Re: [PATCH V2 01/41] x86/entry: Fix swapgs fence

[Lai Jiangshan]

On 2021/9/27 09:10, Lai Jiangshan wrote:

> > This change is wrong.
> >
> > In the paranoid entry path even if user GS base is set then the entry
> > does not necessarily come from user space so there is no guarantee that
> > there was a CR3 write on PTI enabled systems before the SWAPGS.
> >
> > FENCE_SWAPGS_USER_ENTRY does not emit a LFENCE when PTI is enabled, so
> > both the comment and FENCE_SWAPGS_KERNEL_ENTRY which emits LFENCE on
> > affected CPUs unconditionaly are correct. Though the comment could do
> > with some polishing to make this entirely clear.
>
>
> I didn't notice FENCE_SWAPGS_USER_ENTRY depends on PTI.

The commit c75890700455 ("x86/entry/64: Remove unneeded kernel CR3 switching")
( https://lore.kernel.org/all/20200419144049.1906-2-laijs@xxxxxxxxxxxxxxxxx/ )
also made it wrong.

When the SWITCH_TO_KERNEL_CR3 in the path is removed, FENCE_SWAPGS_USER_ENTRY
should also be changed to FENCE_SWAPGS_KERNEL_ENTRY. (Or just jmp to
.Lerror_entry_done_lfence which has FENCE_SWAPGS_KERNEL_ENTRY already.)

And FENCE_SWAPGS_USER_ENTRY could be documented with "it should be followed with
serializing operations such as SWITCH_TO_KERNEL_CR3".  Or we can add a
SWAPGS_AND_SWITCH_TO_KERNEL_CR3 to combine them.

I will fix it in v3. (Or should I do it separately before v3?)

Sorry for my fault.
Lai

> I will add FENCE_SWAPGS_KERNEL_ENTRY only on the kernel path.
>
> Thanks
> Lai