From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S964853AbbGYR4D (ORCPT <rfc822;w@1wt.eu>);
	Sat, 25 Jul 2015 13:56:03 -0400
Received: from mail-ie0-f179.google.com ([209.85.223.179]:35987 "EHLO
	mail-ie0-f179.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S964785AbbGYR4B (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Sat, 25 Jul 2015 13:56:01 -0400
MIME-Version: 1.0
In-Reply-To: <CALCETrW8D2-iPga4yveHEM+XgUwJocbBkpKyM5sWqKrRq2-BrQ@mail.gmail.com>
References: <cover.1437690860.git.luto@kernel.org>
	<040374ca9800988a0ed35ea9ddeb4a762c1371fa.1437690860.git.luto@kernel.org>
	<CALCETrUtaTGA0uq5t_VbbPB-VwOp_vswdUjenZZOS0JNdKMqCA@mail.gmail.com>
	<20150724102503.GA19090@nazgul.tnic>
	<CALCETrU61fm7sRNdgJ=Hq14qcHD4hZYNaBXceYnOM5ASoVMo8A@mail.gmail.com>
	<20150725041656.GB32606@nazgul.tnic>
	<CALCETrWS8+W3Wno=-QonePLkzeXLJ+sLt2ocxXF7QJmE_t9fWQ@mail.gmail.com>
	<20150725043218.GD32606@nazgul.tnic>
	<CALCETrW8D2-iPga4yveHEM+XgUwJocbBkpKyM5sWqKrRq2-BrQ@mail.gmail.com>
Date: Sat, 25 Jul 2015 10:56:00 -0700
X-Google-Sender-Auth: PjiV6yVAwK0Vg_gOtRD9DBKtUzg
Message-ID: <CA+55aFyXn0zuM4yCD7MQk1Qvxu0MVB1WKgFrrtcKhzhJPSWtQQ@mail.gmail.com>
Subject: Re: [PATCH 1/3] x86/entry/64: Refactor IRQ stacks and make then NMI-safe
From: Linus Torvalds <torvalds@linux-foundation.org>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>, Andy Lutomirski <luto@kernel.org>,
        X86 ML <x86@kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Brian Gerst <brgerst@gmail.com>, Steven Rostedt <rostedt@goodmis.org>,
        Willy Tarreau <w@1wt.eu>, Thomas Gleixner <tglx@linutronix.de>,
        Peter Zijlstra <peterz@infradead.org>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Jul 24, 2015 at 9:59 PM, Andy Lutomirski <luto@amacapital.net> wrote:
>
> And people will give me five new heads if I ignore Linus and do RET
> even with IF=1, saving 300 cycles?

So I'm still nervous about that "sti; ret" when we're back on the
original kernel stack that took the original fault or interrupt.  But
it's probably ok.

Yes, it's irq-safe. But it's not NMI-safe, so if an NMI happens there,
when the NMI returns, an interrupt might occur there too. But since
we're back on the original stack where the original fault happened,
and since interrupts were enabled, I don't see why that would be
horrible. In theory, we might have a growing stack if this keeps
happening, but since the only way to get that is to get the NMI in
that one-instruction window (and apparently on at least _some_
microarchitectures the sti shadow stops even NMI's), I don't see how
any kind of unbounded growth would happen.

So.

I think it would work, and it might even be good for "coverage" (ie
the whole "iret-to-ret-conversion" will not have a lot of testing if
it only happens for faults with interrupts disabled).

But it still worries me a bit.

                  Linus