Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'x86-urgent-2020-07-19' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip into master
Pull x86 fixes from Thomas Gleixner:
"A pile of fixes for x86:
- Fix the I/O bitmap invalidation on XEN PV, which was overlooked in
the recent ioperm/iopl rework. This caused the TSS and XEN's I/O
bitmap to get out of sync.
- Use the proper vectors for HYPERV.
- Make disabling of stack protector for the entry code work with GCC
builds which enable stack protector by default. Removing the option
is not sufficient, it needs an explicit -fno-stack-protector to
shut it off.
- Mark check_user_regs() noinstr as it is called from noinstr code.
The missing annotation causes it to be placed in the text section
which makes it instrumentable.
- Add the missing interrupt disable in exc_alignment_check()
- Fixup a XEN_PV build dependency in the 32bit entry code
- A few fixes to make the Clang integrated assembler happy
- Move EFI stub build to the right place for out of tree builds
- Make prepare_exit_to_usermode() static. It's not longer called from
ASM code"
* tag 'x86-urgent-2020-07-19' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/boot: Don't add the EFI stub to targets
x86/entry: Actually disable stack protector
x86/ioperm: Fix io bitmap invalidation on Xen PV
x86: math-emu: Fix up 'cmp' insn for clang ias
x86/entry: Fix vectors to IDTENTRY_SYSVEC for CONFIG_HYPERV
x86/entry: Add compatibility with IAS
x86/entry/common: Make prepare_exit_to_usermode() static
x86/entry: Mark check_user_regs() noinstr
x86/traps: Disable interrupts in exc_aligment_check()
x86/entry/32: Fix XEN_PV build dependency
+66
-37
+2
-2
arch/x86/boot/compressed/Makefile
+2
-2
arch/x86/boot/compressed/Makefile
···
90
90
91
91
vmlinux-objs-$(CONFIG_ACPI) += $(obj)/acpi.o
92
92
93
-
vmlinux-objs-$(CONFIG_EFI_STUB) += $(objtree)/drivers/firmware/efi/libstub/lib.a
94
93
vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_thunk_$(BITS).o
94
+
efi-obj-$(CONFIG_EFI_STUB) = $(objtree)/drivers/firmware/efi/libstub/lib.a
95
95
96
96
# The compressed kernel is built with -fPIC/-fPIE so that a boot loader
97
97
# can place it anywhere in memory and it will still run. However, since
···
115
115
quiet_cmd_check-and-link-vmlinux = LD $@
116
116
cmd_check-and-link-vmlinux = $(cmd_check_data_rel); $(cmd_ld)
117
117
118
-
$(obj)/vmlinux: $(vmlinux-objs-y) FORCE
118
+
$(obj)/vmlinux: $(vmlinux-objs-y) $(efi-obj-y) FORCE
119
119
$(call if_changed,check-and-link-vmlinux)
120
120
121
121
OBJCOPYFLAGS_vmlinux.bin := -R .comment -S
+11
-3
arch/x86/entry/Makefile
+11
-3
arch/x86/entry/Makefile
···
7
7
UBSAN_SANITIZE := n
8
8
KCOV_INSTRUMENT := n
9
9
10
-
CFLAGS_REMOVE_common.o = $(CC_FLAGS_FTRACE) -fstack-protector -fstack-protector-strong
11
-
CFLAGS_REMOVE_syscall_32.o = $(CC_FLAGS_FTRACE) -fstack-protector -fstack-protector-strong
12
-
CFLAGS_REMOVE_syscall_64.o = $(CC_FLAGS_FTRACE) -fstack-protector -fstack-protector-strong
10
+
CFLAGS_REMOVE_common.o = $(CC_FLAGS_FTRACE)
11
+
CFLAGS_REMOVE_syscall_64.o = $(CC_FLAGS_FTRACE)
12
+
CFLAGS_REMOVE_syscall_32.o = $(CC_FLAGS_FTRACE)
13
+
CFLAGS_REMOVE_syscall_x32.o = $(CC_FLAGS_FTRACE)
14
+
15
+
CFLAGS_common.o += -fno-stack-protector
16
+
CFLAGS_syscall_64.o += -fno-stack-protector
17
+
CFLAGS_syscall_32.o += -fno-stack-protector
18
+
CFLAGS_syscall_x32.o += -fno-stack-protector
13
19
14
20
CFLAGS_syscall_64.o += $(call cc-option,-Wno-override-init,)
15
21
CFLAGS_syscall_32.o += $(call cc-option,-Wno-override-init,)
22
+
CFLAGS_syscall_x32.o += $(call cc-option,-Wno-override-init,)
23
+
16
24
obj-y := entry_$(BITS).o thunk_$(BITS).o syscall_$(BITS).o
17
25
obj-y += common.o
18
26
+2
-2
arch/x86/entry/common.c
+2
-2
arch/x86/entry/common.c
···
46
46
#include <trace/events/syscalls.h>
47
47
48
48
/* Check that the stack and regs on entry from user mode are sane. */
49
-
static void check_user_regs(struct pt_regs *regs)
49
+
static noinstr void check_user_regs(struct pt_regs *regs)
50
50
{
51
51
if (IS_ENABLED(CONFIG_DEBUG_ENTRY)) {
52
52
/*
···
294
294
#endif
295
295
}
296
296
297
-
__visible noinstr void prepare_exit_to_usermode(struct pt_regs *regs)
297
+
static noinstr void prepare_exit_to_usermode(struct pt_regs *regs)
298
298
{
299
299
instrumentation_begin();
300
300
__prepare_exit_to_usermode(regs);
+10
-12
arch/x86/include/asm/idtentry.h
+10
-12
arch/x86/include/asm/idtentry.h
···
469
469
.align 8
470
470
SYM_CODE_START(irq_entries_start)
471
471
vector=FIRST_EXTERNAL_VECTOR
472
-
pos = .
473
472
.rept (FIRST_SYSTEM_VECTOR - FIRST_EXTERNAL_VECTOR)
474
473
UNWIND_HINT_IRET_REGS
474
+
0 :
475
475
.byte 0x6a, vector
476
476
jmp asm_common_interrupt
477
477
nop
478
478
/* Ensure that the above is 8 bytes max */
479
-
. = pos + 8
480
-
pos=pos+8
481
-
vector=vector+1
479
+
. = 0b + 8
480
+
vector = vector+1
482
481
.endr
483
482
SYM_CODE_END(irq_entries_start)
484
483
···
485
486
.align 8
486
487
SYM_CODE_START(spurious_entries_start)
487
488
vector=FIRST_SYSTEM_VECTOR
488
-
pos = .
489
489
.rept (NR_VECTORS - FIRST_SYSTEM_VECTOR)
490
490
UNWIND_HINT_IRET_REGS
491
+
0 :
491
492
.byte 0x6a, vector
492
493
jmp asm_spurious_interrupt
493
494
nop
494
495
/* Ensure that the above is 8 bytes max */
495
-
. = pos + 8
496
-
pos=pos+8
497
-
vector=vector+1
496
+
. = 0b + 8
497
+
vector = vector+1
498
498
.endr
499
499
SYM_CODE_END(spurious_entries_start)
500
500
#endif
···
551
553
552
554
/* NMI */
553
555
DECLARE_IDTENTRY_NMI(X86_TRAP_NMI, exc_nmi);
554
-
#ifdef CONFIG_XEN_PV
556
+
#if defined(CONFIG_XEN_PV) && defined(CONFIG_X86_64)
555
557
DECLARE_IDTENTRY_RAW(X86_TRAP_NMI, xenpv_exc_nmi);
556
558
#endif
557
559
···
561
563
#else
562
564
DECLARE_IDTENTRY_RAW(X86_TRAP_DB, exc_debug);
563
565
#endif
564
-
#ifdef CONFIG_XEN_PV
566
+
#if defined(CONFIG_XEN_PV) && defined(CONFIG_X86_64)
565
567
DECLARE_IDTENTRY_RAW(X86_TRAP_DB, xenpv_exc_debug);
566
568
#endif
567
569
···
624
626
625
627
#if IS_ENABLED(CONFIG_HYPERV)
626
628
DECLARE_IDTENTRY_SYSVEC(HYPERVISOR_CALLBACK_VECTOR, sysvec_hyperv_callback);
627
-
DECLARE_IDTENTRY_SYSVEC(HYPERVISOR_REENLIGHTENMENT_VECTOR, sysvec_hyperv_reenlightenment);
628
-
DECLARE_IDTENTRY_SYSVEC(HYPERVISOR_STIMER0_VECTOR, sysvec_hyperv_stimer0);
629
+
DECLARE_IDTENTRY_SYSVEC(HYPERV_REENLIGHTENMENT_VECTOR, sysvec_hyperv_reenlightenment);
630
+
DECLARE_IDTENTRY_SYSVEC(HYPERV_STIMER0_VECTOR, sysvec_hyperv_stimer0);
629
631
#endif
630
632
631
633
#if IS_ENABLED(CONFIG_ACRN_GUEST)
+16
arch/x86/include/asm/io_bitmap.h
+16
arch/x86/include/asm/io_bitmap.h
···
19
19
void io_bitmap_share(struct task_struct *tsk);
20
20
void io_bitmap_exit(struct task_struct *tsk);
21
21
22
+
static inline void native_tss_invalidate_io_bitmap(void)
23
+
{
24
+
/*
25
+
* Invalidate the I/O bitmap by moving io_bitmap_base outside the
26
+
* TSS limit so any subsequent I/O access from user space will
27
+
* trigger a #GP.
28
+
*
29
+
* This is correct even when VMEXIT rewrites the TSS limit
30
+
* to 0x67 as the only requirement is that the base points
31
+
* outside the limit.
32
+
*/
33
+
this_cpu_write(cpu_tss_rw.x86_tss.io_bitmap_base,
34
+
IO_BITMAP_OFFSET_INVALID);
35
+
}
36
+
22
37
void native_tss_update_io_bitmap(void);
23
38
24
39
#ifdef CONFIG_PARAVIRT_XXL
25
40
#include <asm/paravirt.h>
26
41
#else
27
42
#define tss_update_io_bitmap native_tss_update_io_bitmap
43
+
#define tss_invalidate_io_bitmap native_tss_invalidate_io_bitmap
28
44
#endif
29
45
30
46
#else
+5
arch/x86/include/asm/paravirt.h
+5
arch/x86/include/asm/paravirt.h
+1
arch/x86/include/asm/paravirt_types.h
+1
arch/x86/include/asm/paravirt_types.h
+2
-1
arch/x86/kernel/paravirt.c
+2
-1
arch/x86/kernel/paravirt.c
···
324
324
.cpu.swapgs = native_swapgs,
325
325
326
326
#ifdef CONFIG_X86_IOPL_IOPERM
327
-
.cpu.update_io_bitmap = native_tss_update_io_bitmap,
327
+
.cpu.invalidate_io_bitmap = native_tss_invalidate_io_bitmap,
328
+
.cpu.update_io_bitmap = native_tss_update_io_bitmap,
328
329
#endif
329
330
330
331
.cpu.start_context_switch = paravirt_nop,
+2
-16
arch/x86/kernel/process.c
+2
-16
arch/x86/kernel/process.c
···
322
322
}
323
323
324
324
#ifdef CONFIG_X86_IOPL_IOPERM
325
-
static inline void tss_invalidate_io_bitmap(struct tss_struct *tss)
326
-
{
327
-
/*
328
-
* Invalidate the I/O bitmap by moving io_bitmap_base outside the
329
-
* TSS limit so any subsequent I/O access from user space will
330
-
* trigger a #GP.
331
-
*
332
-
* This is correct even when VMEXIT rewrites the TSS limit
333
-
* to 0x67 as the only requirement is that the base points
334
-
* outside the limit.
335
-
*/
336
-
tss->x86_tss.io_bitmap_base = IO_BITMAP_OFFSET_INVALID;
337
-
}
338
-
339
325
static inline void switch_to_bitmap(unsigned long tifp)
340
326
{
341
327
/*
···
332
346
* user mode.
333
347
*/
334
348
if (tifp & _TIF_IO_BITMAP)
335
-
tss_invalidate_io_bitmap(this_cpu_ptr(&cpu_tss_rw));
349
+
tss_invalidate_io_bitmap();
336
350
}
337
351
338
352
static void tss_copy_io_bitmap(struct tss_struct *tss, struct io_bitmap *iobm)
···
366
380
u16 *base = &tss->x86_tss.io_bitmap_base;
367
381
368
382
if (!test_thread_flag(TIF_IO_BITMAP)) {
369
-
tss_invalidate_io_bitmap(tss);
383
+
native_tss_invalidate_io_bitmap();
370
384
return;
371
385
}
372
386
+2
arch/x86/kernel/traps.c
+2
arch/x86/kernel/traps.c
+1
-1
arch/x86/math-emu/wm_sqrt.S
+1
-1
arch/x86/math-emu/wm_sqrt.S
+12
arch/x86/xen/enlighten_pv.c
+12
arch/x86/xen/enlighten_pv.c
···
870
870
}
871
871
872
872
#ifdef CONFIG_X86_IOPL_IOPERM
873
+
static void xen_invalidate_io_bitmap(void)
874
+
{
875
+
struct physdev_set_iobitmap iobitmap = {
876
+
.bitmap = 0,
877
+
.nr_ports = 0,
878
+
};
879
+
880
+
native_tss_invalidate_io_bitmap();
881
+
HYPERVISOR_physdev_op(PHYSDEVOP_set_iobitmap, &iobitmap);
882
+
}
883
+
873
884
static void xen_update_io_bitmap(void)
874
885
{
875
886
struct physdev_set_iobitmap iobitmap;
···
1110
1099
.load_sp0 = xen_load_sp0,
1111
1100
1112
1101
#ifdef CONFIG_X86_IOPL_IOPERM
1102
+
.invalidate_io_bitmap = xen_invalidate_io_bitmap,
1113
1103
.update_io_bitmap = xen_update_io_bitmap,
1114
1104
#endif
1115
1105
.io_delay = xen_io_delay,