]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commit
projects / mirror_ubuntu-artful-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1e2affe) | patch
x86/mm: Use/Fix PCID to optimize user/kernel switches
authorPeter Zijlstra <peterz@infradead.org>
Mon, 4 Dec 2017 14:07:59 +0000 (15:07 +0100)
committerKleber Sacilotto de Souza <kleber.souza@canonical.com>
Sat, 6 Jan 2018 12:23:47 +0000 (13:23 +0100)
commitac7471365d49c0a91d4b63453eb848cc19f17589
treec811540636aa109ef7cb3d2e6c6907a84e4bf0dctree
parent1e2affe2a79305b3a5f3ad65d3f61ad9d1f9e168commit | diff
x86/mm: Use/Fix PCID to optimize user/kernel switches

CVE-2017-5754

We can use PCID to retain the TLBs across CR3 switches; including those now
part of the user/kernel switch. This increases performance of kernel
entry/exit at the cost of more expensive/complicated TLB flushing.

Now that we have two address spaces, one for kernel and one for user space,
we need two PCIDs per mm. We use the top PCID bit to indicate a user PCID
(just like we use the PFN LSB for the PGD). Since we do TLB invalidation
from kernel space, the existing code will only invalidate the kernel PCID,
we augment that by marking the corresponding user PCID invalid, and upon
switching back to userspace, use a flushing CR3 write for the switch.

In order to access the user_pcid_flush_mask we use PER_CPU storage, which
means the previously established SWAPGS vs CR3 ordering is now mandatory
and required.

Having to do this memory access does require additional registers, most
sites have a functioning stack and we can spill one (RAX), sites without
functional stack need to otherwise provide the second scratch register.

Note: PCID is generally available on Intel Sandybridge and later CPUs.
Note: Up until this point TLB flushing was broken in this series.

Based-on-code-from: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: David Laight <David.Laight@aculab.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Eduardo Valentin <eduval@amazon.com>
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Will Deacon <will.deacon@arm.com>
Cc: aliguori@amazon.com
Cc: daniel.gruss@iaik.tugraz.at
Cc: hughd@google.com
Cc: keescook@google.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
(backported from commit 6fd166aae78c0ab738d49bda653cbd9e3b1491cf)
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
arch/x86/entry/calling.h diff | blob | blame | history
arch/x86/entry/entry_64.S diff | blob | blame | history
arch/x86/entry/entry_64_compat.S diff | blob | blame | history
arch/x86/include/asm/processor-flags.h diff | blob | blame | history
arch/x86/include/asm/tlbflush.h diff | blob | blame | history
arch/x86/include/uapi/asm/processor-flags.h diff | blob | blame | history
arch/x86/kernel/asm-offsets.c diff | blob | blame | history
arch/x86/mm/init.c diff | blob | blame | history
arch/x86/mm/tlb.c diff | blob | blame | history
Ubuntu Artful kernel mirror