On Tue, Mar 12, 2024 at 03:59:49AM +0000, Yosry Ahmed wrote: > LAM can only be enabled when a process is single-threaded. But _kernel_ > threads can temporarily use a single-threaded process's mm. > > If LAM is enabled by a userspace process while a kthread is using its > mm, the kthread will not observe LAM enablement (i.e. LAM will be > disabled in CR3). This could be fine for the kthread itself, as LAM only > affects userspace addresses. However, if the kthread context switches to > a thread in the same userspace process, CR3 may or may not be updated > because the mm_struct doesn't change (based on pending TLB flushes). If > CR3 is not updated, the userspace thread will run incorrectly with LAM > disabled, which may cause page faults when using tagged addresses. > Example scenario: > > CPU 1 CPU 2 > /* kthread */ > kthread_use_mm() > /* user thread */ > prctl_enable_tagged_addr() > /* LAM enabled on CPU 2 */ > /* LAM disabled on CPU 1 */ > context_switch() /* to CPU 1 */ > /* Switching to user thread */ > switch_mm_irqs_off() > /* CR3 not updated */ > /* LAM is still disabled on CPU 1 */ > > Synchronize LAM enablement by sending an IPI from > prctl_enable_tagged_addr() to all CPUs running with the mm_struct to > enable LAM. This makes sure LAM is enabled on CPU 1 in the above > scenario before prctl_enable_tagged_addr() returns and userspace starts > using tagged addresses, and before it's possible to run the userspace > process on CPU 1. > > In switch_mm_irqs_off(), move reading the LAM mask until after > mm_cpumask() is updated. This ensures that if an outdated LAM mask is > written to CR3, an IPI is received to update it right after IRQs are > re-enabled. > > Fixes: 82721d8b25d7 ("x86/mm: Handle LAM on context switch") > Suggested-by: Andy Lutomirski <luto@xxxxxxxxxx> > Signed-off-by: Yosry Ahmed <yosryahmed@xxxxxxxxxx> Reviewed-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx> -- Kiryl Shutsemau / Kirill A. Shutemov