From owner-svn-src-head@freebsd.org Sat Mar 16 11:31:05 2019 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 503221525CDC; Sat, 16 Mar 2019 11:31:05 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E7C68847AC; Sat, 16 Mar 2019 11:31:04 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DB436216F9; Sat, 16 Mar 2019 11:31:04 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x2GBV491030756; Sat, 16 Mar 2019 11:31:04 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x2GBV2hK030744; Sat, 16 Mar 2019 11:31:02 GMT (envelope-from kib@FreeBSD.org) Message-Id: <201903161131.x2GBV2hK030744@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Sat, 16 Mar 2019 11:31:02 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r345227 - in head/sys: amd64/amd64 amd64/include arm/arm arm64/arm64 i386/i386 kern mips/mips powerpc/powerpc riscv/riscv sparc64/sparc64 sys X-SVN-Group: head X-SVN-Commit-Author: kib X-SVN-Commit-Paths: in head/sys: amd64/amd64 amd64/include arm/arm arm64/arm64 i386/i386 kern mips/mips powerpc/powerpc riscv/riscv sparc64/sparc64 sys X-SVN-Commit-Revision: 345227 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: E7C68847AC X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.998,0]; NEURAL_HAM_SHORT(-0.96)[-0.964,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Mar 2019 11:31:05 -0000 Author: kib Date: Sat Mar 16 11:31:01 2019 New Revision: 345227 URL: https://svnweb.freebsd.org/changeset/base/345227 Log: amd64: Add md process flags and first P_MD_PTI flag. PTI mode for the process pmap on exec is activated iff P_MD_PTI is set. On exec, the existing vmspace can be reused only if pti mode of the pmap matches the P_MD_PTI flag of the process. Add MD cpu_exec_vmspace_reuse() callback for exec_new_vmspace() which can vetoed reuse of the existing vmspace. MFC note: md_flags change struct proc KBI. Reviewed by: jhb, markj Tested by: pho Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D19514 Modified: head/sys/amd64/amd64/pmap.c head/sys/amd64/amd64/vm_machdep.c head/sys/amd64/include/proc.h head/sys/arm/arm/vm_machdep.c head/sys/arm64/arm64/vm_machdep.c head/sys/i386/i386/vm_machdep.c head/sys/kern/kern_exec.c head/sys/kern/kern_thread.c head/sys/mips/mips/vm_machdep.c head/sys/powerpc/powerpc/vm_machdep.c head/sys/riscv/riscv/vm_machdep.c head/sys/sparc64/sparc64/vm_machdep.c head/sys/sys/proc.h Modified: head/sys/amd64/amd64/pmap.c ============================================================================== --- head/sys/amd64/amd64/pmap.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/amd64/amd64/pmap.c Sat Mar 16 11:31:01 2019 (r345227) @@ -2853,6 +2853,7 @@ pmap_unuse_pt(pmap_t pmap, vm_offset_t va, pd_entry_t void pmap_pinit0(pmap_t pmap) { + struct proc *p; int i; PMAP_LOCK_INIT(pmap); @@ -2871,6 +2872,12 @@ pmap_pinit0(pmap_t pmap) pmap->pm_pcids[i].pm_gen = 1; } pmap_activate_boot(pmap); + if (pti) { + p = curproc; + PROC_LOCK(p); + p->p_md.md_flags |= P_MD_KPTI; + PROC_UNLOCK(p); + } if ((cpu_stdext_feature2 & CPUID_STDEXT2_PKU) != 0) { pmap_pkru_ranges_zone = uma_zcreate("pkru ranges", @@ -2957,7 +2964,7 @@ pmap_pinit_type(pmap_t pmap, enum pmap_type pm_type, i if (pm_type == PT_X86) { pmap->pm_cr3 = pml4phys; pmap_pinit_pml4(pml4pg); - if (pti) { + if ((curproc->p_md.md_flags & P_MD_KPTI) != 0) { pml4pgu = vm_page_alloc(NULL, 0, VM_ALLOC_NORMAL | VM_ALLOC_NOOBJ | VM_ALLOC_WIRED | VM_ALLOC_WAITOK); pmap->pm_pml4u = (pml4_entry_t *)PHYS_TO_DMAP( Modified: head/sys/amd64/amd64/vm_machdep.c ============================================================================== --- head/sys/amd64/amd64/vm_machdep.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/amd64/amd64/vm_machdep.c Sat Mar 16 11:31:01 2019 (r345227) @@ -369,6 +369,14 @@ cpu_thread_free(struct thread *td) cpu_thread_clean(td); } +bool +cpu_exec_vmspace_reuse(struct proc *p, vm_map_t map) +{ + + return (((curproc->p_md.md_flags & P_MD_KPTI) != 0) == + (vm_map_pmap(map)->pm_ucr3 != PMAP_NO_CR3)); +} + void cpu_set_syscall_retval(struct thread *td, int error) { Modified: head/sys/amd64/include/proc.h ============================================================================== --- head/sys/amd64/include/proc.h Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/amd64/include/proc.h Sat Mar 16 11:31:01 2019 (r345227) @@ -40,7 +40,8 @@ /* * List of locks - * k - only accessed by curthread + * c - proc lock + * k - only accessed by curthread * pp - pmap.c:invl_gen_mtx */ @@ -69,7 +70,10 @@ struct mdthread { struct mdproc { struct proc_ldt *md_ldt; /* (t) per-process ldt */ struct system_segment_descriptor md_ldt_sd; + u_int md_flags; /* (c) md process flags P_MD */ }; + +#define P_MD_KPTI 0x00000001 /* Enable KPTI on exec */ #define KINFO_PROC_SIZE 1088 #define KINFO_PROC32_SIZE 768 Modified: head/sys/arm/arm/vm_machdep.c ============================================================================== --- head/sys/arm/arm/vm_machdep.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/arm/arm/vm_machdep.c Sat Mar 16 11:31:01 2019 (r345227) @@ -345,3 +345,10 @@ cpu_exit(struct thread *td) { } +bool +cpu_exec_vmspace_reuse(struct proc *p __unused, vm_map_t map __unused) +{ + + return (true); +} + Modified: head/sys/arm64/arm64/vm_machdep.c ============================================================================== --- head/sys/arm64/arm64/vm_machdep.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/arm64/arm64/vm_machdep.c Sat Mar 16 11:31:01 2019 (r345227) @@ -279,6 +279,13 @@ cpu_exit(struct thread *td) { } +bool +cpu_exec_vmspace_reuse(struct proc *p __unused, vm_map_t map __unused) +{ + + return (true); +} + void swi_vm(void *v) { Modified: head/sys/i386/i386/vm_machdep.c ============================================================================== --- head/sys/i386/i386/vm_machdep.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/i386/i386/vm_machdep.c Sat Mar 16 11:31:01 2019 (r345227) @@ -382,6 +382,13 @@ cpu_thread_free(struct thread *td) cpu_thread_clean(td); } +bool +cpu_exec_vmspace_reuse(struct proc *p __unused, vm_map_t map __unused) +{ + + return (true); +} + void cpu_set_syscall_retval(struct thread *td, int error) { Modified: head/sys/kern/kern_exec.c ============================================================================== --- head/sys/kern/kern_exec.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/kern/kern_exec.c Sat Mar 16 11:31:01 2019 (r345227) @@ -1100,7 +1100,8 @@ exec_new_vmspace(struct image_params *imgp, struct sys else sv_minuser = MAX(sv->sv_minuser, PAGE_SIZE); if (vmspace->vm_refcnt == 1 && vm_map_min(map) == sv_minuser && - vm_map_max(map) == sv->sv_maxuser) { + vm_map_max(map) == sv->sv_maxuser && + cpu_exec_vmspace_reuse(p, map)) { shmexit(vmspace); pmap_remove_pages(vmspace_pmap(vmspace)); vm_map_remove(map, vm_map_min(map), vm_map_max(map)); Modified: head/sys/kern/kern_thread.c ============================================================================== --- head/sys/kern/kern_thread.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/kern/kern_thread.c Sat Mar 16 11:31:01 2019 (r345227) @@ -94,7 +94,7 @@ _Static_assert(offsetof(struct proc, p_filemon) == 0x3 "struct proc KBI p_filemon"); _Static_assert(offsetof(struct proc, p_comm) == 0x3e8, "struct proc KBI p_comm"); -_Static_assert(offsetof(struct proc, p_emuldata) == 0x4c0, +_Static_assert(offsetof(struct proc, p_emuldata) == 0x4c8, "struct proc KBI p_emuldata"); #endif #ifdef __i386__ Modified: head/sys/mips/mips/vm_machdep.c ============================================================================== --- head/sys/mips/mips/vm_machdep.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/mips/mips/vm_machdep.c Sat Mar 16 11:31:01 2019 (r345227) @@ -453,6 +453,13 @@ cpu_set_upcall(struct thread *td, void (*entry)(void * */ } +bool +cpu_exec_vmspace_reuse(struct proc *p __unused, vm_map_t map __unused) +{ + + return (true); +} + /* * Software interrupt handler for queued VM system processing. */ Modified: head/sys/powerpc/powerpc/vm_machdep.c ============================================================================== --- head/sys/powerpc/powerpc/vm_machdep.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/powerpc/powerpc/vm_machdep.c Sat Mar 16 11:31:01 2019 (r345227) @@ -249,3 +249,10 @@ cpu_thread_swapout(struct thread *td) } +bool +cpu_exec_vmspace_reuse(struct proc *p __unused, vm_map_t map __unused) +{ + + return (true); +} + Modified: head/sys/riscv/riscv/vm_machdep.c ============================================================================== --- head/sys/riscv/riscv/vm_machdep.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/riscv/riscv/vm_machdep.c Sat Mar 16 11:31:01 2019 (r345227) @@ -264,6 +264,13 @@ cpu_exit(struct thread *td) { } +bool +cpu_exec_vmspace_reuse(struct proc *p __unused, vm_map_t map __unused) +{ + + return (true); +} + void swi_vm(void *v) { Modified: head/sys/sparc64/sparc64/vm_machdep.c ============================================================================== --- head/sys/sparc64/sparc64/vm_machdep.c Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/sparc64/sparc64/vm_machdep.c Sat Mar 16 11:31:01 2019 (r345227) @@ -373,6 +373,13 @@ cpu_fork_kthread_handler(struct thread *td, void (*fun fp->fr_local[1] = (u_long)arg; } +bool +cpu_exec_vmspace_reuse(struct proc *p __unused, vm_map_t map __unused) +{ + + return (true); +} + int is_physical_memory(vm_paddr_t addr) { Modified: head/sys/sys/proc.h ============================================================================== --- head/sys/sys/proc.h Sat Mar 16 11:16:09 2019 (r345226) +++ head/sys/sys/proc.h Sat Mar 16 11:31:01 2019 (r345227) @@ -1093,6 +1093,7 @@ void userret(struct thread *, struct trapframe *); void cpu_exit(struct thread *); void exit1(struct thread *, int, int) __dead2; void cpu_copy_thread(struct thread *td, struct thread *td0); +bool cpu_exec_vmspace_reuse(struct proc *p, struct vm_map *map); int cpu_fetch_syscall_args(struct thread *td); void cpu_fork(struct thread *, struct proc *, struct thread *, int); void cpu_fork_kthread_handler(struct thread *, void (*)(void *), void *);