lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <169770844376.3135.9436969789797102205.tip-bot2@tip-bot2>
Date:   Thu, 19 Oct 2023 09:40:43 -0000
From:   "tip-bot2 for Borislav Petkov (AMD)" <tip-bot2@...utronix.de>
To:     linux-tip-commits@...r.kernel.org
Cc:     "Borislav Petkov (AMD)" <bp@...en8.de>,
        David Kaplan <david.kaplan@....com>, x86@...nel.org,
        linux-kernel@...r.kernel.org
Subject: [tip: x86/bugs] Revert "x86/retpoline: Ensure default return thunk
 isn't used at runtime"

The following commit has been merged into the x86/bugs branch of tip:

Commit-ID:     08ec7e82c1e3ebcd79ab8d2d0d11faad0f07e71c
Gitweb:        https://git.kernel.org/tip/08ec7e82c1e3ebcd79ab8d2d0d11faad0f07e71c
Author:        Borislav Petkov (AMD) <bp@...en8.de>
AuthorDate:    Thu, 19 Oct 2023 11:04:27 +02:00
Committer:     Borislav Petkov (AMD) <bp@...en8.de>
CommitterDate: Thu, 19 Oct 2023 11:08:22 +02:00

Revert "x86/retpoline: Ensure default return thunk isn't used at runtime"

This reverts commit 91174087dcc7565d8bf0d576544e42d5b1de6f39.

It turns out that raising an undefined opcode exception due to unpatched
return thunks is not visible to users in every possible scenario (not
being able to catch dmesg, slow console, etc.).

Thus, it is not very friendly to them when the box explodes without even
saying why.

Revert for now until a better solution has been devised.

Signed-off-by: Borislav Petkov (AMD) <bp@...en8.de>
Cc: David Kaplan <david.kaplan@....com>
Link: https://lore.kernel.org/r/20231018175531.GEZTAcE2p92U1AuVp1@fat_crate.local
---
 arch/x86/lib/retpoline.S | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S
index fe05c13..6376d01 100644
--- a/arch/x86/lib/retpoline.S
+++ b/arch/x86/lib/retpoline.S
@@ -356,17 +356,15 @@ SYM_FUNC_END(call_depth_return_thunk)
  * This function name is magical and is used by -mfunction-return=thunk-extern
  * for the compiler to generate JMPs to it.
  *
- * This code is only used during kernel boot.  All
+ * This code is only used during kernel boot or module init.  All
  * 'JMP __x86_return_thunk' sites are changed to something else by
  * apply_returns().
- *
- * This thunk is turned into a ud2 to ensure it is never used at runtime.
- * Alternative instructions are applied after apply_returns().
  */
 SYM_CODE_START(__x86_return_thunk)
 	UNWIND_HINT_FUNC
 	ANNOTATE_NOENDBR
-	ALTERNATIVE __stringify(ANNOTATE_UNRET_SAFE;ret),"ud2", X86_FEATURE_ALWAYS
+	ANNOTATE_UNRET_SAFE
+	ret
 	int3
 SYM_CODE_END(__x86_return_thunk)
 EXPORT_SYMBOL(__x86_return_thunk)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ