| Message ID | 20180830125239.16775-1-juergh@canonical.com |
|---|---|
| Headers | show |
| Series | Follow-up fixes for CVE-2018-3620/CVE-2018-3646 | expand |
On 30.08.2018 14:52, Juerg Haefliger wrote: > Turns out that the problem with L1TF and NUMA balancing isn't the aliasing of > _PAGE_NUMA and _PAGE_PROTNONE but the following two issues: > > 1) 3.13 defines NUMA page table operations like pte_mknuma, pmd_mknuma and > such, that manipulate NUMA hinting PTEs. These need to be protected > against speculation just like the PROT_NONE PTEs, for example. > Fix that by adding x86 specific NUMA page table operations. > > 2) Commit "x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation" > modified pud_pfn() and pmd_pfn() to do the PFN bits inversion using > pmd_pfn_mask() and pud_pfn_mask() helpers to only invert the relevant part > of the PUD/PMD. 3.13 doesn't have these masking helpers and the backport of > using PTE_PFN_MASK instead was incorrect. > Fix that by backporting the commits that introduce the mask helpers. > > Compile tested all supported architectures. Ran stress and boot tests both > on a physical NUMA machine and a NUMA (and non-NUMA) VM. > > Colin also ran some extended tests on real NUMA HW and reported no problems. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > > > Cyrill Gorcunov (1): > mm: x86 pgtable: drop unneeded preprocessor ifdef > > Juerg Haefliger (2): > UBUNTU: SAUCE: x86/speculation/l1tf: Protect NUMA hinting PTEs against > speculation > Revert "UBUNTU: [Config] disable NUMA_BALANCING" > > Kirill A. Shutemov (1): > x86/mm: Fix regression with huge pages on PAE > > Toshi Kani (3): > x86/asm: Move PUD_PAGE macros to page_types.h > x86/asm: Add pud/pmd mask interfaces to handle large PAT bit > x86/asm: Fix pud/pmd interfaces to handle large PAT bit > > arch/x86/boot/boot.h | 1 - > arch/x86/boot/video-mode.c | 2 + > arch/x86/boot/video.c | 2 + > arch/x86/include/asm/page_64_types.h | 3 - > arch/x86/include/asm/page_types.h | 4 +- > arch/x86/include/asm/pgtable-2level.h | 10 ---- > arch/x86/include/asm/pgtable.h | 69 +++++++++++++++++++++-- > arch/x86/include/asm/pgtable_64.h | 21 +++++-- > arch/x86/include/asm/pgtable_types.h | 34 +++++++++-- > arch/x86/include/asm/x86_init.h | 1 - > debian.master/config/config.common.ubuntu | 4 +- > 11 files changed, 119 insertions(+), 32 deletions(-) > Appears sensible and also good testing on NUMA box. Just one general note related to follow-up submission. Not sure about others but in my workflow using Thunderbird, a v2 submission is more visible if it starts a new thread. Acked-by: Stefan Bader <stefan.bader@canonical.com>
On 08/30/18 14:52, Juerg Haefliger wrote: > Turns out that the problem with L1TF and NUMA balancing isn't the aliasing of > _PAGE_NUMA and _PAGE_PROTNONE but the following two issues: > > 1) 3.13 defines NUMA page table operations like pte_mknuma, pmd_mknuma and > such, that manipulate NUMA hinting PTEs. These need to be protected > against speculation just like the PROT_NONE PTEs, for example. > Fix that by adding x86 specific NUMA page table operations. > > 2) Commit "x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation" > modified pud_pfn() and pmd_pfn() to do the PFN bits inversion using > pmd_pfn_mask() and pud_pfn_mask() helpers to only invert the relevant part > of the PUD/PMD. 3.13 doesn't have these masking helpers and the backport of > using PTE_PFN_MASK instead was incorrect. > Fix that by backporting the commits that introduce the mask helpers. > > Compile tested all supported architectures. Ran stress and boot tests both > on a physical NUMA machine and a NUMA (and non-NUMA) VM. > > Colin also ran some extended tests on real NUMA HW and reported no problems. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> > > > Cyrill Gorcunov (1): > mm: x86 pgtable: drop unneeded preprocessor ifdef > > Juerg Haefliger (2): > UBUNTU: SAUCE: x86/speculation/l1tf: Protect NUMA hinting PTEs against > speculation > Revert "UBUNTU: [Config] disable NUMA_BALANCING" > > Kirill A. Shutemov (1): > x86/mm: Fix regression with huge pages on PAE > > Toshi Kani (3): > x86/asm: Move PUD_PAGE macros to page_types.h > x86/asm: Add pud/pmd mask interfaces to handle large PAT bit > x86/asm: Fix pud/pmd interfaces to handle large PAT bit > > arch/x86/boot/boot.h | 1 - > arch/x86/boot/video-mode.c | 2 + > arch/x86/boot/video.c | 2 + > arch/x86/include/asm/page_64_types.h | 3 - > arch/x86/include/asm/page_types.h | 4 +- > arch/x86/include/asm/pgtable-2level.h | 10 ---- > arch/x86/include/asm/pgtable.h | 69 +++++++++++++++++++++-- > arch/x86/include/asm/pgtable_64.h | 21 +++++-- > arch/x86/include/asm/pgtable_types.h | 34 +++++++++-- > arch/x86/include/asm/x86_init.h | 1 - > debian.master/config/config.common.ubuntu | 4 +- > 11 files changed, 119 insertions(+), 32 deletions(-) >
On 08/30/18 14:52, Juerg Haefliger wrote: > Turns out that the problem with L1TF and NUMA balancing isn't the aliasing of > _PAGE_NUMA and _PAGE_PROTNONE but the following two issues: > > 1) 3.13 defines NUMA page table operations like pte_mknuma, pmd_mknuma and > such, that manipulate NUMA hinting PTEs. These need to be protected > against speculation just like the PROT_NONE PTEs, for example. > Fix that by adding x86 specific NUMA page table operations. > > 2) Commit "x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation" > modified pud_pfn() and pmd_pfn() to do the PFN bits inversion using > pmd_pfn_mask() and pud_pfn_mask() helpers to only invert the relevant part > of the PUD/PMD. 3.13 doesn't have these masking helpers and the backport of > using PTE_PFN_MASK instead was incorrect. > Fix that by backporting the commits that introduce the mask helpers. > > Compile tested all supported architectures. Ran stress and boot tests both > on a physical NUMA machine and a NUMA (and non-NUMA) VM. > > Colin also ran some extended tests on real NUMA HW and reported no problems. > > Signed-off-by: Juerg Haefliger <juergh@canonical.com> > > > Cyrill Gorcunov (1): > mm: x86 pgtable: drop unneeded preprocessor ifdef > > Juerg Haefliger (2): > UBUNTU: SAUCE: x86/speculation/l1tf: Protect NUMA hinting PTEs against > speculation > Revert "UBUNTU: [Config] disable NUMA_BALANCING" > > Kirill A. Shutemov (1): > x86/mm: Fix regression with huge pages on PAE > > Toshi Kani (3): > x86/asm: Move PUD_PAGE macros to page_types.h > x86/asm: Add pud/pmd mask interfaces to handle large PAT bit > x86/asm: Fix pud/pmd interfaces to handle large PAT bit > > arch/x86/boot/boot.h | 1 - > arch/x86/boot/video-mode.c | 2 + > arch/x86/boot/video.c | 2 + > arch/x86/include/asm/page_64_types.h | 3 - > arch/x86/include/asm/page_types.h | 4 +- > arch/x86/include/asm/pgtable-2level.h | 10 ---- > arch/x86/include/asm/pgtable.h | 69 +++++++++++++++++++++-- > arch/x86/include/asm/pgtable_64.h | 21 +++++-- > arch/x86/include/asm/pgtable_types.h | 34 +++++++++-- > arch/x86/include/asm/x86_init.h | 1 - > debian.master/config/config.common.ubuntu | 4 +- > 11 files changed, 119 insertions(+), 32 deletions(-) > Applied to trusty/master-next branch. Thanks, Kleber
Turns out that the problem with L1TF and NUMA balancing isn't the aliasing of _PAGE_NUMA and _PAGE_PROTNONE but the following two issues: 1) 3.13 defines NUMA page table operations like pte_mknuma, pmd_mknuma and such, that manipulate NUMA hinting PTEs. These need to be protected against speculation just like the PROT_NONE PTEs, for example. Fix that by adding x86 specific NUMA page table operations. 2) Commit "x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation" modified pud_pfn() and pmd_pfn() to do the PFN bits inversion using pmd_pfn_mask() and pud_pfn_mask() helpers to only invert the relevant part of the PUD/PMD. 3.13 doesn't have these masking helpers and the backport of using PTE_PFN_MASK instead was incorrect. Fix that by backporting the commits that introduce the mask helpers. Compile tested all supported architectures. Ran stress and boot tests both on a physical NUMA machine and a NUMA (and non-NUMA) VM. Colin also ran some extended tests on real NUMA HW and reported no problems. Signed-off-by: Juerg Haefliger <juergh@canonical.com> Cyrill Gorcunov (1): mm: x86 pgtable: drop unneeded preprocessor ifdef Juerg Haefliger (2): UBUNTU: SAUCE: x86/speculation/l1tf: Protect NUMA hinting PTEs against speculation Revert "UBUNTU: [Config] disable NUMA_BALANCING" Kirill A. Shutemov (1): x86/mm: Fix regression with huge pages on PAE Toshi Kani (3): x86/asm: Move PUD_PAGE macros to page_types.h x86/asm: Add pud/pmd mask interfaces to handle large PAT bit x86/asm: Fix pud/pmd interfaces to handle large PAT bit arch/x86/boot/boot.h | 1 - arch/x86/boot/video-mode.c | 2 + arch/x86/boot/video.c | 2 + arch/x86/include/asm/page_64_types.h | 3 - arch/x86/include/asm/page_types.h | 4 +- arch/x86/include/asm/pgtable-2level.h | 10 ---- arch/x86/include/asm/pgtable.h | 69 +++++++++++++++++++++-- arch/x86/include/asm/pgtable_64.h | 21 +++++-- arch/x86/include/asm/pgtable_types.h | 34 +++++++++-- arch/x86/include/asm/x86_init.h | 1 - debian.master/config/config.common.ubuntu | 4 +- 11 files changed, 119 insertions(+), 32 deletions(-)