| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 Sep 2021 01:50:01 +0800
From: Lai Jiangshan <jiangshanlai@...il.com>
To: linux-kernel@...r.kernel.org
Cc: Lai Jiangshan <laijs@...ux.alibaba.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Peter Zijlstra <peterz@...radead.org>,
Andy Lutomirski <luto@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>
Subject: [PATCH 00/24] x86/entry/64: Convert a bunch of ASM entry code into C code
From: Lai Jiangshan <laijs@...ux.alibaba.com>
Many ASM code in entry_64.S can be rewritten in C if they can be written
to be non-instrumentable and are called in the right order regarding to
whether CR3/gsbase is changed to kernel CR3/gsbase.
The patchset covert some of them to C code.
The patch 11 converts the non paranoid entry (entry of interrupts/
non-IST-exception/IST-exception-from-user) to C code. And patch 1-10
are preparation for it and patch 12-13 are cleanup for it. The patch 1
might fix a defect.
The patch 22 converts the paranoid entry/exit to Code. And patch 14-21 are
pareparation for it and patch 23 is cleanup for it.
The patch 24 converts a small part of ASM code of syscall to C code which
does the checking for whether it can use sysret to return to userspace.
Some other paths can be possible to be in C code, for example: the non
paranoid exit, the syscall entry/exit. The PTI handling for them can
be in C code. But it would required the pt_regs to be copied/pushed
to the entry stack which means the C code would not be efficient.
When converting ASM to C, the most effort is to make them the same.
Almost no creative was involved. The code are kept as the same as ASM
as possible and no functional change intended unless my missunderstanding
in the ASM code was involved. The functions called by the C entry code
are checked to be ensured noinstr or __always_inline. Some of them have
more than one definitions and require some more cares from reviewers.
The comments in the ASM are also copied in the right place in the C code.
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Ingo Molnar <mingo@...hat.com>
Cc: Borislav Petkov <bp@...en8.de>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Andy Lutomirski <luto@...nel.org>
Cc: "H. Peter Anvin" <hpa@...or.com>
Lai Jiangshan (24):
x86/traps: Remove stack-protector from traps.c
x86/traps: Move arch/x86/kernel/traps.c to arch/x86/entry/
x86/traps: Move declaration of native_irq_return_iret up
x86/entry: Expose the address of .Lgs_change to traps.c
x86/entry: Introduce __entry_text for entry code written in C
x86/entry: Move PTI_USER_* to arch/x86/include/asm/processor-flags.h
x86: Mark __native_read_cr3() & native_write_cr3() as __always_inline
x86/traps: Add C verion of SWITCH_TO_KERNEL_CR3 as
switch_to_kernel_cr3()
x86/traps: Add fence_swapgs_{user,kernel}_entry()
x86/traps: Move pt_regs only in fixup_bad_iret()
x86/entry: Replace the most of asm code of error_entry to C code
x86/traps: Reconstruct pt_regs on task stack directly in
fixup_bad_iret()
x86/traps: Mark sync_regs() and fixup_bad_iret() as static
__always_inline
x86/entry: Make paranoid_exit() callable
x86/entry: Call paranoid_exit() in asm_exc_nmi()
x86/entry: Use skip_rdi instead of save_ret for PUSH_AND_CLEAR_REGS
x86/entry: Introduce struct ist_regs
x86/entry: Add the C version ist_switch_to_kernel_cr3()
x86/entry: Add the C version ist_restore_cr3()
x86/entry: Add the C version get_percpu_base()
x86/entry: Add the C version ist_switch_to_kernel_gsbase()
x86/entry: Implement and use do_paranoid_entry() and paranoid_exit()
x86/entry: Remove the unused ASM macros
x86/syscall/64: Move the checking for sysret to C code
arch/x86/entry/Makefile | 5 +-
arch/x86/entry/calling.h | 144 +--------
arch/x86/entry/common.c | 73 ++++-
arch/x86/entry/entry_64.S | 366 ++++-------------------
arch/x86/{kernel => entry}/traps.c | 397 +++++++++++++++++++++++--
arch/x86/include/asm/processor-flags.h | 15 +
arch/x86/include/asm/special_insns.h | 4 +-
arch/x86/include/asm/syscall.h | 2 +-
arch/x86/include/asm/traps.h | 36 ++-
arch/x86/kernel/Makefile | 2 +-
arch/x86/kernel/asm-offsets_64.c | 2 +
11 files changed, 554 insertions(+), 492 deletions(-)
rename arch/x86/{kernel => entry}/traps.c (74%)
--
2.19.1.6.gb485710b
Powered by blists - more mailing lists