Re: [PATCH v2 1/1] x86/paravirt: write paravirt ident function in assembly

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 14.09.22 18:21, Bill Wendling wrote:

The ZERO_CALL_USED_REGS feature may zero out caller-saved registers
before returning. However, alternate code may call this function without
first saving %[re]di, because the proper clobbers aren't taken into
account.

This shows up in spurious_kernel_fault() where the "pte_offset_kernel()"
call results in this assembly code:

.Ltmp151:
         #APP
         # ALT: oldnstr
.Ltmp152:
.Ltmp153:
.Ltmp154:
         .section        .discard.retpoline_safe,"",@progbits
         .quad   .Ltmp154
         .text

         callq   *pv_ops+536(%rip)

.Ltmp155:
         .section        .parainstructions,"a",@progbits
         .p2align        3, 0x0
         .quad   .Ltmp153
         .byte   67
         .byte   .Ltmp155-.Ltmp153
         .short  1
         .text
.Ltmp156:
         # ALT: padding
         .zero   (-(((.Ltmp157-.Ltmp158)-(.Ltmp156-.Ltmp152))>0))*((.Ltmp157-.Ltmp158)-(.Ltmp156-.Ltmp152)),144
.Ltmp159:
         .section        .altinstructions,"a",@progbits
.Ltmp160:
         .long   .Ltmp152-.Ltmp160
.Ltmp161:
         .long   .Ltmp158-.Ltmp161
         .short  33040
         .byte   .Ltmp159-.Ltmp152
         .byte   .Ltmp157-.Ltmp158
         .text

         .section        .altinstr_replacement,"ax",@progbits
         # ALT: replacement 1
.Ltmp158:
         movq    %rdi, %rax
.Ltmp157:
         .text
         #NO_APP
.Ltmp162:
         testb   $-128, %dil

The %dil register was zeroed out by the call to "*pv_ops+536(%rip)".

In general, the _paravirt_ident_64() function appears like it shouldn't
have any instrumentation or other modifications applied to it. Thus just
write it in assembly to avoid having to continually modify it whenever a
new feature comes along.

Link: https://github.com/KSPP/linux/issues/192
Cc: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
Cc: Juergen Gross <jgross@xxxxxxxx>
Cc: "Srivatsa S. Bhat (VMware)" <srivatsa@xxxxxxxxxxxxx>
Cc: Alexey Makhalov <amakhalov@xxxxxxxxxx>
Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxxxxx>
Cc: Borislav Petkov <bp@xxxxxxxxx>
Cc: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
Cc: "H. Peter Anvin" <hpa@xxxxxxxxx>
Cc: VMware PV-Drivers Reviewers <pv-drivers@xxxxxxxxxx>
Cc: x86@xxxxxxxxxx
Cc: virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
Cc: linux-kernel@xxxxxxxxxxxxxxx
Cc: llvm@xxxxxxxxxxxxxxx
Signed-off-by: Bill Wendling <morbo@xxxxxxxxxx>
Suggested-by: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Reported-and-tested-by: Nathan Chancellor <nathan@xxxxxxxxxx>


Reviewed-by: Juergen Gross <jgross@xxxxxxxx>


Juergen

Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
Virtualization mailing list
Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
[Index of Archives]     [KVM Development]     [Libvirt Development]     [Libvirt Users]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux