| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <DS0PR12MB92738D3C38021EE0B693326994E9A@DS0PR12MB9273.namprd12.prod.outlook.com> Date: Thu, 16 Oct 2025 13:27:53 +0000 From: "Kaplan, David" <David.Kaplan@....com> To: Peter Zijlstra <peterz@...radead.org> CC: Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>, Josh Poimboeuf <jpoimboe@...nel.org>, Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>, Ingo Molnar <mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>, "x86@...nel.org" <x86@...nel.org>, "H . Peter Anvin" <hpa@...or.com>, Alexander Graf <graf@...zon.com>, Boris Ostrovsky <boris.ostrovsky@...cle.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: RE: [RFC PATCH 31/56] x86/alternative: Prepend nops with retpolines [AMD Official Use Only - AMD Internal Distribution Only] > -----Original Message----- > From: Peter Zijlstra <peterz@...radead.org> > Sent: Thursday, October 16, 2025 6:23 AM > To: Kaplan, David <David.Kaplan@....com> > Cc: Thomas Gleixner <tglx@...utronix.de>; Borislav Petkov <bp@...en8.de>; Josh > Poimboeuf <jpoimboe@...nel.org>; Pawan Gupta > <pawan.kumar.gupta@...ux.intel.com>; Ingo Molnar <mingo@...hat.com>; Dave > Hansen <dave.hansen@...ux.intel.com>; x86@...nel.org; H . Peter Anvin > <hpa@...or.com>; Alexander Graf <graf@...zon.com>; Boris Ostrovsky > <boris.ostrovsky@...cle.com>; linux-kernel@...r.kernel.org > Subject: Re: [RFC PATCH 31/56] x86/alternative: Prepend nops with retpolines > > Caution: This message originated from an External Source. Use proper caution > when opening attachments, clicking links, or responding. > > > On Thu, Oct 16, 2025 at 01:07:17PM +0200, Peter Zijlstra wrote: > > On Mon, Oct 13, 2025 at 09:34:19AM -0500, David Kaplan wrote: > > > When patching retpolines, nops may be required for padding such as when > > > turning a 5-byte direct call into a 2-byte indirect call. Previously, > > > these were appended at the end so the code becomes "call *reg;nop;nop;nop" > > > for example. This was fine because it's always going from a larger > > > instruction to a smaller one. > > > > > > But this is a problem if the sequence is transformed from a 2-byte indirect > > > to the 5-byte direct call version at runtime because when the called > > > function returns, it will be in the middle of the 5-byte call instruction. > > > > > > To fix this, prepend the nops instead of appending them. Consequently, the > > > return site of the called function is always the same. > > > > > > > So this results in: > > > > NOP3; call *%r11 > > > > And you're saying a task can be on the other side of that call and then > > return lines up. But what if the task is preempted right after that > > NOP3? > > > > Same for all the alternative patching; what ensures no task is currently > > having a register state that is in the middle of things? > > Ah, I found it, you freeze everything, which puts it at safe points. Yes. In fact, I think you were the one who pointed me in that direction :) Despite the freezer though, this patch is necessary in particular because stop_machine_nmi() uses an indirect branch to run the handler. Which means that while patching is going on, all cores are inside a function which is going to return to after the indirect call site. And so that needs to be the end of the 5 (or 6) byte sequence. --David Kaplan
Powered by blists - more mailing lists