
416
417 this_cpu_write(cpu_tlbstate.last_user_mm_spec, next_mm);
418 }
419
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 31750 bytes --]
next prev parent reply other threads:[~2021-01-08 17:31 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-08 12:10 [PATCH v4 0/5] Next revision of the L1D flush patches Balbir Singh
2021-01-08 12:10 ` [PATCH v4 1/5] x86/smp: Add a per-cpu view of SMT state Balbir Singh
2021-07-28 9:58 ` [tip: x86/cpu] " tip-bot2 for Balbir Singh
2021-01-08 12:10 ` [PATCH v4 2/5] x86/mm: Refactor cond_ibpb() to support other use cases Balbir Singh
2021-07-28 9:58 ` [tip: x86/cpu] " tip-bot2 for Balbir Singh
2021-01-08 12:10 ` [PATCH v4 3/5] x86/mm: Optionally flush L1D on context switch Balbir Singh
2021-01-08 17:31 ` kernel test robot [this message]
2021-01-08 12:10 ` [PATCH v4 4/5] prctl: Hook L1D flushing in via prctl Balbir Singh
2021-07-28 9:58 ` [tip: x86/cpu] x86, " tip-bot2 for Balbir Singh
2021-01-08 12:10 ` [PATCH v4 5/5] Documentation: Add L1D flushing Documentation Balbir Singh
2021-07-28 9:58 ` [tip: x86/cpu] " tip-bot2 for Balbir Singh
2021-01-25 9:27 ` [PATCH v4 0/5] Next revision of the L1D flush patches Singh, Balbir
2021-04-08 20:23 ` Kees Cook
[not found] ` <87y2d5tpjh.ffs@nanos.tec.linutronix.de>
2021-04-26 22:24 ` Thomas Gleixner
2021-04-28 20:08 ` Kees Cook
2021-06-04 10:06 ` Balbir Singh
2021-06-04 19:09 ` Kees Cook
2021-05-13 1:06 ` Balbir Singh
2021-07-28 9:58 ` [tip: x86/cpu] x86/mm: Prepare for opt-in based L1D flush in switch_mm() tip-bot2 for Balbir Singh
2021-07-28 9:58 ` [tip: x86/cpu] x86/process: Make room for TIF_SPEC_L1D_FLUSH tip-bot2 for Balbir Singh
2021-07-28 9:58 ` [tip: x86/cpu] sched: Add task_work callback for paranoid L1D flush tip-bot2 for Balbir Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202101090141.63dVYp0V-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild-all@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.