From patchwork Fri Sep 14 10:59:14 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Joerg Roedel <joro@8bytes.org>
X-Patchwork-Id: 10600623
Return-Path: <owner-linux-mm@kvack.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E358F157B
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Fri, 14 Sep 2018 10:59:25 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B28B32AD30
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Fri, 14 Sep 2018 10:59:25 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id A6B082B4C0; Fri, 14 Sep 2018 10:59:25 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham
	version=3.3.1
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 908AD2B54F
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Fri, 14 Sep 2018 10:59:24 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 2DE938E0002; Fri, 14 Sep 2018 06:59:23 -0400 (EDT)
Delivered-To: linux-mm-outgoing@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 28CCF8E0001; Fri, 14 Sep 2018 06:59:23 -0400 (EDT)
X-Original-To: int-list-linux-mm@kvack.org
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 1A37A8E0002; Fri, 14 Sep 2018 06:59:23 -0400 (EDT)
X-Original-To: linux-mm@kvack.org
X-Delivered-To: linux-mm@kvack.org
Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com
 [209.85.208.71])
	by kanga.kvack.org (Postfix) with ESMTP id B0C9E8E0001
	for <linux-mm@kvack.org>; Fri, 14 Sep 2018 06:59:22 -0400 (EDT)
Received: by mail-ed1-f71.google.com with SMTP id w44-v6so3672997edb.16
        for <linux-mm@kvack.org>; Fri, 14 Sep 2018 03:59:22 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:dkim-signature:from:to:cc:subject:date
         :message-id;
        bh=uq/27Sa6mJVin5DIc2BCqmIrxz1episZ5AmRhZdCaNo=;
        b=pS/gJtcg1ZZNpomCLjr18Gn+COU9Hmc4mQlbKqGpYjTtl7yMjetSjJdkz18WDaBT6s
         DRYqV6Isl4ZnmTJ7lgYOtv1ycsxc7TuNXDG7/b6xW9ByCH3cxx3AJgEF1427xjrLUJgZ
         83UBlb+i8mNYK+VOpt+QPhARE5OqzKDgGFEaH9/RPmK8I/GCTKALli7tDamlMqqcSO1p
         vzPDY/EJek/5qgUz3dcoGg3+PeV1z/h/LvT4w/0QDLdHrs5IFz55GK5sP3EVTheXDsN5
         05gOl8aTI/mISMKAzTjqGqC6/MHZYPkK0fEFhdnqJBhAoeR5q9yqWOZ8SkEa9CKCmwu7
         hMnQ==
X-Gm-Message-State: APzg51BUU/64IfZcDMyonf9dnldB8R0+obpp6WOiXQt5IFe0tfapXrP0
	doXo/dFfOdBQk642ROpRkJkXPe4avk63Sx7ypVJC1vg29yonCVUFlAiP0jsdaf4D1Vm7GTf3KSx
	N7dHh+mWcci6vF448Z2q7gVqwtnMDJkKwgnUd4wGi9FoO29whgtlTbsnlTqhqQ/987Q==
X-Received: by 2002:a50:95a8:: with SMTP id
 w37-v6mr20097686eda.33.1536922762088;
        Fri, 14 Sep 2018 03:59:22 -0700 (PDT)
X-Google-Smtp-Source: 
 ANB0VdY7BxHm1TcMnMQ+B6qFibKhG4cqNGROXfIrcjppw8LzTUA4Itzs0nqn+SXS4iJQVROZfAaJ
X-Received: by 2002:a50:95a8:: with SMTP id
 w37-v6mr20097601eda.33.1536922761334;
        Fri, 14 Sep 2018 03:59:21 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536922761; cv=none;
        d=google.com; s=arc-20160816;
        b=YHC6xw6kZX1+ihztAt1mNkHbfZjcIDnU84zbHaJHBTitvPv57L3OwLHIzkmg8fxqKF
         jt7xo+kQ1EZ+BOYT9Ncfv12fkwFwtgviFMyzBctlQh5F3PdIVVZv3CkrsAl2pOkuRQkH
         7Reg5AuZMDNQElMW4anvtVfV1y83yMh2cM6IDGiJz5bvRozXPGuTrw7I+PEnFwhTgUj5
         3hf1fRHmNzC3/yrQxgd+MVKFJhbQqg0MDg1o9R8zDqq2jpF4N6BcaewCDKeYU9PB+lN7
         mlkuHUWh8ktEcxclxeDSh4M8JloSjXx8wtCXM+WIjHRQW6L309Kv9rjCso8/kLMrSxSc
         axgA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=message-id:date:subject:cc:to:from:dkim-signature;
        bh=uq/27Sa6mJVin5DIc2BCqmIrxz1episZ5AmRhZdCaNo=;
        b=XOlwJig3gDGJ5VfsMaPEDNVwj6V1g0AsICvgAFv99NBgAXsOs6kUBdCjqv+bTRVUOQ
         K5LaIPWDZHpqpNzaegN9YQkTjpZvB2nqUs0XszAXPjd1wKM0FxFUdhzBZRQMTSogQ2se
         Qk10TZGBl1jLu2TaW8mcn/M+kGE1zsGfV9tVhXJHgN8uRaVEMEXHIaML1/9FDsAHNSEe
         L/pqXToLJxqoUTnmcocZkGOBZBp5nIM9NcMVn1pjFq25v63o8ZOpWRO5YrqazIMdLlpk
         ngm2Z+EqP+WyW0E203TV9Nbqiy7JEOuYMef/Xwy2YH9gBsu61Zz75qlLnCMVJ8USb2ng
         toyA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass (test mode) header.i=@8bytes.org header.s=mail-1
 header.b=KxavAfLM;
       spf=pass (google.com: domain of joro@8bytes.org designates
 2a01:238:4383:600:38bc:a715:4b6d:a889 as permitted sender)
 smtp.mailfrom=joro@8bytes.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=8bytes.org
Received: from theia.8bytes.org (8bytes.org.
 [2a01:238:4383:600:38bc:a715:4b6d:a889])
        by mx.google.com with ESMTPS id
 g45-v6si3131475edg.399.2018.09.14.03.59.20
        for <linux-mm@kvack.org>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 14 Sep 2018 03:59:20 -0700 (PDT)
Received-SPF: pass (google.com: domain of joro@8bytes.org designates
 2a01:238:4383:600:38bc:a715:4b6d:a889 as permitted sender)
 client-ip=2a01:238:4383:600:38bc:a715:4b6d:a889;
Authentication-Results: mx.google.com;
       dkim=pass (test mode) header.i=@8bytes.org header.s=mail-1
 header.b=KxavAfLM;
       spf=pass (google.com: domain of joro@8bytes.org designates
 2a01:238:4383:600:38bc:a715:4b6d:a889 as permitted sender)
 smtp.mailfrom=joro@8bytes.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=8bytes.org
Received: by theia.8bytes.org (Postfix, from userid 1000)
	id 7D63B29A; Fri, 14 Sep 2018 12:59:18 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=8bytes.org; s=mail-1;
	t=1536922758; bh=f2Smv6NmC5YJbjNk+TaEFMn7DiWVAfFByoa83dvBI18=;
	h=From:To:Cc:Subject:Date:From;
	b=KxavAfLMSmEas8dsqrBWD3l4KW1WjYwhXcaYBnQwW9aGNxiP0JhaHepHUQUd0ZxMY
	 tyfPqOAqDce6Xkoi/XS6UM3l514fpavEzY4laYer67B8ZbSi5ppeDAmKfDyCecpUHe
	 icOlEEiPdfVk+zktriaRd/D70qjo126jzzjUc0t/y1bDiGQRJyvcTW3CKbc/u3zn2S
	 HaldWgd2B+xwHS1ruYQo6xijjAt0o89tUBHwcW4q8eqc/QkM9TPwSzE3MPkPpnNqkg
	 ZpV+9wEVWtBqMy3IGgfbUHgdGqT8JSEU38JzvL6HbaG3aCWld21pL/2l+/IUSkzY+6
	 R4egziFultvyQ==
From: Joerg Roedel <joro@8bytes.org>
To: Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>
Cc: hpa@zytor.com,
	x86@kernel.org,
	linux-mm@kvack.org,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Andy Lutomirski <luto@kernel.org>,
	Dave Hansen <dave.hansen@intel.com>,
	Borislav Petkov <bp@alien8.de>,
	Andrea Arcangeli <aarcange@redhat.com>,
	Meelis Roos <mroos@linux.ee>,
	Joerg Roedel <jroedel@suse.de>
Subject: [PATCH] Revert "x86/mm/legacy: Populate the user page-table with user
 pgd's"
Date: Fri, 14 Sep 2018 12:59:14 +0200
Message-Id: <1536922754-31379-1-git-send-email-joro@8bytes.org>
X-Mailer: git-send-email 2.7.4
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
X-Virus-Scanned: ClamAV using ClamSMTP

From: Joerg Roedel <jroedel@suse.de>

This reverts commit 1f40a46cf47c12d93a5ad9dccd82bd36ff8f956a.

It turned out that this patch is not sufficient to enable
PTI on 32 bit systems with legacy 2-level page-tables. In
this paging mode the huge-page PTEs are in the top-level
page-table directory, where also the mirroring to the
user-space page-table happens. So every huge PTE exits
twice, in the kernel and in the user page-table.

That means that accessed/dirty bits need to be fetched from
two PTEs in this mode to be safe, but this is not trivial to
implement because it needs changes to generic code just for
the sake of enabling PTI with 32-bit legacy paging. As all
systems that need PTI should support PAE anyway, remove
support for PTI when 32-bit legacy paging is used.

Reported-by: Meelis Roos <mroos@linux.ee>
Fixes: 7757d607c6b3 ('x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32')
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Tested-by: Meelis Roos <mroos@linux.ee>
---
 arch/x86/include/asm/pgtable-2level.h | 9 ---------
 security/Kconfig                      | 2 +-
 2 files changed, 1 insertion(+), 10 deletions(-)

diff --git a/arch/x86/include/asm/pgtable-2level.h b/arch/x86/include/asm/pgtable-2level.h
index 24c6cf5f16b7..60d0f9015317 100644
--- a/arch/x86/include/asm/pgtable-2level.h
+++ b/arch/x86/include/asm/pgtable-2level.h
@@ -19,9 +19,6 @@ static inline void native_set_pte(pte_t *ptep , pte_t pte)
 
 static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd)
 {
-#ifdef CONFIG_PAGE_TABLE_ISOLATION
-	pmd.pud.p4d.pgd = pti_set_user_pgtbl(&pmdp->pud.p4d.pgd, pmd.pud.p4d.pgd);
-#endif
 	*pmdp = pmd;
 }
 
@@ -61,9 +58,6 @@ static inline pte_t native_ptep_get_and_clear(pte_t *xp)
 #ifdef CONFIG_SMP
 static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)
 {
-#ifdef CONFIG_PAGE_TABLE_ISOLATION
-	pti_set_user_pgtbl(&xp->pud.p4d.pgd, __pgd(0));
-#endif
 	return __pmd(xchg((pmdval_t *)xp, 0));
 }
 #else
@@ -73,9 +67,6 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)
 #ifdef CONFIG_SMP
 static inline pud_t native_pudp_get_and_clear(pud_t *xp)
 {
-#ifdef CONFIG_PAGE_TABLE_ISOLATION
-	pti_set_user_pgtbl(&xp->p4d.pgd, __pgd(0));
-#endif
 	return __pud(xchg((pudval_t *)xp, 0));
 }
 #else
diff --git a/security/Kconfig b/security/Kconfig
index 27d8b2688f75..d9aa521b5206 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -57,7 +57,7 @@ config SECURITY_NETWORK
 config PAGE_TABLE_ISOLATION
 	bool "Remove the kernel mapping in user mode"
 	default y
-	depends on X86 && !UML
+	depends on (X86_64 || X86_PAE) && !UML
 	help
 	  This feature reduces the number of hardware side channels by
 	  ensuring that the majority of kernel addresses are not mapped