On Mon, Sep 28, 2020 at 08:43:16AM -0700, Yu, Yu-cheng wrote: > On 9/25/2020 11:23 AM, Andrew Cooper wrote: > > On 15/09/2020 12:28, Jarkko Sakkinen wrote: > > > diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S b/arch/x86/entry/vdso/vsgx_enter_enclave.S > > > new file mode 100644 > > > index 000000000000..adbd59d41517 > > > --- /dev/null > > > +++ b/arch/x86/entry/vdso/vsgx_enter_enclave.S > > > @@ -0,0 +1,157 @@ > > > +SYM_FUNC_START(__vdso_sgx_enter_enclave) > > > <snip> > > > +.Lretpoline: > > > + call 2f > > > +1: pause > > > + lfence > > > + jmp 1b > > > +2: mov %rax, (%rsp) > > > + ret > > > > I hate to throw further spanners in the work, but this is not compatible > > with CET, and the user shadow stack work in progress. > > Hi Jarkko, > > These 1: and 2: targets are reached only from these few lines? If they are > direct call/jmp targets, I think it is OK in terms of CET. If they are > reached from an instruction like "jmp *%rax", then we need to put in an > "endbr64". > > Yu-cheng The invocation is over here: /* Load the callback pointer to %rax and invoke it via retpoline. */ mov SGX_ENCLAVE_RUN_USER_HANDLER(%rax), %rax call .Lretpoline /Jarkko
