From patchwork Thu Jul 6 23:38:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Rick Edgecombe X-Patchwork-Id: 13304307 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id F112CC001DF for ; Thu, 6 Jul 2023 23:39:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5C0BF8D0001; Thu, 6 Jul 2023 19:39:12 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 54B316B0074; Thu, 6 Jul 2023 19:39:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3C3788D0001; Thu, 6 Jul 2023 19:39:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 29AA36B0072 for ; Thu, 6 Jul 2023 19:39:12 -0400 (EDT) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id C7F05C043F for ; Thu, 6 Jul 2023 23:39:11 +0000 (UTC) X-FDA: 80982805302.02.0516DA2 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by imf24.hostedemail.com (Postfix) with ESMTP id 92321180007 for ; Thu, 6 Jul 2023 23:39:09 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=X2ep6v2y; spf=pass (imf24.hostedemail.com: domain of rick.p.edgecombe@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=rick.p.edgecombe@intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1688686749; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=nfmcYMQqtRQlIGvcVpkAcGlmLfZ3l1KH5qN09h2/C3w=; b=hFZFwwmt94m8DvoJcpqGXmJjTgXyGylfeX4XC+f5FuVXwxH8kZtn2BldorJ5vIohGBdx4e RW+qttnJ11Rlj3U+8MGMhzERPWHodu4G9RhSiXiWJY/2zwF+tIbdEZv/NC22qFLG/i+G1W Ak5rDKERNdg7uBQ5xzV7HAq0+Y9BbcM= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=X2ep6v2y; spf=pass (imf24.hostedemail.com: domain of rick.p.edgecombe@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=rick.p.edgecombe@intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1688686749; a=rsa-sha256; cv=none; b=6/mmDeVRWJLlF1de7tZODFJINKTjCVXmeNSmdhPh90MJfNSb04IUkuI1yynVbhabWDmtnE RTq7aR0nQjKktEu/0cYJ3cxtrHmIZCJ1ocmy35zTIOwoNpjFJisSsZbqAc9I5GIqZxtPIx tcjLB/27DgfPNbCwBIOV5BMKlob+fi0= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1688686749; x=1720222749; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=AWBI/d5dHbzI1rw676ZmAwDSgJ5kC4AMyKlnIBoe408=; b=X2ep6v2yGolIs3uHKiK4Wfg++/pJ3g0y2qDIyGyUGr6NlwLeZ+xNRZfw fmXmGrBTC48pfcklcMNx3/9AUnF075GNht057XvV+Id3MgDaw7/8wvdec xtyVz0h1SaSPm60DaPIxmhKXhux3nTmsRW0/uTv1kjKVFQBJ7dMU+xVZT X3ocWCst33z2zJXApvJrPB69BHhTptZRqYZjw1PM8XABTttJemFPDXTUJ CK+pqDI3Wg7Y0zgPgR9OO8lV2uN4f+aHQ8EtlzWQh6U4M2aJAOL0dHqt/ mi3LC1CGULjzC/z5GW5F0zCcO2LQ7xYwZexqTpCLkltNR/qH6VwTsqf2+ Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10763"; a="450110553" X-IronPort-AV: E=Sophos;i="6.01,187,1684825200"; d="scan'208";a="450110553" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jul 2023 16:39:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10763"; a="713766518" X-IronPort-AV: E=Sophos;i="6.01,187,1684825200"; d="scan'208";a="713766518" Received: from wangmei-mobl.amr.corp.intel.com (HELO rpedgeco-desk4.amr.corp.intel.com) ([10.212.211.11]) by orsmga007-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jul 2023 16:39:06 -0700 From: Rick Edgecombe To: rick.p.edgecombe@intel.com Cc: akpm@linux-foundation.org, andrew.cooper3@citrix.com, arnd@arndb.de, bp@alien8.de, broonie@kernel.org, bsingharora@gmail.com, christina.schimpe@intel.com, corbet@lwn.net, dave.hansen@intel.com, dave.hansen@linux.intel.com, david@redhat.com, debug@rivosinc.com, dethoma@microsoft.com, eranian@google.com, esyr@redhat.com, fweimer@redhat.com, gorcunov@gmail.com, hjl.tools@gmail.com, hpa@zytor.com, jamorris@linux.microsoft.com, jannh@google.com, john.allen@amd.com, kcc@google.com, keescook@chromium.org, kirill.shutemov@linux.intel.com, linux-api@vger.kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, luto@kernel.org, mike.kravetz@oracle.com, mingo@redhat.com, nadav.amit@gmail.com, oleg@redhat.com, pavel@ucw.cz, pengfei.xu@intel.com, peterz@infradead.org, rdunlap@infradead.org, rppt@kernel.org, szabolcs.nagy@arm.com, tglx@linutronix.de, torvalds@linux-foundation.org, weijiang.yang@intel.com, x86@kernel.org, yu-cheng.yu@intel.com Subject: [PATCH] x86/shstk: Don't retry vm_munmap() on -EINTR Date: Thu, 6 Jul 2023 16:38:58 -0700 Message-Id: <20230706233858.446232-1-rick.p.edgecombe@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <6a2309340a17070fd39a1b049ce71188bfb5eba7.camel@intel.com> References: <6a2309340a17070fd39a1b049ce71188bfb5eba7.camel@intel.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 92321180007 X-Rspam-User: X-Stat-Signature: ni8isrmnmtcwiw3rreaaskrrwddmr37b X-Rspamd-Server: rspam01 X-HE-Tag: 1688686749-388496 X-HE-Meta: U2FsdGVkX18e5SYawpxmjqUB1NiEFIytQ/KkcwJty8UbISU8yr7qdGeVycGe/bJm0BpZhLEY8xhf3TlgBvoo4HN1mvWEevxKy3G6CBn6QVwg8lKkl16V0HSbNBVcmTdPAWDZC4SIBJoAQymwDoKcUrSgXU3uv+SXumIh/hgUTn8IuTC6fz4Y+ykHfOn5UKDtXCq8dSYINp5c0MB+Jz8RJLkVd0U/r1gt0c1pjAV/rYH3gFxYKQGdj5ACvsmPOCHEaK80ojKc18je01hSH4fZkTfdkUKBK3fsEMhxoQrcLGL3YdArlNQc4E916xJkR/bZ9Th2n9O8TF6QzNLN5V37WCfHsBhKPtm+naQWVDT/+Mq2JKmguGC7zwcSuMVMW1qcyookR+7KC52HWHim8Gij8oPatfFa+UBY7+EwbvHpngVld0vLoHag+HYSK+zPR+AnQI5EyXL8yeTuZxA7hFEe4TYPizSPXAN+0Ow6pz9FLB6IEz/ta4bbiDagDJkUU+F0y/UiiGu+5HpRW6dbNXAlLWX/qmPiZyNaIrqtw6K8p7+Xp9/qNCiwKO3tDqqflW35wpIAzAAhcFMtJpVXUn7st6aUFIxuLmaVTUqgnN7ueuk9kpELQZoenTjP0lsVKbwt4S9fix3ZvKr3GNT/TNDBGKBVkthrscnGGfXFY5f21uEaTbEgxS0/IuIrqAfdtByB6QD7dCFCaa9V0wdgRLdYbIYbEOmOGi/c2i1vUob59/O1gCbrX5dyQ5/p9wANMRhrCKJfBhZRUTdht4nQMkc7Km5fa25eREarB9pJdWfx8sJacWeDIG37mq7D5pKq9h5PF+dnJQhFUlv8+8c6plgPMyKO+xf1RVHHkP+XABKcRJYHQZJrF1q6v3u6f+Ifvxn+X9QCLpbQuKPJLECSgYhe68WmViN+M7J5ex1R9+JJxu908dWcy1LN6IsNf1teIyQ1WI1GdnWVFcVazE9GzEZ 5R9N2RbX ERFEYbpxDmnP61KP7SmW6CrfIDfY/NCcVLSCrukmkENHSqCctphlHuAtw5wHC4mj5SHz+BN0pcA4vtbtvWmcX2sd7axD6Z7WLIYRpONdU6tc6kHY5JN7hqNqpypiRHcwAsBKrLvovp8R/VHZrKPhC/EWAKWeV0k6dalWovKhJ8+KTK92/3SSrsYfb5GsBrqLrzXK2JFk8nVd2umIqf8yFjH38kRl2mmLTQ84UpSYoO99iM8oWKFSK+zYvFNbuZrYg0VX38P+jB3dHAP+P+H+/R0EH8w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The existing comment around handling vm_munmap() failure when freeing a shadow stack is wrong. It asserts that vm_munmap() returns -EINTR when the mmap lock is only being held for a short time, and so the caller should retry. Based on this wrong understanding, unmap_shadow_stack() will loop retrying vm_munmap(). What -EINTR actually means in this case is that the process is going away (see ae79878), and the whole MM will be torn down soon. In order to facilitate this, the task should not linger in the kernel, but actually do the opposite. So don't loop in this scenario, just abandon the operation and let exit_mmap() clean it up. Also, update the comment to reflect the actual meaning of the error code. Signed-off-by: Rick Edgecombe --- arch/x86/kernel/shstk.c | 34 +++++++++++++++------------------- 1 file changed, 15 insertions(+), 19 deletions(-) diff --git a/arch/x86/kernel/shstk.c b/arch/x86/kernel/shstk.c index 47f5204b0fa9..cd10d074a444 100644 --- a/arch/x86/kernel/shstk.c +++ b/arch/x86/kernel/shstk.c @@ -134,28 +134,24 @@ static unsigned long adjust_shstk_size(unsigned long size) static void unmap_shadow_stack(u64 base, u64 size) { - while (1) { - int r; + int r; - r = vm_munmap(base, size); + r = vm_munmap(base, size); - /* - * vm_munmap() returns -EINTR when mmap_lock is held by - * something else, and that lock should not be held for a - * long time. Retry it for the case. - */ - if (r == -EINTR) { - cond_resched(); - continue; - } + /* + * mmap_write_lock_killable() failed with -EINTR. This means + * the process is about to die and have it's MM cleaned up. + * This task shouldn't ever make it back to userspace. In this + * case it is ok to leak a shadow stack, so just exit out. + */ + if (r == -EINTR) + return; - /* - * For all other types of vm_munmap() failure, either the - * system is out of memory or there is bug. - */ - WARN_ON_ONCE(r); - break; - } + /* + * For all other types of vm_munmap() failure, either the + * system is out of memory or there is bug. + */ + WARN_ON_ONCE(r); } static int shstk_setup(void)