lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 24 Feb 2022 15:37:31 -0800
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     x86@...nel.org, joao@...rdrivepizza.com, hjl.tools@...il.com,
        andrew.cooper3@...rix.com, linux-kernel@...r.kernel.org,
        ndesaulniers@...gle.com, keescook@...omium.org,
        samitolvanen@...gle.com, mark.rutland@....com,
        alyssa.milburn@...el.com, mbenes@...e.cz, rostedt@...dmis.org,
        mhiramat@...nel.org, alexei.starovoitov@...il.com
Subject: Re: [PATCH v2 16/39] x86/bpf: Add ENDBR instructions to prologue and
 trampoline

On Thu, Feb 24, 2022 at 03:51:54PM +0100, Peter Zijlstra wrote:
> @@ -339,9 +350,18 @@ static int __bpf_arch_text_poke(void *ip
>  	u8 *prog;
>  	int ret;
>  
> +#ifdef CONFIG_X86_KERNEL_IBT
> +	if (is_endbr(*(u32 *)ip))
> +		ip += 4;
> +#endif
> +
>  	memcpy(old_insn, nop_insn, X86_PATCH_SIZE);
>  	if (old_addr) {
>  		prog = old_insn;
> +#ifdef CONFIG_X86_KERNEL_IBT
> +		if (is_endbr(*(u32 *)old_addr))
> +			old_addr += 4;
> +#endif
>  		ret = t == BPF_MOD_CALL ?
>  		      emit_call(&prog, old_addr, ip) :
>  		      emit_jump(&prog, old_addr, ip);
> @@ -352,6 +372,10 @@ static int __bpf_arch_text_poke(void *ip
>  	memcpy(new_insn, nop_insn, X86_PATCH_SIZE);
>  	if (new_addr) {
>  		prog = new_insn;
> +#ifdef CONFIG_X86_KERNEL_IBT
> +		if (is_endbr(*(u32 *)new_addr))
> +			new_addr += 4;
> +#endif

All the above ifdef-itis should be able to be removed since is_endbr()
returns false for !IBT.

>  		ret = t == BPF_MOD_CALL ?
>  		      emit_call(&prog, new_addr, ip) :
>  		      emit_jump(&prog, new_addr, ip);
> @@ -2028,10 +2052,11 @@ int arch_prepare_bpf_trampoline(struct b
>  		/* skip patched call instruction and point orig_call to actual
>  		 * body of the kernel function.
>  		 */
> -		orig_call += X86_PATCH_SIZE;
> +		orig_call += X86_PATCH_SIZE + 4*HAS_KERNEL_IBT;

All the "4*HAS_KERNEL_IBT" everywhere is cute, but you might as well
just have IBT_ENDBR_SIZE (here and in other patches).

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ