mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-12-28 07:04:00 +08:00
c482feefe1
The TSS is a fairly juicy target for exploits, and, now that the TSS is in the cpu_entry_area, it's no longer protected by kASLR. Make it read-only on x86_64. On x86_32, it can't be RO because it's written by the CPU during task switches, and we use a task gate for double faults. I'd also be nervous about errata if we tried to make it RO even on configurations without double fault handling. [ tglx: AMD confirmed that there is no problem on 64-bit with TSS RO. So it's probably safe to assume that it's a non issue, though Intel might have been creative in that area. Still waiting for confirmation. ] Signed-off-by: Andy Lutomirski <luto@kernel.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Borislav Petkov <bpetkov@suse.de> Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com> Cc: Borislav Petkov <bp@alien8.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: David Laight <David.Laight@aculab.com> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: Eduardo Valentin <eduval@amazon.com> Cc: Greg KH <gregkh@linuxfoundation.org> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Juergen Gross <jgross@suse.com> Cc: Kees Cook <keescook@chromium.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Rik van Riel <riel@redhat.com> Cc: Will Deacon <will.deacon@arm.com> Cc: aliguori@amazon.com Cc: daniel.gruss@iaik.tugraz.at Cc: hughd@google.com Cc: keescook@google.com Link: https://lkml.kernel.org/r/20171204150606.733700132@linutronix.de Signed-off-by: Ingo Molnar <mingo@kernel.org>
190 lines
4.0 KiB
C
190 lines
4.0 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* Precise Delay Loops for i386
|
|
*
|
|
* Copyright (C) 1993 Linus Torvalds
|
|
* Copyright (C) 1997 Martin Mares <mj@atrey.karlin.mff.cuni.cz>
|
|
* Copyright (C) 2008 Jiri Hladky <hladky _dot_ jiri _at_ gmail _dot_ com>
|
|
*
|
|
* The __delay function must _NOT_ be inlined as its execution time
|
|
* depends wildly on alignment on many x86 processors. The additional
|
|
* jump magic is needed to get the timing stable on all the CPU's
|
|
* we have to worry about.
|
|
*/
|
|
|
|
#include <linux/export.h>
|
|
#include <linux/sched.h>
|
|
#include <linux/timex.h>
|
|
#include <linux/preempt.h>
|
|
#include <linux/delay.h>
|
|
|
|
#include <asm/processor.h>
|
|
#include <asm/delay.h>
|
|
#include <asm/timer.h>
|
|
#include <asm/mwait.h>
|
|
|
|
#ifdef CONFIG_SMP
|
|
# include <asm/smp.h>
|
|
#endif
|
|
|
|
/* simple loop based delay: */
|
|
static void delay_loop(unsigned long loops)
|
|
{
|
|
asm volatile(
|
|
" test %0,%0 \n"
|
|
" jz 3f \n"
|
|
" jmp 1f \n"
|
|
|
|
".align 16 \n"
|
|
"1: jmp 2f \n"
|
|
|
|
".align 16 \n"
|
|
"2: dec %0 \n"
|
|
" jnz 2b \n"
|
|
"3: dec %0 \n"
|
|
|
|
: /* we don't need output */
|
|
:"a" (loops)
|
|
);
|
|
}
|
|
|
|
/* TSC based delay: */
|
|
static void delay_tsc(unsigned long __loops)
|
|
{
|
|
u64 bclock, now, loops = __loops;
|
|
int cpu;
|
|
|
|
preempt_disable();
|
|
cpu = smp_processor_id();
|
|
bclock = rdtsc_ordered();
|
|
for (;;) {
|
|
now = rdtsc_ordered();
|
|
if ((now - bclock) >= loops)
|
|
break;
|
|
|
|
/* Allow RT tasks to run */
|
|
preempt_enable();
|
|
rep_nop();
|
|
preempt_disable();
|
|
|
|
/*
|
|
* It is possible that we moved to another CPU, and
|
|
* since TSC's are per-cpu we need to calculate
|
|
* that. The delay must guarantee that we wait "at
|
|
* least" the amount of time. Being moved to another
|
|
* CPU could make the wait longer but we just need to
|
|
* make sure we waited long enough. Rebalance the
|
|
* counter for this CPU.
|
|
*/
|
|
if (unlikely(cpu != smp_processor_id())) {
|
|
loops -= (now - bclock);
|
|
cpu = smp_processor_id();
|
|
bclock = rdtsc_ordered();
|
|
}
|
|
}
|
|
preempt_enable();
|
|
}
|
|
|
|
/*
|
|
* On some AMD platforms, MWAITX has a configurable 32-bit timer, that
|
|
* counts with TSC frequency. The input value is the loop of the
|
|
* counter, it will exit when the timer expires.
|
|
*/
|
|
static void delay_mwaitx(unsigned long __loops)
|
|
{
|
|
u64 start, end, delay, loops = __loops;
|
|
|
|
/*
|
|
* Timer value of 0 causes MWAITX to wait indefinitely, unless there
|
|
* is a store on the memory monitored by MONITORX.
|
|
*/
|
|
if (loops == 0)
|
|
return;
|
|
|
|
start = rdtsc_ordered();
|
|
|
|
for (;;) {
|
|
delay = min_t(u64, MWAITX_MAX_LOOPS, loops);
|
|
|
|
/*
|
|
* Use cpu_tss_rw as a cacheline-aligned, seldomly
|
|
* accessed per-cpu variable as the monitor target.
|
|
*/
|
|
__monitorx(raw_cpu_ptr(&cpu_tss_rw), 0, 0);
|
|
|
|
/*
|
|
* AMD, like Intel, supports the EAX hint and EAX=0xf
|
|
* means, do not enter any deep C-state and we use it
|
|
* here in delay() to minimize wakeup latency.
|
|
*/
|
|
__mwaitx(MWAITX_DISABLE_CSTATES, delay, MWAITX_ECX_TIMER_ENABLE);
|
|
|
|
end = rdtsc_ordered();
|
|
|
|
if (loops <= end - start)
|
|
break;
|
|
|
|
loops -= end - start;
|
|
|
|
start = end;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Since we calibrate only once at boot, this
|
|
* function should be set once at boot and not changed
|
|
*/
|
|
static void (*delay_fn)(unsigned long) = delay_loop;
|
|
|
|
void use_tsc_delay(void)
|
|
{
|
|
if (delay_fn == delay_loop)
|
|
delay_fn = delay_tsc;
|
|
}
|
|
|
|
void use_mwaitx_delay(void)
|
|
{
|
|
delay_fn = delay_mwaitx;
|
|
}
|
|
|
|
int read_current_timer(unsigned long *timer_val)
|
|
{
|
|
if (delay_fn == delay_tsc) {
|
|
*timer_val = rdtsc();
|
|
return 0;
|
|
}
|
|
return -1;
|
|
}
|
|
|
|
void __delay(unsigned long loops)
|
|
{
|
|
delay_fn(loops);
|
|
}
|
|
EXPORT_SYMBOL(__delay);
|
|
|
|
inline void __const_udelay(unsigned long xloops)
|
|
{
|
|
unsigned long lpj = this_cpu_read(cpu_info.loops_per_jiffy) ? : loops_per_jiffy;
|
|
int d0;
|
|
|
|
xloops *= 4;
|
|
asm("mull %%edx"
|
|
:"=d" (xloops), "=&a" (d0)
|
|
:"1" (xloops), "0" (lpj * (HZ / 4)));
|
|
|
|
__delay(++xloops);
|
|
}
|
|
EXPORT_SYMBOL(__const_udelay);
|
|
|
|
void __udelay(unsigned long usecs)
|
|
{
|
|
__const_udelay(usecs * 0x000010c7); /* 2**32 / 1000000 (rounded up) */
|
|
}
|
|
EXPORT_SYMBOL(__udelay);
|
|
|
|
void __ndelay(unsigned long nsecs)
|
|
{
|
|
__const_udelay(nsecs * 0x00005); /* 2**32 / 1000000000 (rounded up) */
|
|
}
|
|
EXPORT_SYMBOL(__ndelay);
|