Commit ab851d49 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'x86-iopl-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 

Pull x86 iopl updates from Ingo Molnar:
 "This implements a nice simplification of the iopl and ioperm code that
  Thomas Gleixner discovered: we can implement the IO privilege features
  of the iopl system call by using the IO permission bitmap in
  permissive mode, while trapping CLI/STI/POPF/PUSHF uses in user-space
  if they change the interrupt flag.

  This implements that feature, with testing facilities and related
  cleanups"

[ "Simplification" may be an over-statement. The main goal is to avoid
  the cli/sti of iopl by effectively implementing the IO port access
  parts of iopl in terms of ioperm.

  This may end up not workign well in case people actually depend on
  cli/sti being available, or if there are mixed uses of iopl and
  ioperm. We will see..       - Linus ]

* 'x86-iopl-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (22 commits)
  x86/ioperm: Fix use of deprecated config option
  x86/entry/32: Clarify register saving in __switch_to_asm()
  selftests/x86/iopl: Extend test to cover IOPL emulation
  x86/ioperm: Extend IOPL config to control ioperm() as well
  x86/iopl: Remove legacy IOPL option
  x86/iopl: Restrict iopl() permission scope
  x86/iopl: Fixup misleading comment
  selftests/x86/ioperm: Extend testing so the shared bitmap is exercised
  x86/ioperm: Share I/O bitmap if identical
  x86/ioperm: Remove bitmap if all permissions dropped
  x86/ioperm: Move TSS bitmap update to exit to user work
  x86/ioperm: Add bitmap sequence number
  x86/ioperm: Move iobitmap data into a struct
  x86/tss: Move I/O bitmap data into a seperate struct
  x86/io: Speedup schedule out of I/O bitmap user
  x86/ioperm: Avoid bitmap allocation if no permissions are set
  x86/ioperm: Simplify first ioperm() invocation logic
  x86/iopl: Cleanup include maze
  x86/tss: Fix and move VMX BUILD_BUG_ON()
  x86/cpu: Unify cpu_init()
  ...
parents 1d872004 e3cb0c71

arch/x86/Kconfig

+18 −0
Original line number Diff line number Diff line
@@ -1224,6 +1224,24 @@ config X86_VSYSCALL_EMULATION 
	 Disabling this option saves about 7K of kernel size and

	 possibly 4K of additional runtime pagetable memory.



config X86_IOPL_IOPERM

	bool "IOPERM and IOPL Emulation"

	default y

	---help---

	  This enables the ioperm() and iopl() syscalls which are necessary

	  for legacy applications.



	  Legacy IOPL support is an overbroad mechanism which allows user

	  space aside of accessing all 65536 I/O ports also to disable

	  interrupts. To gain this access the caller needs CAP_SYS_RAWIO

	  capabilities and permission from potentially active security

	  modules.



	  The emulation restricts the functionality of the syscall to

	  only allowing the full range I/O port access, but prevents the

	  ability to disable interrupts from user space which would be

	  granted if the hardware IOPL mechanism would be used.



config TOSHIBA

	tristate "Toshiba Laptop support"

	depends on X86_32

arch/x86/entry/common.c

+4 −0
Original line number Diff line number Diff line
@@ -33,6 +33,7 @@ 
#include <asm/cpufeature.h>

#include <asm/fpu/api.h>

#include <asm/nospec-branch.h>

#include <asm/io_bitmap.h>



#define CREATE_TRACE_POINTS

#include <trace/events/syscalls.h>
@@ -196,6 +197,9 @@ __visible inline void prepare_exit_to_usermode(struct pt_regs *regs) 
	/* Reload ti->flags; we may have rescheduled above. */

	cached_flags = READ_ONCE(ti->flags);



	if (unlikely(cached_flags & _TIF_IO_BITMAP))

		tss_update_io_bitmap();



	fpregs_assert_state_consistent();

	if (unlikely(cached_flags & _TIF_NEED_FPU_LOAD))

		switch_fpu_return();

arch/x86/entry/entry_32.S

+7 −1
Original line number Diff line number Diff line
@@ -739,6 +739,11 @@ SYM_CODE_START(__switch_to_asm) 
	pushl	%ebx

	pushl	%edi

	pushl	%esi

	/*

	 * Flags are saved to prevent AC leakage. This could go

	 * away if objtool would have 32bit support to verify

	 * the STAC/CLAC correctness.

	 */

	pushfl



	/* switch stack */
@@ -761,8 +766,9 @@ SYM_CODE_START(__switch_to_asm) 
	FILL_RETURN_BUFFER %ebx, RSB_CLEAR_LOOPS, X86_FEATURE_RSB_CTXSW

#endif



	/* restore callee-saved registers */

	/* Restore flags or the incoming task to restore AC state. */

	popfl

	/* restore callee-saved registers */

	popl	%esi

	popl	%edi

	popl	%ebx

arch/x86/include/asm/io_bitmap.h

0 → 100644
+29 −0
Original line number Diff line number Diff line 
/* SPDX-License-Identifier: GPL-2.0 */

#ifndef _ASM_X86_IOBITMAP_H

#define _ASM_X86_IOBITMAP_H



#include <linux/refcount.h>

#include <asm/processor.h>



struct io_bitmap {

	u64		sequence;

	refcount_t	refcnt;

	/* The maximum number of bytes to copy so all zero bits are covered */

	unsigned int	max;

	unsigned long	bitmap[IO_BITMAP_LONGS];

};



struct task_struct;



#ifdef CONFIG_X86_IOPL_IOPERM

void io_bitmap_share(struct task_struct *tsk);

void io_bitmap_exit(void);



void tss_update_io_bitmap(void);

#else

static inline void io_bitmap_share(struct task_struct *tsk) { }

static inline void io_bitmap_exit(void) { }

static inline void tss_update_io_bitmap(void) { }

#endif



#endif

arch/x86/include/asm/paravirt.h

+0 −4
Original line number Diff line number Diff line
@@ -294,10 +294,6 @@ static inline void write_idt_entry(gate_desc *dt, int entry, const gate_desc *g) 
{

	PVOP_VCALL3(cpu.write_idt_entry, dt, entry, g);

}

static inline void set_iopl_mask(unsigned mask)

{

	PVOP_VCALL1(cpu.set_iopl_mask, mask);

}



static inline void paravirt_activate_mm(struct mm_struct *prev,

					struct mm_struct *next)

CRA Git | Maintained and supported by SUSTech CRA and CCSE