* [PATCH v3 0/2] Update UMIP config parameter and docs
@ 2019-11-05 21:25 Moger, Babu
2019-11-05 21:25 ` [PATCH v3 1/2] x86/Kconfig: Rename UMIP config parameter Moger, Babu
2019-11-05 21:25 ` [PATCH v3 2/2] x86/umip: Update the comments to cover generic x86 processors Moger, Babu
0 siblings, 2 replies; 7+ messages in thread
From: Moger, Babu @ 2019-11-05 21:25 UTC (permalink / raw)
To: tglx, mingo, bp, hpa, pbonzini, rkrcmar, sean.j.christopherson,
vkuznets, wanpengli, jmattson
Cc: x86, joro, Moger, Babu, luto, zohar, yamada.masahiro, nayna,
linux-kernel, kvm, zohar, yamada.masahiro, ebiederm,
ricardo.neri-calderon, bshanks
AMD 2nd generation EPYC processors support the UMIP feature.
So, update the Kconfig and umip related documentation.
---
v3:
Removed X86 depend check. Just kept CPU_SUP_* check.
Updated the comments in umip.c to make it bit generic.
v2:
Learned that for the hardware that support UMIP, we dont need to
emulate. Removed the emulation related code and just submitting
the config changes.
Babu Moger (2):
x86/Kconfig: Rename UMIP config parameter
x86/umip: Update the comments to cover generic x86 processors
arch/x86/Kconfig | 10 +++++-----
arch/x86/include/asm/disabled-features.h | 2 +-
arch/x86/include/asm/umip.h | 4 ++--
arch/x86/kernel/Makefile | 2 +-
arch/x86/kernel/umip.c | 12 ++++++------
5 files changed, 15 insertions(+), 15 deletions(-)
--
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v3 1/2] x86/Kconfig: Rename UMIP config parameter
2019-11-05 21:25 [PATCH v3 0/2] Update UMIP config parameter and docs Moger, Babu
@ 2019-11-05 21:25 ` Moger, Babu
2019-11-07 1:31 ` Ricardo Neri
2019-11-07 10:20 ` [tip: x86/cpu] " tip-bot2 for Babu Moger
2019-11-05 21:25 ` [PATCH v3 2/2] x86/umip: Update the comments to cover generic x86 processors Moger, Babu
1 sibling, 2 replies; 7+ messages in thread
From: Moger, Babu @ 2019-11-05 21:25 UTC (permalink / raw)
To: tglx, mingo, bp, hpa, pbonzini, rkrcmar, sean.j.christopherson,
vkuznets, wanpengli, jmattson
Cc: x86, joro, Moger, Babu, luto, zohar, yamada.masahiro, nayna,
linux-kernel, kvm, zohar, yamada.masahiro, ebiederm,
ricardo.neri-calderon, bshanks
AMD 2nd generation EPYC processors support the UMIP (User-Mode
Instruction Prevention) feature. So, rename X86_INTEL_UMIP to
generic X86_UMIP and modify the text to cover both Intel and AMD.
Signed-off-by: Babu Moger <babu.moger@amd.com>
---
arch/x86/Kconfig | 10 +++++-----
arch/x86/include/asm/disabled-features.h | 2 +-
arch/x86/include/asm/umip.h | 4 ++--
arch/x86/kernel/Makefile | 2 +-
4 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index d6e1faa28c58..b7fb285d7c0f 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1880,13 +1880,13 @@ config X86_SMAP
If unsure, say Y.
-config X86_INTEL_UMIP
+config X86_UMIP
def_bool y
- depends on CPU_SUP_INTEL
- prompt "Intel User Mode Instruction Prevention" if EXPERT
+ depends on CPU_SUP_INTEL || CPU_SUP_AMD
+ prompt "User Mode Instruction Prevention" if EXPERT
---help---
- The User Mode Instruction Prevention (UMIP) is a security
- feature in newer Intel processors. If enabled, a general
+ User Mode Instruction Prevention (UMIP) is a security
+ feature in newer x86 processors. If enabled, a general
protection fault is issued if the SGDT, SLDT, SIDT, SMSW
or STR instructions are executed in user mode. These instructions
unnecessarily expose information about the hardware state.
diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h
index a5ea841cc6d2..8e1d0bb46361 100644
--- a/arch/x86/include/asm/disabled-features.h
+++ b/arch/x86/include/asm/disabled-features.h
@@ -22,7 +22,7 @@
# define DISABLE_SMAP (1<<(X86_FEATURE_SMAP & 31))
#endif
-#ifdef CONFIG_X86_INTEL_UMIP
+#ifdef CONFIG_X86_UMIP
# define DISABLE_UMIP 0
#else
# define DISABLE_UMIP (1<<(X86_FEATURE_UMIP & 31))
diff --git a/arch/x86/include/asm/umip.h b/arch/x86/include/asm/umip.h
index db43f2a0d92c..aeed98c3c9e1 100644
--- a/arch/x86/include/asm/umip.h
+++ b/arch/x86/include/asm/umip.h
@@ -4,9 +4,9 @@
#include <linux/types.h>
#include <asm/ptrace.h>
-#ifdef CONFIG_X86_INTEL_UMIP
+#ifdef CONFIG_X86_UMIP
bool fixup_umip_exception(struct pt_regs *regs);
#else
static inline bool fixup_umip_exception(struct pt_regs *regs) { return false; }
-#endif /* CONFIG_X86_INTEL_UMIP */
+#endif /* CONFIG_X86_UMIP */
#endif /* _ASM_X86_UMIP_H */
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
index 3578ad248bc9..52ce1e239525 100644
--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -134,7 +134,7 @@ obj-$(CONFIG_EFI) += sysfb_efi.o
obj-$(CONFIG_PERF_EVENTS) += perf_regs.o
obj-$(CONFIG_TRACING) += tracepoint.o
obj-$(CONFIG_SCHED_MC_PRIO) += itmt.o
-obj-$(CONFIG_X86_INTEL_UMIP) += umip.o
+obj-$(CONFIG_X86_UMIP) += umip.o
obj-$(CONFIG_UNWINDER_ORC) += unwind_orc.o
obj-$(CONFIG_UNWINDER_FRAME_POINTER) += unwind_frame.o
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v3 2/2] x86/umip: Update the comments to cover generic x86 processors
2019-11-05 21:25 [PATCH v3 0/2] Update UMIP config parameter and docs Moger, Babu
2019-11-05 21:25 ` [PATCH v3 1/2] x86/Kconfig: Rename UMIP config parameter Moger, Babu
@ 2019-11-05 21:25 ` Moger, Babu
2019-11-07 10:20 ` [tip: x86/cpu] x86/umip: Make the comments vendor-agnostic tip-bot2 for Babu Moger
1 sibling, 1 reply; 7+ messages in thread
From: Moger, Babu @ 2019-11-05 21:25 UTC (permalink / raw)
To: tglx, mingo, bp, hpa, pbonzini, rkrcmar, sean.j.christopherson,
vkuznets, wanpengli, jmattson
Cc: x86, joro, Moger, Babu, luto, zohar, yamada.masahiro, nayna,
linux-kernel, kvm, zohar, yamada.masahiro, ebiederm,
ricardo.neri-calderon, bshanks
AMD 2nd generation EPYC processors also support UMIP feature.
Update the comments to cover generic x86 processors.
Signed-off-by: Babu Moger <babu.moger@amd.com>
---
arch/x86/kernel/umip.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/umip.c b/arch/x86/kernel/umip.c
index 548fefed71ee..8ccef6c495dc 100644
--- a/arch/x86/kernel/umip.c
+++ b/arch/x86/kernel/umip.c
@@ -1,6 +1,6 @@
/*
- * umip.c Emulation for instruction protected by the Intel User-Mode
- * Instruction Prevention feature
+ * umip.c Emulation for instruction protected by the User-Mode Instruction
+ * Prevention feature
*
* Copyright (c) 2017, Intel Corporation.
* Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
@@ -18,10 +18,10 @@
/** DOC: Emulation for User-Mode Instruction Prevention (UMIP)
*
- * The feature User-Mode Instruction Prevention present in recent Intel
- * processor prevents a group of instructions (SGDT, SIDT, SLDT, SMSW and STR)
- * from being executed with CPL > 0. Otherwise, a general protection fault is
- * issued.
+ * User-Mode Instruction Prevention is a security feature present in recent
+ * x86 processors that, when enabled, prevents a group of instructions (SGDT,
+ * SIDT, SLDT, SMSW and STR) from being run in user mode by issuing a general
+ * protection fault if the instruction is executed with CPL > 0.
*
* Rather than relaying to the user space the general protection fault caused by
* the UMIP-protected instructions (in the form of a SIGSEGV signal), it can be
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH v3 1/2] x86/Kconfig: Rename UMIP config parameter
2019-11-05 21:25 ` [PATCH v3 1/2] x86/Kconfig: Rename UMIP config parameter Moger, Babu
@ 2019-11-07 1:31 ` Ricardo Neri
2019-11-07 10:07 ` Borislav Petkov
2019-11-07 10:20 ` [tip: x86/cpu] " tip-bot2 for Babu Moger
1 sibling, 1 reply; 7+ messages in thread
From: Ricardo Neri @ 2019-11-07 1:31 UTC (permalink / raw)
To: Moger, Babu
Cc: tglx, mingo, bp, hpa, pbonzini, rkrcmar, sean.j.christopherson,
vkuznets, wanpengli, jmattson, x86, joro, luto, zohar,
yamada.masahiro, nayna, linux-kernel, kvm, ebiederm, bshanks
On Tue, Nov 05, 2019 at 09:25:32PM +0000, Moger, Babu wrote:
> AMD 2nd generation EPYC processors support the UMIP (User-Mode
> Instruction Prevention) feature. So, rename X86_INTEL_UMIP to
> generic X86_UMIP and modify the text to cover both Intel and AMD.
>
> Signed-off-by: Babu Moger <babu.moger@amd.com>
> ---
> arch/x86/Kconfig | 10 +++++-----
> arch/x86/include/asm/disabled-features.h | 2 +-
> arch/x86/include/asm/umip.h | 4 ++--
> arch/x86/kernel/Makefile | 2 +-
> 4 files changed, 9 insertions(+), 9 deletions(-)
>
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index d6e1faa28c58..b7fb285d7c0f 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -1880,13 +1880,13 @@ config X86_SMAP
>
> If unsure, say Y.
>
> -config X86_INTEL_UMIP
> +config X86_UMIP
> def_bool y
> - depends on CPU_SUP_INTEL
> - prompt "Intel User Mode Instruction Prevention" if EXPERT
> + depends on CPU_SUP_INTEL || CPU_SUP_AMD
> + prompt "User Mode Instruction Prevention" if EXPERT
> ---help---
> - The User Mode Instruction Prevention (UMIP) is a security
> - feature in newer Intel processors. If enabled, a general
> + User Mode Instruction Prevention (UMIP) is a security
> + feature in newer x86 processors. If enabled, a general
Better to say certain x86 processors? Intel and AMD have it but what
about others?
Thanks and BR,
Ricardo
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v3 1/2] x86/Kconfig: Rename UMIP config parameter
2019-11-07 1:31 ` Ricardo Neri
@ 2019-11-07 10:07 ` Borislav Petkov
0 siblings, 0 replies; 7+ messages in thread
From: Borislav Petkov @ 2019-11-07 10:07 UTC (permalink / raw)
To: Ricardo Neri
Cc: Moger, Babu, tglx, mingo, hpa, pbonzini, rkrcmar,
sean.j.christopherson, vkuznets, wanpengli, jmattson, x86, joro,
luto, zohar, yamada.masahiro, nayna, linux-kernel, kvm, ebiederm,
bshanks
On Wed, Nov 06, 2019 at 05:31:36PM -0800, Ricardo Neri wrote:
> > + feature in newer x86 processors. If enabled, a general
>
> Better to say certain x86 processors? Intel and AMD have it but what
> about others?
Changed it to "some x86 processors".
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 7+ messages in thread
* [tip: x86/cpu] x86/umip: Make the comments vendor-agnostic
2019-11-05 21:25 ` [PATCH v3 2/2] x86/umip: Update the comments to cover generic x86 processors Moger, Babu
@ 2019-11-07 10:20 ` tip-bot2 for Babu Moger
0 siblings, 0 replies; 7+ messages in thread
From: tip-bot2 for Babu Moger @ 2019-11-07 10:20 UTC (permalink / raw)
To: linux-tip-commits
Cc: Babu Moger, Borislav Petkov, Andy Lutomirski, H. Peter Anvin,
Ingo Molnar, Ricardo Neri, Thomas Gleixner, x86, Ingo Molnar,
Borislav Petkov, linux-kernel
The following commit has been merged into the x86/cpu branch of tip:
Commit-ID: 9774a96f785bf0fa6d956ce33300463f1704dbeb
Gitweb: https://git.kernel.org/tip/9774a96f785bf0fa6d956ce33300463f1704dbeb
Author: Babu Moger <Babu.Moger@amd.com>
AuthorDate: Tue, 05 Nov 2019 21:25:40
Committer: Borislav Petkov <bp@suse.de>
CommitterDate: Thu, 07 Nov 2019 11:16:44 +01:00
x86/umip: Make the comments vendor-agnostic
AMD 2nd generation EPYC processors also support the UMIP feature. Make
the comments vendor-agnostic.
Signed-off-by: Babu Moger <babu.moger@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "x86@kernel.org" <x86@kernel.org>
Link: https://lkml.kernel.org/r/157298913784.17462.12654728938970637305.stgit@naples-babu.amd.com
---
arch/x86/kernel/umip.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kernel/umip.c b/arch/x86/kernel/umip.c
index 548fefe..8ccef6c 100644
--- a/arch/x86/kernel/umip.c
+++ b/arch/x86/kernel/umip.c
@@ -1,6 +1,6 @@
/*
- * umip.c Emulation for instruction protected by the Intel User-Mode
- * Instruction Prevention feature
+ * umip.c Emulation for instruction protected by the User-Mode Instruction
+ * Prevention feature
*
* Copyright (c) 2017, Intel Corporation.
* Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
@@ -18,10 +18,10 @@
/** DOC: Emulation for User-Mode Instruction Prevention (UMIP)
*
- * The feature User-Mode Instruction Prevention present in recent Intel
- * processor prevents a group of instructions (SGDT, SIDT, SLDT, SMSW and STR)
- * from being executed with CPL > 0. Otherwise, a general protection fault is
- * issued.
+ * User-Mode Instruction Prevention is a security feature present in recent
+ * x86 processors that, when enabled, prevents a group of instructions (SGDT,
+ * SIDT, SLDT, SMSW and STR) from being run in user mode by issuing a general
+ * protection fault if the instruction is executed with CPL > 0.
*
* Rather than relaying to the user space the general protection fault caused by
* the UMIP-protected instructions (in the form of a SIGSEGV signal), it can be
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [tip: x86/cpu] x86/Kconfig: Rename UMIP config parameter
2019-11-05 21:25 ` [PATCH v3 1/2] x86/Kconfig: Rename UMIP config parameter Moger, Babu
2019-11-07 1:31 ` Ricardo Neri
@ 2019-11-07 10:20 ` tip-bot2 for Babu Moger
1 sibling, 0 replies; 7+ messages in thread
From: tip-bot2 for Babu Moger @ 2019-11-07 10:20 UTC (permalink / raw)
To: linux-tip-commits
Cc: Babu Moger, Borislav Petkov, Andy Lutomirski, H. Peter Anvin,
Ingo Molnar, Ricardo Neri, Thomas Gleixner, x86, Ingo Molnar,
Borislav Petkov, linux-kernel
The following commit has been merged into the x86/cpu branch of tip:
Commit-ID: b971880fe79f4042aaaf426744a5b19521bf77b3
Gitweb: https://git.kernel.org/tip/b971880fe79f4042aaaf426744a5b19521bf77b3
Author: Babu Moger <Babu.Moger@amd.com>
AuthorDate: Tue, 05 Nov 2019 21:25:32
Committer: Borislav Petkov <bp@suse.de>
CommitterDate: Thu, 07 Nov 2019 11:07:29 +01:00
x86/Kconfig: Rename UMIP config parameter
AMD 2nd generation EPYC processors support the UMIP (User-Mode
Instruction Prevention) feature. So, rename X86_INTEL_UMIP to
generic X86_UMIP and modify the text to cover both Intel and AMD.
[ bp: take of the disabled-features.h copy in tools/ too. ]
Signed-off-by: Babu Moger <babu.moger@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "x86@kernel.org" <x86@kernel.org>
Link: https://lkml.kernel.org/r/157298912544.17462.2018334793891409521.stgit@naples-babu.amd.com
---
arch/x86/Kconfig | 16 ++++++++--------
arch/x86/include/asm/disabled-features.h | 2 +-
arch/x86/include/asm/umip.h | 4 ++--
arch/x86/kernel/Makefile | 2 +-
tools/arch/x86/include/asm/disabled-features.h | 2 +-
5 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 896f840..434fae9 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1880,16 +1880,16 @@ config X86_SMAP
If unsure, say Y.
-config X86_INTEL_UMIP
+config X86_UMIP
def_bool y
- depends on CPU_SUP_INTEL
- prompt "Intel User Mode Instruction Prevention" if EXPERT
+ depends on CPU_SUP_INTEL || CPU_SUP_AMD
+ prompt "User Mode Instruction Prevention" if EXPERT
---help---
- The User Mode Instruction Prevention (UMIP) is a security
- feature in newer Intel processors. If enabled, a general
- protection fault is issued if the SGDT, SLDT, SIDT, SMSW
- or STR instructions are executed in user mode. These instructions
- unnecessarily expose information about the hardware state.
+ User Mode Instruction Prevention (UMIP) is a security feature in
+ some x86 processors. If enabled, a general protection fault is
+ issued if the SGDT, SLDT, SIDT, SMSW or STR instructions are
+ executed in user mode. These instructions unnecessarily expose
+ information about the hardware state.
The vast majority of applications do not use these instructions.
For the very few that do, software emulation is provided in
diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h
index a5ea841..8e1d0bb 100644
--- a/arch/x86/include/asm/disabled-features.h
+++ b/arch/x86/include/asm/disabled-features.h
@@ -22,7 +22,7 @@
# define DISABLE_SMAP (1<<(X86_FEATURE_SMAP & 31))
#endif
-#ifdef CONFIG_X86_INTEL_UMIP
+#ifdef CONFIG_X86_UMIP
# define DISABLE_UMIP 0
#else
# define DISABLE_UMIP (1<<(X86_FEATURE_UMIP & 31))
diff --git a/arch/x86/include/asm/umip.h b/arch/x86/include/asm/umip.h
index db43f2a..aeed98c 100644
--- a/arch/x86/include/asm/umip.h
+++ b/arch/x86/include/asm/umip.h
@@ -4,9 +4,9 @@
#include <linux/types.h>
#include <asm/ptrace.h>
-#ifdef CONFIG_X86_INTEL_UMIP
+#ifdef CONFIG_X86_UMIP
bool fixup_umip_exception(struct pt_regs *regs);
#else
static inline bool fixup_umip_exception(struct pt_regs *regs) { return false; }
-#endif /* CONFIG_X86_INTEL_UMIP */
+#endif /* CONFIG_X86_UMIP */
#endif /* _ASM_X86_UMIP_H */
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
index 3578ad2..52ce1e2 100644
--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -134,7 +134,7 @@ obj-$(CONFIG_EFI) += sysfb_efi.o
obj-$(CONFIG_PERF_EVENTS) += perf_regs.o
obj-$(CONFIG_TRACING) += tracepoint.o
obj-$(CONFIG_SCHED_MC_PRIO) += itmt.o
-obj-$(CONFIG_X86_INTEL_UMIP) += umip.o
+obj-$(CONFIG_X86_UMIP) += umip.o
obj-$(CONFIG_UNWINDER_ORC) += unwind_orc.o
obj-$(CONFIG_UNWINDER_FRAME_POINTER) += unwind_frame.o
diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h
index a5ea841..8e1d0bb 100644
--- a/tools/arch/x86/include/asm/disabled-features.h
+++ b/tools/arch/x86/include/asm/disabled-features.h
@@ -22,7 +22,7 @@
# define DISABLE_SMAP (1<<(X86_FEATURE_SMAP & 31))
#endif
-#ifdef CONFIG_X86_INTEL_UMIP
+#ifdef CONFIG_X86_UMIP
# define DISABLE_UMIP 0
#else
# define DISABLE_UMIP (1<<(X86_FEATURE_UMIP & 31))
^ permalink raw reply related [flat|nested] 7+ messages in thread
end of thread, other threads:[~2019-11-07 10:21 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-05 21:25 [PATCH v3 0/2] Update UMIP config parameter and docs Moger, Babu
2019-11-05 21:25 ` [PATCH v3 1/2] x86/Kconfig: Rename UMIP config parameter Moger, Babu
2019-11-07 1:31 ` Ricardo Neri
2019-11-07 10:07 ` Borislav Petkov
2019-11-07 10:20 ` [tip: x86/cpu] " tip-bot2 for Babu Moger
2019-11-05 21:25 ` [PATCH v3 2/2] x86/umip: Update the comments to cover generic x86 processors Moger, Babu
2019-11-07 10:20 ` [tip: x86/cpu] x86/umip: Make the comments vendor-agnostic tip-bot2 for Babu Moger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).