lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190308190038.ehrczmqnoulfkuoe@treble>
Date:   Fri, 8 Mar 2019 13:00:38 -0600
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     torvalds@...ux-foundation.org, tglx@...utronix.de, hpa@...or.com,
        julien.thierry@....com, will.deacon@....com, luto@...capital.net,
        mingo@...nel.org, catalin.marinas@....com, james.morse@....com,
        valentin.schneider@....com, brgerst@...il.com, luto@...nel.org,
        bp@...en8.de, dvlasenk@...hat.com, linux-kernel@...r.kernel.org,
        dvyukov@...gle.com, rostedt@...dmis.org, andrew.cooper3@...rix.com
Subject: Re: [PATCH 05/20] x86/uaccess/xen: Suppress SMAP warnings

On Thu, Mar 07, 2019 at 12:45:16PM +0100, Peter Zijlstra wrote:
> drivers/xen/privcmd.o: warning: objtool: privcmd_ioctl()+0x1414: call to hypercall_page() with UACCESS enabled
> 
> Xen needs to do HV calls with AC=1 for hysterical raisins. Make the
> warning go away.
> 
> XXX: arguably we should rename ANNOTATE_NOSPEC_ALTERNATIVE to
>      ANNOTATE_IGNORE_ALTERNATIVE.
> 
> Cc: andrew.cooper3@...rix.com
> Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
> ---
>  arch/x86/include/asm/xen/hypercall.h |   26 ++++++++++++++++++++++----
>  1 file changed, 22 insertions(+), 4 deletions(-)
> 
> --- a/arch/x86/include/asm/xen/hypercall.h
> +++ b/arch/x86/include/asm/xen/hypercall.h
> @@ -214,6 +214,24 @@ xen_single_call(unsigned int call,
>  	return (long)__res;
>  }
>  
> +static __always_inline void __xen_stac(void)
> +{
> +	/*
> +	 * This is just about as horrible as this interface; we abuse the
> +	 * nospec alternative annotation to supress objtool seeing the
> +	 * STAC/CLAC and getting confused about it calling random code with
> +	 * AC=1.
> +	 */
> +	asm volatile(ANNOTATE_NOSPEC_ALTERNATIVE
> +		     ASM_STAC ::: "memory", "flags");
> +}
> +
> +static __always_inline void __xen_clac(void)
> +{
> +	asm volatile(ANNOTATE_NOSPEC_ALTERNATIVE
> +		     ASM_CLAC ::: "memory", "flags");
> +}
> +

Shouldn't these be using SMAP-based alternatives like stac()/clac() do?

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ