| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tip-1d07316b1363a004ed548c3759584f8e8b1e24e3@git.kernel.org>
Date: Sat, 22 Jun 2019 03:09:46 -0700
From: "tip-bot for Chang S. Bae" <tipbot@...or.com>
To: linux-tip-commits@...r.kernel.org
Cc: dave.hansen@...ux.intel.com, chang.seok.bae@...el.com,
ak@...ux.intel.com, hpa@...or.com, luto@...nel.org,
tglx@...utronix.de, linux-kernel@...r.kernel.org, mingo@...nel.org,
ravi.v.shankar@...el.com
Subject: [tip:x86/cpu] x86/entry/64: Switch CR3 before SWAPGS in paranoid
entry
Commit-ID: 1d07316b1363a004ed548c3759584f8e8b1e24e3
Gitweb: https://git.kernel.org/tip/1d07316b1363a004ed548c3759584f8e8b1e24e3
Author: Chang S. Bae <chang.seok.bae@...el.com>
AuthorDate: Wed, 8 May 2019 03:02:25 -0700
Committer: Thomas Gleixner <tglx@...utronix.de>
CommitDate: Sat, 22 Jun 2019 11:38:53 +0200
x86/entry/64: Switch CR3 before SWAPGS in paranoid entry
When FSGSBASE is enabled, the GSBASE handling in paranoid entry will need
to retrieve the kernel GSBASE which requires that the kernel page table is
active.
As the CR3 switch to the kernel page tables (PTI is active) does not depend
on kernel GSBASE, move the CR3 switch in front of the GSBASE handling.
Comment the EBX content while at it.
No functional change.
[ tglx: Rewrote changelog and comments ]
Signed-off-by: Chang S. Bae <chang.seok.bae@...el.com>
Signed-off-by: Thomas Gleixner <tglx@...utronix.de>
Cc: Andy Lutomirski <luto@...nel.org>
Cc: "H . Peter Anvin" <hpa@...or.com>
Cc: Andi Kleen <ak@...ux.intel.com>
Cc: Ravi Shankar <ravi.v.shankar@...el.com>
Cc: Dave Hansen <dave.hansen@...ux.intel.com>
Cc: H. Peter Anvin <hpa@...or.com>
Link: https://lkml.kernel.org/r/1557309753-24073-11-git-send-email-chang.seok.bae@intel.com
---
arch/x86/entry/entry_64.S | 31 +++++++++++++++++++++++--------
1 file changed, 23 insertions(+), 8 deletions(-)
diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index 11aa3b2afa4d..aaa846f8850a 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -1173,13 +1173,6 @@ ENTRY(paranoid_entry)
cld
PUSH_AND_CLEAR_REGS save_ret=1
ENCODE_FRAME_POINTER 8
- movl $1, %ebx
- movl $MSR_GS_BASE, %ecx
- rdmsr
- testl %edx, %edx
- js 1f /* negative -> in kernel */
- SWAPGS
- xorl %ebx, %ebx
1:
/*
@@ -1191,9 +1184,30 @@ ENTRY(paranoid_entry)
* This is also why CS (stashed in the "iret frame" by the
* hardware at entry) can not be used: this may be a return
* to kernel code, but with a user CR3 value.
+ *
+ * Switching CR3 does not depend on kernel GSBASE so it can
+ * be done before switching to the kernel GSBASE. This is
+ * required for FSGSBASE because the kernel GSBASE has to
+ * be retrieved from a kernel internal table.
*/
SAVE_AND_SWITCH_TO_KERNEL_CR3 scratch_reg=%rax save_reg=%r14
+ /* EBX = 1 -> kernel GSBASE active, no restore required */
+ movl $1, %ebx
+ /*
+ * The kernel-enforced convention is a negative GSBASE indicates
+ * a kernel value. No SWAPGS needed on entry and exit.
+ */
+ movl $MSR_GS_BASE, %ecx
+ rdmsr
+ testl %edx, %edx
+ jns .Lparanoid_entry_swapgs
+ ret
+
+.Lparanoid_entry_swapgs:
+ SWAPGS
+ /* EBX = 0 -> SWAPGS required on exit */
+ xorl %ebx, %ebx
ret
END(paranoid_entry)
@@ -1213,7 +1227,8 @@ ENTRY(paranoid_exit)
UNWIND_HINT_REGS
DISABLE_INTERRUPTS(CLBR_ANY)
TRACE_IRQS_OFF_DEBUG
- testl %ebx, %ebx /* swapgs needed? */
+ /* If EBX is 0, SWAPGS is required */
+ testl %ebx, %ebx
jnz .Lparanoid_exit_no_swapgs
TRACE_IRQS_IRETQ
/* Always restore stashed CR3 value (see paranoid_entry) */
Powered by blists - more mailing lists