Re: [patch V9 00/39] x86/entry: Rework leftovers (was part V)
From: Andrew Cooper
Date: Fri May 22 2020 - 03:36:34 EST
On 21/05/2020 21:05, Thomas Gleixner wrote:
> Folks!
>
> This is V9 of the rework series. V7 and V8 were never posted but I used the
> version numbers for tags while fixing up 0day complaints. The last posted
> version was V6 which can be found here:
>
> https://lore.kernel.org/r/20200515234547.710474468@xxxxxxxxxxxxx
>
> The V9 leftover series is based on:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git x86/entry
>
> That branch contains the merged part 1-4 of the original 5 part series.
>
> V9 has the following changes vs. V6:
>
> - Rebase on tip x86/entry
Apologies for opening a related can of worms.
The new debug_enter() has propagated a pre-existing issue forward,
ultimately caused by bad advice in the SDM.
Because the RTM status bit in DR6 has inverted polarity, writing DR6 to
0 causes RTM to appear asserted to any logic which cares, despite RTM
debugging not being enabled. The same is true in principle for what is
handed to userspace via u_debugreg[DR_STATUS].
On the subject of DR6, the SDM now reads:
"Certain debug exceptions may clear bits 0-3. The remaining contents of
the DR6 register are never cleared by the processor. To avoid confusion
in identifying debug exceptions, debug handlers should clear the
register (except bit 16, which they should set) before returning to the
interrupted task."
First of all, that should read "are never de-asserted by the processor"
rather than "cleared", but the advice has still failed to learn from its
first mistake. The forward-compatible way to fix this is to set
DR6_DEFAULT (0xffff0ff0) which also covers future inverted polarity bits.
As for what to do about userspace, that is harder. One approach is to
express everything in terms of positive polarity (i.e. pass on dr6 ^
DR6_DEFAULT), so DR6_RTM only appears set when RTM debugging is
enabled. This approach is already taken with the VMCS PENDING_DBG
field, so there is at least previous form.
I realise that "do nothing" might be acceptable at this point, given the
lack of support for RTM debugging.
Thanks,
~Andrew