| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 26 Sep 2021 23:08:22 +0800
From: Lai Jiangshan <jiangshanlai@...il.com>
To: linux-kernel@...r.kernel.org
Cc: Lai Jiangshan <laijs@...ux.alibaba.com>,
Andy Lutomirski <luto@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>,
Juergen Gross <jgross@...e.com>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Joerg Roedel <jroedel@...e.de>,
Mike Travis <mike.travis@....com>
Subject: [PATCH V2 25/41] x86/entry: Implement the C version ist_paranoid_exit()
From: Lai Jiangshan <laijs@...ux.alibaba.com>
It implements the whole ASM version paranoid_exit().
No functional difference intended.
Signed-off-by: Lai Jiangshan <laijs@...ux.alibaba.com>
---
arch/x86/entry/entry64.c | 40 +++++++++++++++++++++++++++++++++
arch/x86/include/asm/idtentry.h | 2 ++
2 files changed, 42 insertions(+)
diff --git a/arch/x86/entry/entry64.c b/arch/x86/entry/entry64.c
index 67f13aebd948..017a7f94e3a4 100644
--- a/arch/x86/entry/entry64.c
+++ b/arch/x86/entry/entry64.c
@@ -312,3 +312,43 @@ void ist_paranoid_entry(unsigned long *cr3, unsigned long *gsbase)
/* Handle GSBASE, store the return value in *@...ase for exit. */
*gsbase = ist_switch_to_kernel_gsbase();
}
+
+/*
+ * "Paranoid" exit path from exception stack. This is invoked
+ * only on return from IST interrupts that came from kernel space.
+ *
+ * We may be returning to very strange contexts (e.g. very early
+ * in syscall entry), so checking for preemption here would
+ * be complicated. Fortunately, there's no good reason to try
+ * to handle preemption here.
+ */
+__visible __entry_text
+void ist_paranoid_exit(unsigned long cr3, unsigned long gsbase)
+{
+ /*
+ * Restore CR3 at first, it can use kernel GSBASE.
+ */
+ ist_restore_cr3(cr3);
+
+ barrier();
+
+ /*
+ * Handle the three GSBASE cases.
+ *
+ * @gsbase contains the GSBASE related information depending
+ * on the availability of the FSGSBASE instructions:
+ *
+ * FSGSBASE @gsbase
+ * N 0 -> SWAPGS on exit
+ * 1 -> no SWAPGS on exit
+ *
+ * Y User space GSBASE, must be restored unconditionally
+ */
+ if (static_cpu_has(X86_FEATURE_FSGSBASE)) {
+ wrgsbase(gsbase);
+ return;
+ }
+
+ if (gsbase)
+ native_swapgs();
+}
diff --git a/arch/x86/include/asm/idtentry.h b/arch/x86/include/asm/idtentry.h
index fa8d73cfd8d6..b144ea05b859 100644
--- a/arch/x86/include/asm/idtentry.h
+++ b/arch/x86/include/asm/idtentry.h
@@ -295,6 +295,8 @@ static __always_inline void __##func(struct pt_regs *regs)
#ifdef CONFIG_X86_64
__visible __entry_text
void ist_paranoid_entry(unsigned long *cr3, unsigned long *gsbase);
+__visible __entry_text
+void ist_paranoid_exit(unsigned long cr3, unsigned long gsbase);
/**
* DECLARE_IDTENTRY_IST - Declare functions for IST handling IDT entry points
--
2.19.1.6.gb485710b
Powered by blists - more mailing lists