Re: [PATCH v2 07/39] x86/cet: Add user control-protection fault handler

From: Edgecombe, Rick P
Date: Mon Oct 03 2022 - 19:12:04 EST


On Mon, 2022-10-03 at 15:51 -0700, Andy Lutomirski wrote:
> On 9/29/22 15:29, Rick Edgecombe wrote:
> > From: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx>
> >
> > +static void do_user_control_protection_fault(struct pt_regs *regs,
> > + unsigned long
> > error_code)
> > {
> > - if (!cpu_feature_enabled(X86_FEATURE_IBT)) {
> > - pr_err("Unexpected #CP\n");
> > - BUG();
> > + struct task_struct *tsk;
> > + unsigned long ssp;
> > +
> > + /* Read SSP before enabling interrupts. */
> > + rdmsrl(MSR_IA32_PL3_SSP, ssp); > +
> > + cond_local_irq_enable(regs);
>
> I feel like I'm missing something. Either PL3_SSL is context
> switched
> correctly and reading it with IRQs off is useless, or it's not
> context
> switched, and I'm very confused.
>
> Please either improve the comment or move it after the
> cond_local_irq_enable().

The thinking was, we were just in userspace and we took a #CP. Since we
were in userspace, we had a live SSP. After we re-enable interrupts we
could get scheduled and it would be in the xsave buffer. So we can grab
it for free now, otherwise we would have to force restore it and read
it after we re-enable interrupts.

I can clarify the comments, unless there is something wrong with that
reasoning.