[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20180110010328.22163-1-andi@firstfloor.org>
Date: Tue, 9 Jan 2018 17:03:20 -0800
From: Andi Kleen <andi@...stfloor.org>
To: tglx@...utronix.de
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
torvalds@...ux-foundation.org, dwmw@...zon.co.uk, pjt@...gle.com,
luto@...nel.org, peterz@...radead.org, thomas.lendacky@....com,
tim.c.chen@...ux.intel.com, gregkh@...ux-foundation.org,
dave.hansen@...el.com, jikos@...nel.org
Subject: x86/clearregs: Register sanitizing at kernel entry for speculation hygiene
This patch kit implements clearing of all unused registers on kernel entries,
including system calls and all exceptions and interrupt.
This doesn't fix any known issue, but will make it harder in general
to exploit the kernel with speculation because it will be harder
to get user controlled values into kernel code.
The patchkit is a bit more complicated because it attempts to clear
unused argument registers, which requires on 64bit to know how
many arguments each system call has. I used some scripting
to derive the number of system calls from the SYSCALL_DEFINE*s
and add it to the x86 system call tables.
Everything else is relatively simple and straight forward,
and could be used independently.
I assume this mostly isn't 4.15 material, but should be considered for 4.16
Possibly some of the simpler patches could be considered for 4.15
Original patches were from Tim Chen, but changed significantly
by AK.
git://git.kernel.org/pub/scm/linux/kernel/git/ak/linux-misc.git spec/clearregs-1
v1: Initial post
Powered by blists - more mailing lists