Re: [PATCHv6 07/16] x86/vsyscall: Reorganize the #PF emulation code

From: Andrew Cooper
Date: Fri Jun 20 2025 - 19:29:58 EST

Next message: Edgecombe, Rick P: "Re: [PATCH V4 1/1] KVM: TDX: Add sub-ioctl KVM_TDX_TERMINATE_VM"
Previous message: H. Peter Anvin: "Re: [PATCH v7 02/10] x86/fred: Pass event data to the NMI entry point from KVM"
In reply to: Sohil Mehta: "Re: [PATCHv6 07/16] x86/vsyscall: Reorganize the #PF emulation code"
Next in thread: Dave Hansen: "Re: [PATCHv6 07/16] x86/vsyscall: Reorganize the #PF emulation code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 21/06/2025 12:18 am, Sohil Mehta wrote:
> On 6/20/2025 4:08 PM, Andrew Cooper wrote:
>>> But, the resulting code is wonky. It needs to do something more like this:
>>>
>>> if ((error_code & (X86_PF_WRITE | X86_PF_USER)) != X86_PF_USER)
>>> return false;
>>>
>>> if (error_code & X86_PF_INSTR))
>>> return __emulate_vsyscall(regs, address);
>> To do this, LASS needs a proper interlink against NX || SMEP.
>>
>> If neither NX nor SMEP are active, the CPU does not report X86_PF_INSTR,
>> meaning that fetches are reported as plain reads.
>>
>> This leads to some fun corner cases in SMAP and now LASS too for virt.
> Maybe I am missing something, but LASS works pre-paging so it wouldn't
> generate a PF, right?

Oh right, yes. This is a preexisting bug in vsyscall #PF handling.

It simply became obvious with Dave's suggested rearrangement.

~Andrew

Next message: Edgecombe, Rick P: "Re: [PATCH V4 1/1] KVM: TDX: Add sub-ioctl KVM_TDX_TERMINATE_VM"
Previous message: H. Peter Anvin: "Re: [PATCH v7 02/10] x86/fred: Pass event data to the NMI entry point from KVM"
In reply to: Sohil Mehta: "Re: [PATCHv6 07/16] x86/vsyscall: Reorganize the #PF emulation code"
Next in thread: Dave Hansen: "Re: [PATCHv6 07/16] x86/vsyscall: Reorganize the #PF emulation code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]