[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240411150808.ukeoq54nrjtdd65g@treble>
Date: Thu, 11 Apr 2024 08:08:08 -0700
From: Josh Poimboeuf <jpoimboe@...nel.org>
To: Nikolay Borisov <nik.borisov@...e.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
Linus Torvalds <torvalds@...ux-foundation.org>,
Daniel Sneddon <daniel.sneddon@...ux.intel.com>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
Thomas Gleixner <tglx@...utronix.de>,
Alexandre Chartre <alexandre.chartre@...cle.com>,
Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
Peter Zijlstra <peterz@...radead.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Sean Christopherson <seanjc@...gle.com>,
Andrew Cooper <andrew.cooper3@...rix.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
KP Singh <kpsingh@...nel.org>, Waiman Long <longman@...hat.com>,
Borislav Petkov <bp@...en8.de>
Subject: Re: [PATCH 5/7] x86/bugs: Only harden syscalls when needed
On Thu, Apr 11, 2024 at 09:20:17AM +0300, Nikolay Borisov wrote:
> On 11.04.24 г. 8:40 ч., Josh Poimboeuf wrote:
> > Syscall hardening (i.e., converting the syscall indirect branch to a
> > series of direct branches) may cause performance regressions in certain
> > scenarios. Only use the syscall hardening when indirect branches are
> > considered unsafe.
> >
> > Fixes: 1e3ad78334a6 ("x86/syscall: Don't force use of indirect calls for system calls")
> > Signed-off-by: Josh Poimboeuf <jpoimboe@...nel.org>
>
> Why fiddle with syscall mechanism if the bhb scrubbing sequence mitigates
> bhb? AFAIU (correct me if I'm wrong) the original idea was to have use
> syscall hardening instead of the BHB sequence but since it became clear
> that's not sufficient bhb scrubbing completely subsumes the direct branch
> approach in the syscall handler?
I agree, but I think Linus wanted it for some reason. I might not have
gotten the X86_FEATURE_INDIRECT_SAFE conditions right, maybe Linus can
clarify.
I'm going to experiment with having objtool find all indirect branches
reachable 66 branches from syscall entry. If we converted all those to
direct branches then the SW loop wouldn't be needed.
But until then I don't see much point in the syscall direct branches.
We could just disable it completely until if/when it's really needed.
--
Josh
Powered by blists - more mailing lists