| Message ID | 20190711214751.16725-1-sean.j.christopherson@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [for_v21] x86/vdso: Do not attempt to fixup #DB or #BP exceptions | expand |
On Thu, Jul 11, 2019 at 02:47:51PM -0700, Sean Christopherson wrote: > Do not fixup #DB or #BP exceptions that are reported on the SGX vDSO's > ENCLU, as it's impossible to determine whether or not the exception > originated from within an enclave, e.g. a #DB in an enclave will look > identical to a #DB on the ENCLU itself. Even if hardware provided a > magic flag to identify enclave exceptions, #DB still has scenarios where > the intended recipient is ambiguous, e.g. a data breakpoint encountered > in the enclave but on an address outside of the enclave, a breakpoint > encountered in the enclave and a simultaneouls code breakpoint on ENCLU, > and so on and so forth. > > An alternative solution would be to simply not call the vDSO fixup > routine for #DB or #BP. Rejecting fixup from within vDSO explicitly > documents that #DB/#BP are intentionally skipped and provides a single > location for determining what exceptions are indeed handled by vDSO > fixup. I think this is better and good use of the boolean return value i.e. consolidate the decision to a single place. > > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> > --- > arch/x86/entry/vdso/extable.c | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/arch/x86/entry/vdso/extable.c b/arch/x86/entry/vdso/extable.c > index 49284d560d36..afcf5b65beef 100644 > --- a/arch/x86/entry/vdso/extable.c > +++ b/arch/x86/entry/vdso/extable.c > @@ -2,6 +2,7 @@ > #include <linux/err.h> > #include <linux/mm.h> > #include <asm/current.h> > +#include <asm/traps.h> > #include <asm/vdso.h> > > struct vdso_exception_table_entry { > @@ -16,6 +17,14 @@ bool fixup_vdso_exception(struct pt_regs *regs, int trapnr, > unsigned int nr_entries, i; > unsigned long base; > > + /* > + * Do not attempt to fixup #DB or #BP. It's impossible to identify > + * whether or not a #DB/#BP originated from within an SGX enclave and > + * SGX enclaves are currently the only use case for vDSO fixup. > + */ > + if (trapnr == X86_TRAP_DB || trapnr == X86_TRAP_BP) > + return false; > + > if (!current->mm->context.vdso) > return false; > > -- > 2.22.0 > Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> /Jarkko
diff --git a/arch/x86/entry/vdso/extable.c b/arch/x86/entry/vdso/extable.c index 49284d560d36..afcf5b65beef 100644 --- a/arch/x86/entry/vdso/extable.c +++ b/arch/x86/entry/vdso/extable.c @@ -2,6 +2,7 @@ #include <linux/err.h> #include <linux/mm.h> #include <asm/current.h> +#include <asm/traps.h> #include <asm/vdso.h> struct vdso_exception_table_entry { @@ -16,6 +17,14 @@ bool fixup_vdso_exception(struct pt_regs *regs, int trapnr, unsigned int nr_entries, i; unsigned long base; + /* + * Do not attempt to fixup #DB or #BP. It's impossible to identify + * whether or not a #DB/#BP originated from within an SGX enclave and + * SGX enclaves are currently the only use case for vDSO fixup. + */ + if (trapnr == X86_TRAP_DB || trapnr == X86_TRAP_BP) + return false; + if (!current->mm->context.vdso) return false;
Do not fixup #DB or #BP exceptions that are reported on the SGX vDSO's ENCLU, as it's impossible to determine whether or not the exception originated from within an enclave, e.g. a #DB in an enclave will look identical to a #DB on the ENCLU itself. Even if hardware provided a magic flag to identify enclave exceptions, #DB still has scenarios where the intended recipient is ambiguous, e.g. a data breakpoint encountered in the enclave but on an address outside of the enclave, a breakpoint encountered in the enclave and a simultaneouls code breakpoint on ENCLU, and so on and so forth. An alternative solution would be to simply not call the vDSO fixup routine for #DB or #BP. Rejecting fixup from within vDSO explicitly documents that #DB/#BP are intentionally skipped and provides a single location for determining what exceptions are indeed handled by vDSO fixup. Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> --- arch/x86/entry/vdso/extable.c | 9 +++++++++ 1 file changed, 9 insertions(+)