| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Apr 2020 15:28:37 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Alexandre Chartre <alexandre.chartre@...cle.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org, jpoimboe@...hat.com,
jthierry@...hat.com, tglx@...utronix.de
Subject: Re: [PATCH V2 9/9] x86/speculation: Remove all
ANNOTATE_NOSPEC_ALTERNATIVE directives
On Tue, Apr 07, 2020 at 09:31:42AM +0200, Alexandre Chartre wrote:
> Now that intra-function calls have been annotated and are supported
> by objtool, that retpoline return instructions have been annotated,
> and that __FILL_RETURN_BUFFER code is compatible with objtool, then
> all ANNOTATE_NOSPEC_ALTERNATIVE directives can be removed.
Like Josh said in the previous thread, this isn't going to work right.
> - ANNOTATE_NOSPEC_ALTERNATIVE
> ALTERNATIVE_2 __stringify(ANNOTATE_RETPOLINE_SAFE; jmp *\reg), \
> __stringify(RETPOLINE_JMP \reg), X86_FEATURE_RETPOLINE, \
> __stringify(lfence; ANNOTATE_RETPOLINE_SAFE; jmp *\reg), X86_FEATURE_RETPOLINE_AMD
The problem is that while objtool can now understand the code flow and
the corresponding stack layout, we only have a single ORC table, one
that must be valid for all alternatives.
Effectively this means there should not be any orc entries in an
alternative range.
In practise it _might_ work when the instruction of the various
alternatives have unique offsets in the range. But I'm not entirely sure
of that.
Josh, we should probably have objtool verify it doesn't emit ORC entries
in alternative ranges.
Powered by blists - more mailing lists