1 .. SPDX-License-Identifier: GPL-2.0 2 3 ========================================= 4 Flexible Return and Event Delivery (FRED) 5 ========================================= 6 7 Overview 8 ======== 9 10 The FRED architecture defines simple new transitions that change 11 privilege level (ring transitions). The FRED architecture was 12 designed with the following goals: 13 14 1) Improve overall performance and response time by replacing event 15 delivery through the interrupt descriptor table (IDT event 16 delivery) and event return by the IRET instruction with lower 17 latency transitions. 18 19 2) Improve software robustness by ensuring that event delivery 20 establishes the full supervisor context and that event return 21 establishes the full user context. 22 23 The new transitions defined by the FRED architecture are FRED event 24 delivery and, for returning from events, two FRED return instructions. 25 FRED event delivery can effect a transition from ring 3 to ring 0, but 26 it is used also to deliver events incident to ring 0. One FRED 27 instruction (ERETU) effects a return from ring 0 to ring 3, while the 28 other (ERETS) returns while remaining in ring 0. Collectively, FRED 29 event delivery and the FRED return instructions are FRED transitions. 30 31 In addition to these transitions, the FRED architecture defines a new 32 instruction (LKGS) for managing the state of the GS segment register. 33 The LKGS instruction can be used by 64-bit operating systems that do 34 not use the new FRED transitions. 35 36 Furthermore, the FRED architecture is easy to extend for future CPU 37 architectures. 38 39 Software based event dispatching 40 ================================ 41 42 FRED operates differently from IDT in terms of event handling. Instead 43 of directly dispatching an event to its handler based on the event 44 vector, FRED requires the software to dispatch an event to its handler 45 based on both the event's type and vector. Therefore, an event dispatch 46 framework must be implemented to facilitate the event-to-handler 47 dispatch process. The FRED event dispatch framework takes control 48 once an event is delivered, and employs a two-level dispatch. 49 50 The first level dispatching is event type based, and the second level 51 dispatching is event vector based. 52 53 Full supervisor/user context 54 ============================ 55 56 FRED event delivery atomically save and restore full supervisor/user 57 context upon event delivery and return. Thus it avoids the problem of 58 transient states due to %cr2 and/or %dr6, and it is no longer needed 59 to handle all the ugly corner cases caused by half baked entry states. 60 61 FRED allows explicit unblock of NMI with new event return instructions 62 ERETS/ERETU, avoiding the mess caused by IRET which unconditionally 63 unblocks NMI, e.g., when an exception happens during NMI handling. 64 65 FRED always restores the full value of %rsp, thus ESPFIX is no longer 66 needed when FRED is enabled. 67 68 LKGS 69 ==== 70 71 LKGS behaves like the MOV to GS instruction except that it loads the 72 base address into the IA32_KERNEL_GS_BASE MSR instead of the GS 73 segment’s descriptor cache. With LKGS, it ends up with avoiding 74 mucking with kernel GS, i.e., an operating system can always operate 75 with its own GS base address. 76 77 Because FRED event delivery from ring 3 and ERETU both swap the value 78 of the GS base address and that of the IA32_KERNEL_GS_BASE MSR, plus 79 the introduction of LKGS instruction, the SWAPGS instruction is no 80 longer needed when FRED is enabled, thus is disallowed (#UD). 81 82 Stack levels 83 ============ 84 85 4 stack levels 0~3 are introduced to replace the nonreentrant IST for 86 event handling, and each stack level should be configured to use a 87 dedicated stack. 88 89 The current stack level could be unchanged or go higher upon FRED 90 event delivery. If unchanged, the CPU keeps using the current event 91 stack. If higher, the CPU switches to a new event stack specified by 92 the MSR of the new stack level, i.e., MSR_IA32_FRED_RSP[123]. 93 94 Only execution of a FRED return instruction ERET[US], could lower the 95 current stack level, causing the CPU to switch back to the stack it was 96 on before a previous event delivery that promoted the stack level.
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.