| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Jan 2018 17:03:23 -0800
From: Andi Kleen <andi@...stfloor.org>
To: tglx@...utronix.de
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
torvalds@...ux-foundation.org, dwmw@...zon.co.uk, pjt@...gle.com,
luto@...nel.org, peterz@...radead.org, thomas.lendacky@....com,
tim.c.chen@...ux.intel.com, gregkh@...ux-foundation.org,
dave.hansen@...el.com, jikos@...nel.org,
Andi Kleen <ak@...ux.intel.com>
Subject: [PATCH v1 3/8] x86/entry/clearregs: Clear registers for 64bit SYSCALL
From: Andi Kleen <ak@...ux.intel.com>
We clear all the non argument registers for 64bit SYSCALLs
to minimize any risk of bad speculation using user values.
So far unused argument registers still leak. To be addressed
in future patches.
Signed-off-by: Andi Kleen <ak@...ux.intel.com>
---
arch/x86/entry/entry_64.S | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index bbdfbdd817d6..632081fd7086 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -236,6 +236,14 @@ GLOBAL(entry_SYSCALL_64_after_hwframe)
pushq %r11 /* pt_regs->r11 */
sub $(6*8), %rsp
SAVE_EXTRA_REGS
+ /* Sanitize registers against speculation attacks */
+ /* r10 is cleared later, arguments are handled in san_args* */
+ CLEAR_R11_TO_R15
+#ifndef CONFIG_FRAME_POINTER
+ xor %ebp, %ebp
+#endif
+ xor %ebx, %ebx
+ xor %ecx, %ecx
UNWIND_HINT_REGS extra=0
@@ -263,6 +271,7 @@ entry_SYSCALL_64_fastpath:
#endif
ja 1f /* return -ENOSYS (already in pt_regs->ax) */
movq %r10, %rcx
+ xor %r10, %r10
#ifdef CONFIG_RETPOLINE
movq sys_call_table(, %rax, 8), %rax
--
2.14.3
Powered by blists - more mailing lists