lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <lsq.1520823814.335034940@decadent.org.uk>
Date:   Mon, 12 Mar 2018 03:03:34 +0000
From:   Ben Hutchings <ben@...adent.org.uk>
To:     linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC:     akpm@...ux-foundation.org, linux-arch@...r.kernel.org,
        "Al Viro" <viro@...iv.linux.org.uk>,
        "Ingo Molnar" <mingo@...hat.com>,
        "Thomas Gleixner" <tglx@...utronix.de>, gregkh@...uxfoundation.org,
        "Tom Lendacky" <thomas.lendacky@....com>,
        "Linus Torvalds" <torvalds@...ux-foundation.org>,
        kernel-hardening@...ts.openwall.com,
        "Andi Kleen" <ak@...ux.intel.com>,
        "Dan Williams" <dan.j.williams@...el.com>,
        "Kees Cook" <keescook@...omium.org>, alan@...ux.intel.com
Subject: [PATCH 3.2 085/104] x86: Introduce barrier_nospec

3.2.101-rc1 review patch.  If anyone has any objections, please let me know.

------------------

From: Dan Williams <dan.j.williams@...el.com>

commit b3d7ad85b80bbc404635dca80f5b129f6242bc7a upstream.

Rename the open coded form of this instruction sequence from
rdtsc_ordered() into a generic barrier primitive, barrier_nospec().

One of the mitigations for Spectre variant1 vulnerabilities is to fence
speculative execution after successfully validating a bounds check. I.e.
force the result of a bounds check to resolve in the instruction pipeline
to ensure speculative execution honors that result before potentially
operating on out-of-bounds data.

No functional changes.

Suggested-by: Linus Torvalds <torvalds@...ux-foundation.org>
Suggested-by: Andi Kleen <ak@...ux.intel.com>
Suggested-by: Ingo Molnar <mingo@...hat.com>
Signed-off-by: Dan Williams <dan.j.williams@...el.com>
Signed-off-by: Thomas Gleixner <tglx@...utronix.de>
Cc: linux-arch@...r.kernel.org
Cc: Tom Lendacky <thomas.lendacky@....com>
Cc: Kees Cook <keescook@...omium.org>
Cc: kernel-hardening@...ts.openwall.com
Cc: gregkh@...uxfoundation.org
Cc: Al Viro <viro@...iv.linux.org.uk>
Cc: alan@...ux.intel.com
Link: https://lkml.kernel.org/r/151727415361.33451.9049453007262764675.stgit@dwillia2-desk3.amr.corp.intel.com
[bwh: Backported to 3.2: update rdtsc_barrier() instead of rdtsc_ordered()]
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
--- a/arch/x86/include/asm/system.h
+++ b/arch/x86/include/asm/system.h
@@ -478,6 +478,10 @@ static inline unsigned long array_index_
 /* Override the default implementation from linux/nospec.h. */
 #define array_index_mask_nospec array_index_mask_nospec
 
+/* Prevent speculative execution past this barrier. */
+#define barrier_nospec() alternative_2("", "mfence", X86_FEATURE_MFENCE_RDTSC, \
+					   "lfence", X86_FEATURE_LFENCE_RDTSC)
+
 /**
  * read_barrier_depends - Flush all pending reads that subsequents reads
  * depend on.
@@ -563,8 +567,7 @@ static inline unsigned long array_index_
  */
 static __always_inline void rdtsc_barrier(void)
 {
-	alternative(ASM_NOP3, "mfence", X86_FEATURE_MFENCE_RDTSC);
-	alternative(ASM_NOP3, "lfence", X86_FEATURE_LFENCE_RDTSC);
+	barrier_nospec();
 }
 
 /*

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ