| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200424190427.3p7oxloliov72fwu@treble>
Date: Fri, 24 Apr 2020 14:04:27 -0500
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: alexandre.chartre@...cle.com, linux-kernel@...r.kernel.org,
jthierry@...hat.com, tglx@...utronix.de, x86@...nel.org,
mbenes@...e.cz
Subject: Re: [PATCH 5/8] x86/speculation: Change FILL_RETURN_BUFFER to work
with objtool
On Thu, Apr 23, 2020 at 02:47:22PM +0200, Peter Zijlstra wrote:
> #define __FILL_RETURN_BUFFER(reg, nr, sp) \
> mov $(nr/2), reg; \
> 771: \
> + ANNOTATE_INTRA_FUNCTION_CALL \
> call 772f; \
> 773: /* speculation trap */ \
> + UNWIND_HINT_EMPTY; \
> pause; \
> lfence; \
> jmp 773b; \
> 772: \
> + ANNOTATE_INTRA_FUNCTION_CALL \
> call 774f; \
> 775: /* speculation trap */ \
> + UNWIND_HINT_EMPTY; \
> pause; \
> lfence; \
> jmp 775b; \
> 774: \
> + add $(BITS_PER_LONG/8) * 2, sp; \
> dec reg; \
> - jnz 771b; \
> - add $(BITS_PER_LONG/8) * nr, sp;
> + jnz 771b;
Looks weird having semicolons for one annotation but not the other...
>
> #ifdef __ASSEMBLY__
>
> @@ -137,10 +143,8 @@
> */
> .macro FILL_RETURN_BUFFER reg:req nr:req ftr:req
> #ifdef CONFIG_RETPOLINE
> - ANNOTATE_NOSPEC_ALTERNATIVE
> - ALTERNATIVE "jmp .Lskip_rsb_\@", \
> - __stringify(__FILL_RETURN_BUFFER(\reg,\nr,%_ASM_SP)) \
> - \ftr
> + ALTERNATIVE "jmp .Lskip_rsb_\@", "", \ftr
> + __FILL_RETURN_BUFFER(\reg,\nr,%_ASM_SP)
I almost gave my "you can't change the stack in an alternative" lecture,
then I did a double take :-)
We do still need a patch to prevent other code from doing that though.
--
Josh
Powered by blists - more mailing lists