| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200928214105.GD2705@linux.intel.com>
Date: Tue, 29 Sep 2020 00:41:05 +0300
From: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To: "H.J. Lu" <hjl.tools@...il.com>
Cc: Andrew Cooper <andrew.cooper3@...rix.com>,
the arch/x86 maintainers <x86@...nel.org>,
linux-sgx@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
Sean Christopherson <sean.j.christopherson@...el.com>,
Andy Lutomirski <luto@...capital.net>,
Jethro Beekman <jethro@...tanix.com>,
Cedric Xing <cedric.xing@...el.com>,
Andrew Morton <akpm@...ux-foundation.org>,
andriy.shevchenko@...ux.intel.com, asapek@...gle.com,
Borislav Petkov <bp@...en8.de>, chenalexchen@...gle.com,
conradparker@...gle.com, cyhanish@...gle.com,
Dave Hansen <dave.hansen@...el.com>,
"Huang, Haitao" <haitao.huang@...el.com>, josh@...htriplett.org,
kai.huang@...el.com, kai.svahn@...el.com, kmoy@...gle.com,
Christian Ludloff <ludloff@...gle.com>,
Andy Lutomirski <luto@...nel.org>, nhorman@...hat.com,
npmccallum@...hat.com, puiterwijk@...hat.com, rientjes@...gle.com,
Thomas Gleixner <tglx@...utronix.de>, yaozhangx@...gle.com,
Yu-cheng Yu <yu-cheng.yu@...el.com>
Subject: Re: [PATCH v38 21/24] x86/vdso: Implement a vDSO for Intel SGX
enclave call
On Mon, Sep 28, 2020 at 11:07:47AM -0700, H.J. Lu wrote:
> On Mon, Sep 28, 2020 at 9:44 AM Andrew Cooper <andrew.cooper3@...rix.com> wrote:
> >
> > On 28/09/2020 01:58, Jarkko Sakkinen wrote:
> > > On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew Cooper wrote:
> > >> On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> > >>> diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S b/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > >>> new file mode 100644
> > >>> index 000000000000..adbd59d41517
> > >>> --- /dev/null
> > >>> +++ b/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > >>> @@ -0,0 +1,157 @@
> > >>> +SYM_FUNC_START(__vdso_sgx_enter_enclave)
> > >>> <snip>
> > >>> +.Lretpoline:
> > >>> + call 2f
> > >>> +1: pause
> > >>> + lfence
> > >>> + jmp 1b
> > >>> +2: mov %rax, (%rsp)
> > >>> + ret
> > >> I hate to throw further spanners in the work, but this is not compatible
> > >> with CET, and the user shadow stack work in progress.
> > > CET goes beyond my expertise. Can you describe, at least rudimentary,
> > > how this code is not compatible?
> >
> > CET Shadow Stacks detect attacks which modify the return address on the
> > stack.
> >
> > Retpoline *is* a ROP gadget. It really does modify the return address
> > on the stack, even if its purpose is defensive (vs Spectre v2) rather
> > than malicious.
> >
> > >> Whichever of these two large series lands first is going to inflict
> > >> fixing this problem on the other.
> > >>
> > >> As the vdso text is global (to a first approximation), it must not be a
> > >> retpoline if any other process is liable to want to use CET-SS.
> > > Why is that?
> >
> > Because when CET-SS is enabled, the ret will suffer a #CP exception
> > (return address on the stack not matching the one recorded in the shadow
> > stack), which I presume/hope is wired into SIGSEGV.
> >
>
> Here is the CET compatible retpoline:
>
> endbr64
> /* Check if shadow stack is in use. NB: R11 is the only usable
> scratch register for function calls. */
> xorl %r11d, %r11d
> rdsspq %r11
> testq %r11, %r11
> jnz 3f
> call 2f
> 1:
> pause
> lfence
> jmp 1b
> 2:
> mov %rax, (%rsp)
> ret
> 3:
> /* Shadow stack is in use. Make the indirect call. */
> call *%rax
> ret
Right, so I have actually two alternatives: this and boot time patching:
https://lkml.org/lkml/2020/9/25/1122
/Jarkko
Powered by blists - more mailing lists