From mboxrd@z Thu Jan 1 00:00:00 1970 Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751228AbeAEKtv (ORCPT + 1 other); Fri, 5 Jan 2018 05:49:51 -0500 Received: from mail-io0-f178.google.com ([209.85.223.178]:45666 "EHLO mail-io0-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750927AbeAEKtt (ORCPT ); Fri, 5 Jan 2018 05:49:49 -0500 X-Google-Smtp-Source: ACJfBouB3uemZq8/hx4qYFhtOgeXiKVXFr5i7q2ijTmlLjb+0EpNfMPbcWgtU6AAwLsY14YnnWwkXw== Date: Fri, 5 Jan 2018 02:49:44 -0800 From: Paul Turner To: Andy Lutomirski Cc: "Woodhouse, David" , "Van De Ven, Arjan" , "linux-kernel@vger.kernel.org" , "tim.c.chen@linux.intel.com" , "peterz@infradead.org" , "torvalds@linux-foundation.org" , "tglx@linuxtronix.de" , "riel@redhat.com" , "keescook@google.com" , "gnomes@lxorguk.ukuu.org.uk" , "dave.hansen@intel.com" , "jikos@kernel.org" , "gregkh@linux-foundation.org" Subject: Re: [RFC] Retpoline: Binary mitigation for branch-target-injection (aka "Spectre") Message-ID: <20180105104944.GB253582@google.com> References: <1515058213.12987.89.camel@amazon.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Thu, Jan 04, 2018 at 08:18:57AM -0800, Andy Lutomirski wrote: > On Thu, Jan 4, 2018 at 1:30 AM, Woodhouse, David wrote: > > On Thu, 2018-01-04 at 01:10 -0800, Paul Turner wrote: > >> Apologies for the discombobulation around today's disclosure. Obviously the > >> original goal was to communicate this a little more coherently, but the > >> unscheduled advances in the disclosure disrupted the efforts to pull this > >> together more cleanly. > >> > >> I wanted to open discussion the "retpoline" approach and and define its > >> requirements so that we can separate the core > >> details from questions regarding any particular implementation thereof. > >> > >> As a starting point, a full write-up describing the approach is available at: > >> https://support.google.com/faqs/answer/7625886 > > > > Note that (ab)using 'ret' in this way is incompatible with CET on > > upcoming processors. HJ added a -mno-indirect-branch-register option to > > the latest round of GCC patches, which puts the branch target in a > > register instead of on the stack. My kernel patches (which I'm about to > > reconcile with Andi's tweaks and post) do the same. > > > > That means that in the cases where at runtime we want to ALTERNATIVE > > out the retpoline, it just turns back into a bare 'jmp *\reg'. > > > > > > I hate to say this, but I think Intel should postpone CET until the > dust settles. Intel should also consider a hardware-protected stack > that is only accessible with PUSH, POP, CALL, RET, and a new MOVSTACK > instruction. That, by itself, would give considerable protection. > But we still need JMP_NO_SPECULATE. Or, better yet, get the CPU to > stop leaking data during speculative execution. Echoing Andy's thoughts, but from a slightly different angle: 1) BTI is worse than the current classes of return attack. Given this, considered as a binary choice, it's equivalent to the current state of the world (e.g. no CET). 2) CET will not be "free". I suspect in its initial revisions it will be more valuable for protecting end-users then enterprise workloads (cost is not observable for interactive workloads because there's tons of headroom in the first place). While the potential incompatibility is unfortunate; I'm not sure it makes a significant adoption to the adoption rate of CET.