lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20231019074342.GL33217@noisy.programming.kicks-ass.net>
Date:   Thu, 19 Oct 2023 09:43:42 +0200
From:   Peter Zijlstra <peterz@...radead.org>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Josh Poimboeuf <jpoimboe@...nel.org>,
        Ingo Molnar <mingo@...nel.org>, linux-kernel@...r.kernel.org,
        linux-tip-commits@...r.kernel.org,
        David Kaplan <david.kaplan@....com>, x86@...nel.org,
        David Howells <dhowells@...hat.com>
Subject: Re: [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't
 used at runtime

On Wed, Oct 18, 2023 at 10:37:47PM +0200, Borislav Petkov wrote:

> And here's the fix:
> 
> diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c
> index 73be3931e4f0..50d64f5226f4 100644
> --- a/arch/x86/kernel/alternative.c
> +++ b/arch/x86/kernel/alternative.c
> @@ -748,14 +748,20 @@ void __init_or_module noinline apply_returns(s32 *start, s32 *end)
>                         continue;
>  
>                 op = insn.opcode.bytes[0];
> -               if (op == JMP32_INSN_OPCODE)
> +               if (op == JMP32_INSN_OPCODE || op == JMP8_INSN_OPCODE)
>                         dest = addr + insn.length + insn.immediate.value;
>  
> 
> I'd still prefer the revert, though, that close to the MW. We can work
> at those things later, at leisure.

Yet another fall-out from removing the section... When in it's own
section the compiler must emit long form jump because it doesn't know
where the target is.

Now, not so much.

Anyway, yes, that seems trivial enough as a fix.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ