Re: [PATCH v4 3/5] x86/mm: Optionally flush L1D on context switch

[kernel test robot <lkp@intel.com>]

[-- Attachment #1: Type: text/plain, Size: 5551 bytes --]

Hi Balbir,

I love your patch! Perhaps something to improve:

[auto build test WARNING on next-20210108]
[also build test WARNING on v5.11-rc2]
[cannot apply to tip/x86/mm tip/master linus/master tip/x86/core v5.11-rc2 v5.11-rc1 v5.10]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/0day-ci/linux/commits/Balbir-Singh/Next-revision-of-the-L1D-flush-patches/20210108-201551
base:    1c925d2030afd354a02c23500386e620e662622b
config: x86_64-randconfig-s022-20210108 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
reproduce:
        # apt-get install sparse
        # sparse version: v0.6.3-208-g46a52ca4-dirty
        # https://github.com/0day-ci/linux/commit/9dcce59b808dbd79d6535898f9262c0e4073aff0
        git remote add linux-review https://github.com/0day-ci/linux
        git fetch --no-tags linux-review Balbir-Singh/Next-revision-of-the-L1D-flush-patches/20210108-201551
        git checkout 9dcce59b808dbd79d6535898f9262c0e4073aff0
        # save the attached .config to linux build tree
        make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=x86_64 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>


"sparse warnings: (new ones prefixed by >>)"
>> arch/x86/mm/tlb.c:413:14: sparse: sparse: incorrect type in initializer (different address spaces) @@     expected void const [noderef] __percpu *__vpp_verify @@     got bool * @@
   arch/x86/mm/tlb.c:413:14: sparse:     expected void const [noderef] __percpu *__vpp_verify
   arch/x86/mm/tlb.c:413:14: sparse:     got bool *

vim +413 arch/x86/mm/tlb.c

   334	
   335	static void cond_mitigation(struct task_struct *next)
   336	{
   337		unsigned long prev_mm, next_mm;
   338	
   339		if (!next || !next->mm)
   340			return;
   341	
   342		next_mm = mm_mangle_tif_spec_bits(next);
   343		prev_mm = this_cpu_read(cpu_tlbstate.last_user_mm_spec);
   344	
   345		/*
   346		 * Avoid user/user BTB poisoning by flushing the branch predictor
   347		 * when switching between processes. This stops one process from
   348		 * doing Spectre-v2 attacks on another.
   349		 *
   350		 * Both, the conditional and the always IBPB mode use the mm
   351		 * pointer to avoid the IBPB when switching between tasks of the
   352		 * same process. Using the mm pointer instead of mm->context.ctx_id
   353		 * opens a hypothetical hole vs. mm_struct reuse, which is more or
   354		 * less impossible to control by an attacker. Aside of that it
   355		 * would only affect the first schedule so the theoretically
   356		 * exposed data is not really interesting.
   357		 */
   358		if (static_branch_likely(&switch_mm_cond_ibpb)) {
   359			/*
   360			 * This is a bit more complex than the always mode because
   361			 * it has to handle two cases:
   362			 *
   363			 * 1) Switch from a user space task (potential attacker)
   364			 *    which has TIF_SPEC_IB set to a user space task
   365			 *    (potential victim) which has TIF_SPEC_IB not set.
   366			 *
   367			 * 2) Switch from a user space task (potential attacker)
   368			 *    which has TIF_SPEC_IB not set to a user space task
   369			 *    (potential victim) which has TIF_SPEC_IB set.
   370			 *
   371			 * This could be done by unconditionally issuing IBPB when
   372			 * a task which has TIF_SPEC_IB set is either scheduled in
   373			 * or out. Though that results in two flushes when:
   374			 *
   375			 * - the same user space task is scheduled out and later
   376			 *   scheduled in again and only a kernel thread ran in
   377			 *   between.
   378			 *
   379			 * - a user space task belonging to the same process is
   380			 *   scheduled in after a kernel thread ran in between
   381			 *
   382			 * - a user space task belonging to the same process is
   383			 *   scheduled in immediately.
   384			 *
   385			 * Optimize this with reasonably small overhead for the
   386			 * above cases. Mangle the TIF_SPEC_IB bit into the mm
   387			 * pointer of the incoming task which is stored in
   388			 * cpu_tlbstate.last_user_mm_spec for comparison.
   389			 *
   390			 * Issue IBPB only if the mm's are different and one or
   391			 * both have the IBPB bit set.
   392			 */
   393			if (next_mm != prev_mm &&
   394			    (next_mm | prev_mm) & LAST_USER_MM_IBPB)
   395				indirect_branch_prediction_barrier();
   396		}
   397	
   398		if (static_branch_unlikely(&switch_mm_always_ibpb)) {
   399			/*
   400			 * Only flush when switching to a user space task with a
   401			 * different context than the user space task which ran
   402			 * last on this CPU.
   403			 */
   404			if ((prev_mm & ~LAST_USER_MM_SPEC_MASK) !=
   405						(unsigned long)next->mm)
   406				indirect_branch_prediction_barrier();
   407		}
   408	
   409		/*
   410		 * Flush only if SMT is disabled as per the contract, which is checked
   411		 * when the feature is enabled.
   412		 */
 > 413		if (!this_cpu_read(cpu_info.smt_active) &&
   414			(prev_mm & LAST_USER_MM_L1D_FLUSH))
   415			l1d_flush_hw();
   416	
   417		this_cpu_write(cpu_tlbstate.last_user_mm_spec, next_mm);
   418	}
   419	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org

[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 31750 bytes --]