[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <151770009169.7213.12476757146099518628.stgit@dwillia2-desk3.amr.corp.intel.com>
Date: Sat, 03 Feb 2018 15:21:31 -0800
From: Dan Williams <dan.j.williams@...el.com>
To: tglx@...utronix.de
Cc: Andi Kleen <ak@...ux.intel.com>, x86@...nel.org,
linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...hat.com>,
luto@...nel.org, "H. Peter Anvin" <hpa@...or.com>,
torvalds@...ux-foundation.org
Subject: [PATCH 0/3] x86/entry: clear registers to sanitize speculative
usages
At entry userspace may have populated callee saved registers with values
that could be useful in a speculative execution attack. Clear them to
minimize the kernel's attack surface.
Note, this is done to make it harder to find / manipulate exploitable
sequences in the kernel.
The clearing is limited to the 64-bit 'extra' registers since those are
the most likely to survive with user populated values deep into the call
chain. Normal register pressure likely clobbers values in the lower
registers and the 32-bit case.
As for cycle impact on my Sandy Bridge test system it can handle the xor
sequence at 3.5 instructions per cycle.
---
Andi Kleen (2):
x86/entry: Clear registers for 64bit exceptions/interrupts
x86/entry: Clear registers for compat syscalls
Dan Williams (1):
x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels
arch/x86/entry/calling.h | 17 +++++++++++++++++
arch/x86/entry/entry_64.S | 6 ++++++
arch/x86/entry/entry_64_compat.S | 3 +++
3 files changed, 26 insertions(+)
Powered by blists - more mailing lists