Unverified Commit b53643e6 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!3695 x86: Add x86 related kabi reservations 

Merge Pull Request from: @x56Jason 
 
# Description
Some x86 data structures such as struct cpuinfo_x86, struct fpu, etc. 
need to reserve kabi fields for later kabi compatibility.

Intel LAM (Linear Address Masking) added several fields in struct
mm_context_t, but it is disabled for now. It is possible there are
further code change in this data structure such as LAM KVM support.
So here we reserve KABI fields for mm_context_t. Meanwhile, the
'vdso_image' pointer in mm_context_t is also a field that possibly
have code change, but more related to kernel core itself. Out-of-tree
drivers usually don't rely on this field to work properly. So we also
mark this field KABI_EXCLUDE.

The field 'fpu' pointer in struct thread_struct is mostly the same
reason to KABI_EXCLUDE. Intel future AVX10 new features may have code
change in 'struct fpu', while out-of-tree drivers usually don't rely
on fpu internal states.

Recently we see a lot of CVEs which have code change in struct
cpuinfo_x86. So it is worth to reserve more fields/facilities in this
critical data structure.

These KABI reservations are also seen in RHEL-9.3 and SLES-15sp5.

# Issue
#I8SMQ1

# Test
- build and boot success
- Run x86 kernel self Test (make -C tools/testing/selftests TARGETS=x86 run_tests)
    - All pass except LAM/Shadow-Stack which not enabled and also SKIPed on baseline

# Default Config Change
N/A 

 
 
Link:https://gitee.com/openeuler/kernel/pulls/3695

 

Reviewed-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
Reviewed-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parents 67b6657b 79ace031

arch/x86/include/asm/apic.h

+4 −0
Original line number Diff line number Diff line
@@ -245,6 +245,9 @@ extern void __init check_x2apic(void); 


struct irq_data;



struct apic_resvd {

};



/*

 * Copyright 2004 James Cleverdon, IBM.

 *
@@ -308,6 +311,7 @@ struct apic { 
	int	(*wakeup_secondary_cpu_64)(int apicid, unsigned long start_eip);



	char	*name;

	KABI_AUX_EMBED(apic)

};



struct apic_override {

arch/x86/include/asm/mmu.h

+5 −1
Original line number Diff line number Diff line
@@ -17,6 +17,9 @@ 
/* Allow LAM and SVA coexisting */

#define MM_CONTEXT_FORCE_TAGGED_SVA	3



struct mm_context_resvd {

};



/*

 * x86 has arch-specific MMU state beyond what lives in mm_struct.

 */
@@ -56,7 +59,7 @@ typedef struct { 


	struct mutex lock;

	void __user *vdso;			/* vdso base address */

	const struct vdso_image *vdso_image;	/* vdso image in use */

	KABI_EXCLUDE(const struct vdso_image *vdso_image)	/* vdso image in use */



	atomic_t perf_rdpmc_allowed;	/* nonzero if rdpmc is allowed */

#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
@@ -67,6 +70,7 @@ typedef struct { 
	u16 pkey_allocation_map;

	s16 execute_only_pkey;

#endif

	KABI_AUX_EMBED(mm_context)

} mm_context_t;



#define INIT_MM_CONTEXT(mm)						\

arch/x86/include/asm/processor.h

+11 −1
Original line number Diff line number Diff line
@@ -38,6 +38,8 @@ struct vm86; 
#include <linux/irqflags.h>

#include <linux/mem_encrypt.h>



#include <linux/kabi.h>



/*

 * We handle most unaligned accesses in hardware.  On the other hand

 * unaligned DMA can be quite expensive on some Nehalem processors.
@@ -74,6 +76,9 @@ extern u16 __read_mostly tlb_lld_2m[NR_INFO]; 
extern u16 __read_mostly tlb_lld_4m[NR_INFO];

extern u16 __read_mostly tlb_lld_1g[NR_INFO];



struct cpuinfo_x86_resvd {

};



/*

 *  CPU type and hardware bug flags. Kept separately for each CPU.

 *  Members of this structure are referenced in head_32.S, so think twice
@@ -146,6 +151,11 @@ struct cpuinfo_x86 { 
	/* Address space bits used by the cache internally */

	u8			x86_cache_bits;

	unsigned		initialized : 1;

	KABI_RESERVE(1)

	KABI_RESERVE(2)

	KABI_RESERVE(3)

	KABI_RESERVE(4)

	KABI_AUX_EMBED(cpuinfo_x86)

} __randomize_layout;



#define X86_VENDOR_INTEL	0
@@ -483,7 +493,7 @@ struct thread_struct { 
#endif



	/* Floating point and extended processor state */

	struct fpu		fpu;

	KABI_EXCLUDE(struct fpu		fpu)

	/*

	 * WARNING: 'fpu' is dynamically-sized.  It *MUST* be at

	 * the end.

arch/x86/include/asm/smp.h

+4 −0
Original line number Diff line number Diff line
@@ -25,6 +25,9 @@ DECLARE_EARLY_PER_CPU_READ_MOSTLY(u32, x86_cpu_to_acpiid); 


struct task_struct;



struct smp_ops_resvd {

};



struct smp_ops {

	void (*smp_prepare_boot_cpu)(void);

	void (*smp_prepare_cpus)(unsigned max_cpus);
@@ -43,6 +46,7 @@ struct smp_ops { 


	void (*send_call_func_ipi)(const struct cpumask *mask);

	void (*send_call_func_single_ipi)(int cpu);

	KABI_AUX_EMBED(smp_ops)

};



/* Globals due to paravirt */

include/linux/sched/signal.h

+2 −0
Original line number Diff line number Diff line
@@ -14,6 +14,8 @@ 
#include <asm/ptrace.h>

#include <linux/kabi.h>



#include <linux/kabi.h>



/*

 * Types defining task->signal and task->sighand and APIs using them:

 */