| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 May 2022 11:15:47 -0700
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] objtool: Fix SLS checks
On Sat, Apr 30, 2022 at 12:50:02PM +0200, Peter Zijlstra wrote:
>
> Fix the SLS validation; not having a next instruction is also a fail
> when the next instruction should be INSN_TRAP.
>
> Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
> ---
> tools/objtool/check.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/tools/objtool/check.c b/tools/objtool/check.c
> index 3f6785415894..3354101ffe34 100644
> --- a/tools/objtool/check.c
> +++ b/tools/objtool/check.c
> @@ -3380,7 +3380,7 @@ static int validate_branch(struct objtool_file *file, struct symbol *func,
>
> case INSN_RETURN:
> if (sls && !insn->retpoline_safe &&
> - next_insn && next_insn->type != INSN_TRAP) {
> + (!next_insn || (next_insn && next_insn->type != INSN_TRAP))) {
> WARN_FUNC("missing int3 after ret",
> insn->sec, insn->offset);
> }
> @@ -3428,7 +3428,7 @@ static int validate_branch(struct objtool_file *file, struct symbol *func,
>
> case INSN_JUMP_DYNAMIC:
> if (sls && !insn->retpoline_safe &&
> - next_insn && next_insn->type != INSN_TRAP) {
> + (!next_insn || (next_insn && next_insn->type != INSN_TRAP))) {
> WARN_FUNC("missing int3 after indirect jump",
> insn->sec, insn->offset);
> }
My SLS rewrite in tip/objtool/core already fixed this, FWIW. But this
could be good for -urgent.
Acked-by: Josh Poimboeuf <jpoimboe@...hat.com>
Here's another SLS improvement I mentioned to you the other day, do you
agree we should do this as well?
From: Josh Poimboeuf <jpoimboe@...hat.com>
Subject: [PATCH] x86/speculation: Mitigate SLS for JMP_NOSPEC with retpolines disabled
Having disabled retpolines doesn't necessarily mean the user doesn't
care about straight-line speculation. For example, retpolines are
disabled when eIBRS is used.
If CONFIG_SLS is enabled, properly mitigate SLS for JMP_NOSPEC for the
retpolines disabled cases.
Signed-off-by: Josh Poimboeuf <jpoimboe@...hat.com>
---
arch/x86/include/asm/nospec-branch.h | 13 ++++++++++---
tools/objtool/check.c | 3 ---
2 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
index acbaeaf83b61..0648746bf60b 100644
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -75,6 +75,13 @@
.popsection
.endm
+.macro INDIRECT_JMP reg
+ jmp *%\reg
+#ifdef CONFIG_SLS
+ int3
+#endif
+.endm
+
/*
* JMP_NOSPEC and CALL_NOSPEC macros can be used instead of a simple
* indirect jmp/call which may be susceptible to the Spectre variant 2
@@ -82,11 +89,11 @@
*/
.macro JMP_NOSPEC reg:req
#ifdef CONFIG_RETPOLINE
- ALTERNATIVE_2 __stringify(ANNOTATE_RETPOLINE_SAFE; jmp *%\reg), \
+ ALTERNATIVE_2 __stringify(ANNOTATE_RETPOLINE_SAFE; INDIRECT_JMP \reg), \
__stringify(jmp __x86_indirect_thunk_\reg), X86_FEATURE_RETPOLINE, \
- __stringify(lfence; ANNOTATE_RETPOLINE_SAFE; jmp *%\reg), X86_FEATURE_RETPOLINE_LFENCE
+ __stringify(lfence; ANNOTATE_RETPOLINE_SAFE; INDIRECT_JMP \reg), X86_FEATURE_RETPOLINE_LFENCE
#else
- jmp *%\reg
+ INDIRECT_JMP \reg
#endif
.endm
diff --git a/tools/objtool/check.c b/tools/objtool/check.c
index e7983c3e2408..3cf3ad0b5db5 100644
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -3842,9 +3842,6 @@ static int validate_sls(struct objtool_file *file)
for_each_insn(file, insn) {
next_insn = next_insn_same_sec(file, insn);
- if (insn->retpoline_safe)
- continue;
-
switch (insn->type) {
case INSN_RETURN:
if (!next_insn || next_insn->type != INSN_TRAP) {
--
2.34.1
Powered by blists - more mailing lists