arch/x86/kernel/espfix_64.c
Source file repositories/reference/linux-study-clean/arch/x86/kernel/espfix_64.c
File Facts
- System
- Linux kernel
- Corpus path
arch/x86/kernel/espfix_64.c- Extension
.c- Size
- 6324 bytes
- Lines
- 206
- Domain
- Architecture Layer
- Bucket
- arch/x86
- Inferred role
- Architecture Layer: implementation source
- Status
- source implementation candidate
Why This File Exists
CPU and platform-specific kernel glue: boot entry, traps, syscall entry, interrupts, page tables, context switch, and low-level barriers.
- CPU and platform-specific kernel glue: boot entry, traps, syscall entry, interrupts, page tables, context switch, and low-level barriers.
- Uses kernel synchronization; read lock ordering, sleepability, and interrupt context assumptions before translating.
- Allocates kernel memory; connect allocation flags and lifetime to context constraints.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/init.hlinux/init_task.hlinux/kernel.hlinux/percpu.hlinux/gfp.hlinux/random.hlinux/pgtable.hasm/pgalloc.hasm/setup.hasm/espfix.h
Detected Declarations
function espfix_base_addrfunction init_espfix_randomfunction init_espfix_bspfunction init_espfix_ap
Annotated Snippet
// SPDX-License-Identifier: GPL-2.0-only
/* ----------------------------------------------------------------------- *
*
* Copyright 2014 Intel Corporation; author: H. Peter Anvin
*
* ----------------------------------------------------------------------- */
/*
* The IRET instruction, when returning to a 16-bit segment, only
* restores the bottom 16 bits of the user space stack pointer. This
* causes some 16-bit software to break, but it also leaks kernel state
* to user space.
*
* This works around this by creating percpu "ministacks", each of which
* is mapped 2^16 times 64K apart. When we detect that the return SS is
* on the LDT, we copy the IRET frame to the ministack and use the
* relevant alias to return to userspace. The ministacks are mapped
* readonly, so if the IRET fault we promote #GP to #DF which is an IST
* vector and thus has its own stack; we then do the fixup in the #DF
* handler.
*
* This file sets up the ministacks and the related page tables. The
* actual ministack invocation is in entry_64.S.
*/
#include <linux/init.h>
#include <linux/init_task.h>
#include <linux/kernel.h>
#include <linux/percpu.h>
#include <linux/gfp.h>
#include <linux/random.h>
#include <linux/pgtable.h>
#include <asm/pgalloc.h>
#include <asm/setup.h>
#include <asm/espfix.h>
/*
* Note: we only need 6*8 = 48 bytes for the espfix stack, but round
* it up to a cache line to avoid unnecessary sharing.
*/
#define ESPFIX_STACK_SIZE (8*8UL)
#define ESPFIX_STACKS_PER_PAGE (PAGE_SIZE/ESPFIX_STACK_SIZE)
/* There is address space for how many espfix pages? */
#define ESPFIX_PAGE_SPACE (1UL << (P4D_SHIFT-PAGE_SHIFT-16))
#define ESPFIX_MAX_CPUS (ESPFIX_STACKS_PER_PAGE * ESPFIX_PAGE_SPACE)
#if CONFIG_NR_CPUS > ESPFIX_MAX_CPUS
# error "Need more virtual address space for the ESPFIX hack"
#endif
#define PGALLOC_GFP (GFP_KERNEL | __GFP_ZERO)
/* This contains the *bottom* address of the espfix stack */
DEFINE_PER_CPU_READ_MOSTLY(unsigned long, espfix_stack);
DEFINE_PER_CPU_READ_MOSTLY(unsigned long, espfix_waddr);
/* Initialization mutex - should this be a spinlock? */
static DEFINE_MUTEX(espfix_init_mutex);
/* Page allocation bitmap - each page serves ESPFIX_STACKS_PER_PAGE CPUs */
#define ESPFIX_MAX_PAGES DIV_ROUND_UP(CONFIG_NR_CPUS, ESPFIX_STACKS_PER_PAGE)
static void *espfix_pages[ESPFIX_MAX_PAGES];
static __page_aligned_bss pud_t espfix_pud_page[PTRS_PER_PUD]
__aligned(PAGE_SIZE);
static unsigned int page_random, slot_random;
/*
* This returns the bottom address of the espfix stack for a specific CPU.
* The math allows for a non-power-of-two ESPFIX_STACK_SIZE, in which case
* we have to account for some amount of padding at the end of each page.
*/
static inline unsigned long espfix_base_addr(unsigned int cpu)
{
unsigned long page, slot;
unsigned long addr;
page = (cpu / ESPFIX_STACKS_PER_PAGE) ^ page_random;
slot = (cpu + slot_random) % ESPFIX_STACKS_PER_PAGE;
addr = (page << PAGE_SHIFT) + (slot * ESPFIX_STACK_SIZE);
addr = (addr & 0xffffUL) | ((addr & ~0xffffUL) << 16);
addr += ESPFIX_BASE_ADDR;
return addr;
}
#define PTE_STRIDE (65536/PAGE_SIZE)
#define ESPFIX_PTE_CLONES (PTRS_PER_PTE/PTE_STRIDE)
#define ESPFIX_PMD_CLONES PTRS_PER_PMD
Annotation
- Immediate include surface: `linux/init.h`, `linux/init_task.h`, `linux/kernel.h`, `linux/percpu.h`, `linux/gfp.h`, `linux/random.h`, `linux/pgtable.h`, `asm/pgalloc.h`.
- Detected declarations: `function espfix_base_addr`, `function init_espfix_random`, `function init_espfix_bsp`, `function init_espfix_ap`.
- Atlas domain: Architecture Layer / arch/x86.
- Implementation status: source implementation candidate.
- Synchronization appears in or near this file; preserve lock ordering, sleepability, and interrupt-context constraints.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.