From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Martin Schwidefsky <schwidefsky@de.ibm.com>
Subject: [PATCH 4.9 35/74] s390: run user space and KVM guests with modified branch prediction
Date: Fri, 27 Apr 2018 15:58:25 +0200 [thread overview]
Message-ID: <20180427135711.387795148@linuxfoundation.org> (raw)
In-Reply-To: <20180427135709.899303463@linuxfoundation.org>
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Martin Schwidefsky <schwidefsky@de.ibm.com>
[ Upstream commit 6b73044b2b0081ee3dd1cd6eaab7dee552601efb ]
Define TIF_ISOLATE_BP and TIF_ISOLATE_BP_GUEST and add the necessary
plumbing in entry.S to be able to run user space and KVM guests with
limited branch prediction.
To switch a user space process to limited branch prediction the
s390_isolate_bp() function has to be call, and to run a vCPU of a KVM
guest associated with the current task with limited branch prediction
call s390_isolate_bp_guest().
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/s390/include/asm/processor.h | 3 ++
arch/s390/include/asm/thread_info.h | 4 ++
arch/s390/kernel/entry.S | 49 +++++++++++++++++++++++++++++++++---
arch/s390/kernel/processor.c | 18 +++++++++++++
4 files changed, 70 insertions(+), 4 deletions(-)
--- a/arch/s390/include/asm/processor.h
+++ b/arch/s390/include/asm/processor.h
@@ -360,6 +360,9 @@ extern void memcpy_absolute(void *, void
memcpy_absolute(&(dest), &__tmp, sizeof(__tmp)); \
}
+extern int s390_isolate_bp(void);
+extern int s390_isolate_bp_guest(void);
+
#endif /* __ASSEMBLY__ */
#endif /* __ASM_S390_PROCESSOR_H */
--- a/arch/s390/include/asm/thread_info.h
+++ b/arch/s390/include/asm/thread_info.h
@@ -79,6 +79,8 @@ int arch_dup_task_struct(struct task_str
#define TIF_SECCOMP 5 /* secure computing */
#define TIF_SYSCALL_TRACEPOINT 6 /* syscall tracepoint instrumentation */
#define TIF_UPROBE 7 /* breakpointed or single-stepping */
+#define TIF_ISOLATE_BP 8 /* Run process with isolated BP */
+#define TIF_ISOLATE_BP_GUEST 9 /* Run KVM guests with isolated BP */
#define TIF_31BIT 16 /* 32bit process */
#define TIF_MEMDIE 17 /* is terminating due to OOM killer */
#define TIF_RESTORE_SIGMASK 18 /* restore signal mask in do_signal() */
@@ -94,6 +96,8 @@ int arch_dup_task_struct(struct task_str
#define _TIF_SECCOMP _BITUL(TIF_SECCOMP)
#define _TIF_SYSCALL_TRACEPOINT _BITUL(TIF_SYSCALL_TRACEPOINT)
#define _TIF_UPROBE _BITUL(TIF_UPROBE)
+#define _TIF_ISOLATE_BP _BITUL(TIF_ISOLATE_BP)
+#define _TIF_ISOLATE_BP_GUEST _BITUL(TIF_ISOLATE_BP_GUEST)
#define _TIF_31BIT _BITUL(TIF_31BIT)
#define _TIF_SINGLE_STEP _BITUL(TIF_SINGLE_STEP)
--- a/arch/s390/kernel/entry.S
+++ b/arch/s390/kernel/entry.S
@@ -105,6 +105,7 @@ _PIF_WORK = (_PIF_PER_TRAP)
j 3f
1: LAST_BREAK %r14
UPDATE_VTIME %r14,%r15,\timer
+ BPENTER __TI_flags(%r12),_TIF_ISOLATE_BP
2: lg %r15,__LC_ASYNC_STACK # load async stack
3: la %r11,STACK_FRAME_OVERHEAD(%r15)
.endm
@@ -191,6 +192,40 @@ _PIF_WORK = (_PIF_PER_TRAP)
.popsection
.endm
+ .macro BPENTER tif_ptr,tif_mask
+ .pushsection .altinstr_replacement, "ax"
+662: .word 0xc004, 0x0000, 0x0000 # 6 byte nop
+ .word 0xc004, 0x0000, 0x0000 # 6 byte nop
+ .popsection
+664: TSTMSK \tif_ptr,\tif_mask
+ jz . + 8
+ .long 0xb2e8d000
+ .pushsection .altinstructions, "a"
+ .long 664b - .
+ .long 662b - .
+ .word 82
+ .byte 12
+ .byte 12
+ .popsection
+ .endm
+
+ .macro BPEXIT tif_ptr,tif_mask
+ TSTMSK \tif_ptr,\tif_mask
+ .pushsection .altinstr_replacement, "ax"
+662: jnz . + 8
+ .long 0xb2e8d000
+ .popsection
+664: jz . + 8
+ .long 0xb2e8c000
+ .pushsection .altinstructions, "a"
+ .long 664b - .
+ .long 662b - .
+ .word 82
+ .byte 8
+ .byte 8
+ .popsection
+ .endm
+
.section .kprobes.text, "ax"
.Ldummy:
/*
@@ -248,9 +283,11 @@ ENTRY(__switch_to)
*/
ENTRY(sie64a)
stmg %r6,%r14,__SF_GPRS(%r15) # save kernel registers
+ lg %r12,__LC_CURRENT
stg %r2,__SF_EMPTY(%r15) # save control block pointer
stg %r3,__SF_EMPTY+8(%r15) # save guest register save area
xc __SF_EMPTY+16(8,%r15),__SF_EMPTY+16(%r15) # reason code = 0
+ mvc __SF_EMPTY+24(8,%r15),__TI_flags(%r12) # copy thread flags
TSTMSK __LC_CPU_FLAGS,_CIF_FPU # load guest fp/vx registers ?
jno .Lsie_load_guest_gprs
brasl %r14,load_fpu_regs # load guest fp/vx regs
@@ -267,10 +304,11 @@ ENTRY(sie64a)
jnz .Lsie_skip
TSTMSK __LC_CPU_FLAGS,_CIF_FPU
jo .Lsie_skip # exit if fp/vx regs changed
- BPON
+ BPEXIT __SF_EMPTY+24(%r15),(_TIF_ISOLATE_BP|_TIF_ISOLATE_BP_GUEST)
sie 0(%r14)
.Lsie_exit:
BPOFF
+ BPENTER __SF_EMPTY+24(%r15),(_TIF_ISOLATE_BP|_TIF_ISOLATE_BP_GUEST)
.Lsie_skip:
ni __SIE_PROG0C+3(%r14),0xfe # no longer in SIE
lctlg %c1,%c1,__LC_USER_ASCE # load primary asce
@@ -332,6 +370,7 @@ ENTRY(system_call)
LAST_BREAK %r13
.Lsysc_vtime:
UPDATE_VTIME %r10,%r13,__LC_SYNC_ENTER_TIMER
+ BPENTER __TI_flags(%r12),_TIF_ISOLATE_BP
stmg %r0,%r7,__PT_R0(%r11)
# clear user controlled register to prevent speculative use
xgr %r0,%r0
@@ -369,7 +408,7 @@ ENTRY(system_call)
jnz .Lsysc_work # check for work
TSTMSK __LC_CPU_FLAGS,_CIF_WORK
jnz .Lsysc_work
- BPON
+ BPEXIT __TI_flags(%r12),_TIF_ISOLATE_BP
.Lsysc_restore:
lg %r14,__LC_VDSO_PER_CPU
lmg %r0,%r10,__PT_R0(%r11)
@@ -555,6 +594,7 @@ ENTRY(pgm_check_handler)
j 3f
2: LAST_BREAK %r14
UPDATE_VTIME %r14,%r15,__LC_SYNC_ENTER_TIMER
+ BPENTER __TI_flags(%r12),_TIF_ISOLATE_BP
lg %r15,__LC_KERNEL_STACK
lg %r14,__TI_task(%r12)
aghi %r14,__TASK_thread # pointer to thread_struct
@@ -683,7 +723,7 @@ ENTRY(io_int_handler)
mvc __LC_RETURN_PSW(16),__PT_PSW(%r11)
tm __PT_PSW+1(%r11),0x01 # returning to user ?
jno .Lio_exit_kernel
- BPON
+ BPEXIT __TI_flags(%r12),_TIF_ISOLATE_BP
.Lio_exit_timer:
stpt __LC_EXIT_TIMER
mvc __VDSO_ECTG_BASE(16,%r14),__LC_EXIT_TIMER
@@ -1044,7 +1084,7 @@ ENTRY(mcck_int_handler)
mvc __LC_RETURN_MCCK_PSW(16),__PT_PSW(%r11) # move return PSW
tm __LC_RETURN_MCCK_PSW+1,0x01 # returning to user ?
jno 0f
- BPON
+ BPEXIT __TI_flags(%r12),_TIF_ISOLATE_BP
stpt __LC_EXIT_TIMER
mvc __VDSO_ECTG_BASE(16,%r14),__LC_EXIT_TIMER
0: lmg %r11,%r15,__PT_R11(%r11)
@@ -1165,6 +1205,7 @@ cleanup_critical:
.quad .Lsie_done
.Lcleanup_sie:
+ BPENTER __SF_EMPTY+24(%r15),(_TIF_ISOLATE_BP|_TIF_ISOLATE_BP_GUEST)
lg %r9,__SF_EMPTY(%r15) # get control block pointer
ni __SIE_PROG0C+3(%r9),0xfe # no longer in SIE
lctlg %c1,%c1,__LC_USER_ASCE # load primary asce
--- a/arch/s390/kernel/processor.c
+++ b/arch/s390/kernel/processor.c
@@ -179,3 +179,21 @@ const struct seq_operations cpuinfo_op =
.stop = c_stop,
.show = show_cpuinfo,
};
+
+int s390_isolate_bp(void)
+{
+ if (!test_facility(82))
+ return -EOPNOTSUPP;
+ set_thread_flag(TIF_ISOLATE_BP);
+ return 0;
+}
+EXPORT_SYMBOL(s390_isolate_bp);
+
+int s390_isolate_bp_guest(void)
+{
+ if (!test_facility(82))
+ return -EOPNOTSUPP;
+ set_thread_flag(TIF_ISOLATE_BP_GUEST);
+ return 0;
+}
+EXPORT_SYMBOL(s390_isolate_bp_guest);
next prev parent reply other threads:[~2018-04-27 13:58 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-27 13:57 [PATCH 4.9 00/74] 4.9.97-stable review Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.9 01/74] cifs: do not allow creating sockets except with SMB1 posix exensions Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.9 02/74] x86/tsc: Prevent 32bit truncation in calc_hpet_ref() Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.9 03/74] drm/vc4: Fix memory leak during BO teardown Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.9 04/74] drm/i915: Fix LSPCON TMDS output buffer enabling from low-power state Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.9 05/74] i2c: i801: store and restore the SLVCMD register at load and unload Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.9 06/74] i2c: i801: Save register SMBSLVCMD value only once Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.9 07/74] i2c: i801: Restore configuration at shutdown Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.9 08/74] usb: musb: fix enumeration after resume Greg Kroah-Hartman
2018-04-27 13:57 ` [PATCH 4.9 09/74] usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 10/74] usb: musb: Fix external abort in musb_remove on omap2430 Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 11/74] MIPS: Generic: Fix big endian CPUs on generic machine Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 12/74] Input: drv260x - fix initializing overdrive voltage Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 13/74] power: supply: bq2415x: check for NULL acpi_id to avoid null pointer dereference Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 14/74] [media] stk-webcam: fix an endian bug in stk_camera_read_reg() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 15/74] OF: Prevent unaligned access in of_alias_scan() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 16/74] ath9k_hw: check if the chip failed to wake up Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 17/74] jbd2: fix use after free in kjournald2() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 18/74] Revert "perf tools: Decompress kernel module when reading DSO data" Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 19/74] perf: Fix sample_max_stack maximum check Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 20/74] perf: Return proper values for user stack errors Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 21/74] RDMA/mlx5: Fix NULL dereference while accessing XRC_TGT QPs Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 22/74] drm/i915/bxt, glk: Increase PCODE timeouts during CDCLK freq changing Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 23/74] mac80211_hwsim: fix use-after-free bug in hwsim_exit_net Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 24/74] r8152: add Linksys USB3GIGV1 id Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 25/74] Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip" Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 26/74] Revert "ath10k: send (re)assoc peer command when NSS changed" Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 27/74] PCI: Wait up to 60 seconds for device to become ready after FLR Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 28/74] s390: introduce CPU alternatives Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 29/74] s390: enable CPU alternatives unconditionally Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 30/74] KVM: s390: wire up bpb feature Greg Kroah-Hartman
2018-04-27 15:43 ` Christian Borntraeger
2018-04-27 13:58 ` [PATCH 4.9 31/74] s390: scrub registers on kernel entry and KVM exit Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 32/74] s390: add optimized array_index_mask_nospec Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 33/74] s390/alternative: use a copy of the facility bit mask Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 34/74] s390: add options to change branch prediction behaviour for the kernel Greg Kroah-Hartman
2018-04-27 13:58 ` Greg Kroah-Hartman [this message]
2018-04-27 13:58 ` [PATCH 4.9 36/74] s390: introduce execute-trampolines for branches Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 37/74] KVM: s390: force bp isolation for VSIE Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 38/74] s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 39/74] s390: do not bypass BPENTER for interrupt system calls Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 40/74] s390/entry.S: fix spurious zeroing of r0 Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 41/74] s390: move nobp parameter functions to nospec-branch.c Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 42/74] s390: add automatic detection of the spectre defense Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 43/74] s390: report spectre mitigation via syslog Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 44/74] s390: add sysfs attributes for spectre Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 45/74] s390: correct nospec auto detection init order Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 46/74] s390: correct module section names for expoline code revert Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 47/74] bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 48/74] KEYS: DNS: limit the length of option strings Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 49/74] l2tp: check sockaddr length in pppol2tp_connect() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 50/74] net: validate attribute sizes in neigh_dump_table() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 51/74] llc: delete timers synchronously in llc_sk_free() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 52/74] tcp: dont read out-of-bounds opsize Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 53/74] team: avoid adding twice the same option to the event list Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 54/74] team: fix netconsole setup over team Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 55/74] packet: fix bitfield update race Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 56/74] tipc: add policy for TIPC_NLA_NET_ADDR Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 57/74] pppoe: check sockaddr length in pppoe_connect() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 58/74] vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 59/74] sctp: do not check port in sctp_inet6_cmp_addr Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 60/74] net: sched: ife: signal not finding metaid Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 61/74] llc: hold llc_sap before release_sock() Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 62/74] llc: fix NULL pointer deref for SOCK_ZAPPED Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 63/74] net: ethernet: ti: cpsw: fix tx vlan priority mapping Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 64/74] net: fix deadlock while clearing neighbor proxy table Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 65/74] tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 66/74] net: af_packet: fix race in PACKET_{R|T}X_RING Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 67/74] ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 68/74] strparser: Fix incorrect strp->need_bytes value Greg Kroah-Hartman
2018-04-27 13:58 ` [PATCH 4.9 69/74] scsi: mptsas: Disable WRITE SAME Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.9 70/74] cdrom: information leak in cdrom_ioctl_media_changed() Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.9 71/74] s390/cio: update chpid descriptor after resource accessibility event Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.9 72/74] s390/dasd: fix IO error for newly defined devices Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.9 73/74] s390/uprobes: implement arch_uretprobe_is_alive() Greg Kroah-Hartman
2018-04-27 13:59 ` [PATCH 4.9 74/74] ACPI / video: Only default only_lcd to true on Win8-ready _desktops_ Greg Kroah-Hartman
2018-04-27 18:13 ` [PATCH 4.9 00/74] 4.9.97-stable review Shuah Khan
2018-04-27 20:33 ` Dan Rue
2018-04-27 20:44 ` kernelci.org bot
2018-04-28 14:26 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180427135711.387795148@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=schwidefsky@de.ibm.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).