Re: [PATCH V4 2/7] x86/entry: Switch the stack after error_entry() returns

From: Borislav Petkov
Date: Mon Apr 11 2022 - 05:36:00 EST


On Fri, Mar 18, 2022 at 10:30:11PM +0800, Lai Jiangshan wrote:
> From: Lai Jiangshan <jiangshan.ljs@xxxxxxxxxxxx>
>
> error_entry() calls sync_regs() to settle/copy the pt_regs and switches
> the stack directly after sync_regs(). But error_entry() itself is also
> a function call, the switching has to handle the return address of it
> together, which causes the work complicated and tangly.

together, which causes the work complicated and tangly
Unknown word [tangly] in commit message.

Please restrain yourself when writing commit messages - they're not
write-only but actually for other people to read. It is not friendly to
reviewers to start inventing words and then make me decode your patch
twice:

- once the commit message

- and second time the code

Please use simple and trivial sentences.

> Switching to the stack after error_entry() makes the code simpler and
> intuitive.
>
> The behavior/logic is unchanged:
> 1) (opt) feed fixup_bad_iret() with the pt_regs pushed by ASM code

opt?

> 2) (opt) fixup_bad_iret() moves the partial pt_regs up
> 3) feed sync_regs() with the pt_regs pushed by ASM code or returned
> by fixup_bad_iret()
> 4) sync_regs() copies the whole pt_regs to kernel stack if needed
> 5) after error_entry() and switching %rsp, it is in kernel stack with
> the pt_regs
>
> Changes only in calling:
> Old code switches to copied pt_regs immediately twice in
> error_entry() while new code switches to the copied pt_regs only
> once after error_entry() returns.
> It is correct since sync_regs() doesn't need to be called close
> to the pt_regs it handles.
>
> Old code stashes the return-address of error_entry() in a scratch
> register and new code doesn't stash it.
> It relies on the fact that fixup_bad_iret() and sync_regs() don't
> corrupt the return-address of error_entry() on the stack. But even
> the old code also relies on the fact that fixup_bad_iret() and
> sync_regs() don't corrupt the return-address of themselves.
> They are the same reliances and are assured.

This whole paragraph sounds like unneeded rambling. You need to remain
on the subject in your commit messages. Sounds to me like you need to
read the "Changelog" section here:

Documentation/process/maintainer-tip.rst

> After this change, error_entry() will not do fancy things with the stack
> except when in the prolog which will be fixed in the next patch ("move
> PUSH_AND_CLEAR_REGS out of error_entry"). This patch and the next patch

"This patch" is tautology, as already said.

There's no "next patch" in git.

> can't be swapped because the next patch relies on this patch's stopping
> fiddling with the return-address of error_entry(), otherwise the objtool
> would complain.

If that is the case, then those two should me merged into one!

> Signed-off-by: Lai Jiangshan <jiangshan.ljs@xxxxxxxxxxxx>
> ---
> arch/x86/entry/entry_64.S | 16 ++++++----------
> 1 file changed, 6 insertions(+), 10 deletions(-)
>
> diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
> index e9d896717ab4..8eff3e6b1687 100644
> --- a/arch/x86/entry/entry_64.S
> +++ b/arch/x86/entry/entry_64.S
> @@ -326,6 +326,8 @@ SYM_CODE_END(ret_from_fork)
> .macro idtentry_body cfunc has_error_code:req
>
> call error_entry
> + movq %rax, %rsp /* switch stack settled by sync_regs() */

"settled" doesn't fit here, try again.

> + ENCODE_FRAME_POINTER
> UNWIND_HINT_REGS
>
> movq %rsp, %rdi /* pt_regs pointer into 1st argument*/

...

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette