lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAADnVQJ2zm7BRb3SuwcmCQ5SBULznbUq777vMCHkm9UbPkaAbQ@mail.gmail.com>
Date: Tue, 2 Sep 2025 09:04:51 -0700
From: Alexei Starovoitov <alexei.starovoitov@...il.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: X86 ML <x86@...nel.org>, "H. Peter Anvin" <hpa@...or.com>, Kees Cook <kees@...nel.org>, 
	alyssa.milburn@...el.com, scott.d.constable@...el.com, 
	Joao Moreira <joao@...rdrivepizza.com>, Andrew Cooper <andrew.cooper3@...rix.com>, 
	Sami Tolvanen <samitolvanen@...gle.com>, Nathan Chancellor <nathan@...nel.org>, 
	Masami Hiramatsu <mhiramat@...nel.org>, ojeda@...nel.org, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2] x86,ibt: Use UDB instead of 0xEA

On Tue, Sep 2, 2025 at 1:19 AM Peter Zijlstra <peterz@...radead.org> wrote:
>
>
> Because this is all somewhat magical code, and this change is a little
> on the large side, it as been suggested I 'upgrade' the Changelog some.
>
> On Mon, Sep 01, 2025 at 09:13:07PM +0200, Peter Zijlstra wrote:
> >
> > A while ago [0] FineIBT started using the 0xEA instruction to raise #UD.
> > All existing parts will generate #UD in 64bit mode on that instruction.
> >
> > However; Intel/AMD have not blessed using this instruction, it is on
> > their 'reserved' opcode list for future use.
> >
> > Peter Anvin worked the committees and got use of 0xD6 blessed, it
> > shall be called UDB (per the next SDM or so), and it being a single
> > byte instruction is easy to slip into a single byte immediate -- as
> > is done by this very patch.
> >
> > Reworking the FineIBT code to use UDB wasn't entirely trivial. Notably
> > the FineIBT-BHI1 case ran out of bytes. In order to condense the
> > encoding some it was required to move the hash register from R10D to
> > EAX (thanks hpa!).
> >
> > Per the x86_64 ABI, RAX is used to pass the number of vector registers
> > for vararg function calls -- something that should not happen in the
> > kernel. More so, the kernel is built with -mskip-rax-setup, which
> > should leave RAX completely unused, allowing its re-use.
>
>  [ For BPF; while the bpf2bpf tail-call uses RAX in its calling
>    convention, that does not use CFI and is unaffected. Only the
>    'regular' C->BPF transition is covered by CFI. ]

I cannot comprehend the new scheme, but thanks for heads up.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ