lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Mar 2018 03:06:12 +0000 From: Ben Hutchings <ben@...adent.org.uk> To: linux-kernel@...r.kernel.org, stable@...r.kernel.org CC: akpm@...ux-foundation.org, "Borislav Petkov" <bp@...e.de>, "Linus Torvalds" <torvalds@...ux-foundation.org>, "H. Peter Anvin" <hpa@...or.com>, "Andy Lutomirski" <luto@...capital.net>, "Denys Vlasenko" <dvlasenk@...hat.com>, "Thomas Gleixner" <tglx@...utronix.de>, "Ingo Molnar" <mingo@...nel.org>, "Borislav Petkov" <bp@...en8.de>, "Brian Gerst" <brgerst@...il.com> Subject: [PATCH 3.16 13/76] x86/alternatives: Guard NOPs optimization 3.16.56-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Borislav Petkov <bp@...e.de> commit 69df353ff305805fc16082d0c5bfa6e20fa8b863 upstream. Take a look at the first instruction byte before optimizing the NOP - there might be something else there already, like the ALTERNATIVE_2() in rdtsc_barrier() which NOPs out on AMD even though we just patched in an MFENCE. This happens because the alternatives sees X86_FEATURE_MFENCE_RDTSC, AMD CPUs set it, we patch in the MFENCE and right afterwards it sees X86_FEATURE_LFENCE_RDTSC which AMD CPUs don't set and we blindly optimize the NOP. Checking whether at least the first byte is 0x90 prevents that. Signed-off-by: Borislav Petkov <bp@...e.de> Cc: Andy Lutomirski <luto@...capital.net> Cc: Borislav Petkov <bp@...en8.de> Cc: Brian Gerst <brgerst@...il.com> Cc: Denys Vlasenko <dvlasenk@...hat.com> Cc: H. Peter Anvin <hpa@...or.com> Cc: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Thomas Gleixner <tglx@...utronix.de> Link: http://lkml.kernel.org/r/1428181662-18020-1-git-send-email-bp@alien8.de Signed-off-by: Ingo Molnar <mingo@...nel.org> Signed-off-by: Ben Hutchings <ben@...adent.org.uk> --- arch/x86/kernel/alternative.c | 3 +++ 1 file changed, 3 insertions(+) --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -325,6 +325,9 @@ done: static void __init_or_module optimize_nops(struct alt_instr *a, u8 *instr) { + if (instr[0] != 0x90) + return; + add_nops(instr + (a->instrlen - a->padlen), a->padlen); DUMP_BYTES(instr, a->instrlen, "%p: [%d:%d) optimized NOPs: ",
Powered by blists - more mailing lists