All of lore.kernel.org
 help / color / mirror / Atom feed
* [MODERATED] [patch 7/8] [PATCH v1.3.1 7/7] Linux Patch 7
@ 2018-04-13  2:26 konrad.wilk
  0 siblings, 0 replies; only message in thread
From: konrad.wilk @ 2018-04-13  2:26 UTC (permalink / raw)
  To: speck

All of the entry points to the kernel call the SPEC_CTRL macro.
The macro itself is alternative assembly and is nop by default.

This only gets enabled if the user boots Linux with
 mdd=userspace

at which point we will utilize the SPEC_CTRL MSR to enable
memory disambiguation when entering the kernel. And when
exiting to userspace we _disable_ memory disambiguation.

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
v3: s/md/mdd/
 - Expand the commit
---
 arch/x86/entry/entry_64.S        | 14 +++++++++++++-
 arch/x86/entry/entry_64_compat.S |  7 +++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
index 18ed349b4f83..b414c226d9b2 100644
--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -230,6 +230,8 @@ GLOBAL(entry_SYSCALL_64_after_hwframe)
 
 	PUSH_AND_CLEAR_REGS rax=$-ENOSYS
 
+	ENABLE_SPEC_CTRL
+
 	TRACE_IRQS_OFF
 
 	/* IRQs are off. */
@@ -305,6 +307,7 @@ GLOBAL(entry_SYSCALL_64_after_hwframe)
 	 * perf profiles. Nothing jumps here.
 	 */
 syscall_return_via_sysret:
+	DISABLE_SPEC_CTRL
 	/* rcx and r11 are already restored (see code above) */
 	UNWIND_HINT_EMPTY
 	POP_REGS pop_rdi=0 skip_r11rcx=1
@@ -591,6 +594,8 @@ ENTRY(interrupt_entry)
 	UNWIND_HINT_FUNC
 
 	movq	(%rdi), %rdi
+
+	ENABLE_SPEC_CTRL
 1:
 
 	PUSH_AND_CLEAR_REGS save_ret=1
@@ -660,6 +665,7 @@ GLOBAL(swapgs_restore_regs_and_return_to_usermode)
 #endif
 	POP_REGS pop_rdi=0
 
+	DISABLE_SPEC_CTRL
 	/*
 	 * The stack is now user RDI, orig_ax, RIP, CS, EFLAGS, RSP, SS.
 	 * Save old stack pointer and switch to trampoline stack.
@@ -1178,6 +1184,7 @@ ENTRY(paranoid_entry)
 
 1:
 	SAVE_AND_SWITCH_TO_KERNEL_CR3 scratch_reg=%rax save_reg=%r14
+	ENABLE_SPEC_CTRL_SAVE_N_CLOBBER save_reg=%r13d
 
 	ret
 END(paranoid_entry)
@@ -1201,6 +1208,7 @@ ENTRY(paranoid_exit)
 	testl	%ebx, %ebx			/* swapgs needed? */
 	jnz	.Lparanoid_exit_no_swapgs
 	TRACE_IRQS_IRETQ
+	RESTORE_SPEC_CTRL_CLOBBER save_reg=%r13d
 	RESTORE_CR3	scratch_reg=%rbx save_reg=%r14
 	SWAPGS_UNSAFE_STACK
 	jmp	.Lparanoid_exit_restore
@@ -1230,6 +1238,7 @@ ENTRY(error_entry)
 	SWAPGS
 	/* We have user CR3.  Change to kernel CR3. */
 	SWITCH_TO_KERNEL_CR3 scratch_reg=%rax
+	ENABLE_SPEC_CTRL_CLOBBER
 
 .Lerror_entry_from_usermode_after_swapgs:
 	/* Put us onto the real thread stack. */
@@ -1291,7 +1300,7 @@ ENTRY(error_entry)
 	 */
 	SWAPGS
 	SWITCH_TO_KERNEL_CR3 scratch_reg=%rax
-
+	ENABLE_SPEC_CTRL
 	/*
 	 * Pretend that the exception came from user mode: set up pt_regs
 	 * as if we faulted immediately after IRET and clear EBX so that
@@ -1392,6 +1401,7 @@ ENTRY(nmi)
 	SWITCH_TO_KERNEL_CR3 scratch_reg=%rdx
 	movq	%rsp, %rdx
 	movq	PER_CPU_VAR(cpu_current_top_of_stack), %rsp
+	ENABLE_SPEC_CTRL
 	UNWIND_HINT_IRET_REGS base=%rdx offset=8
 	pushq	5*8(%rdx)	/* pt_regs->ss */
 	pushq	4*8(%rdx)	/* pt_regs->rsp */
@@ -1626,6 +1636,8 @@ end_repeat_nmi:
 	movq	$-1, %rsi
 	call	do_nmi
 
+	RESTORE_SPEC_CTRL_CLOBBER save_reg=%r13d
+
 	RESTORE_CR3 scratch_reg=%r15 save_reg=%r14
 
 	testl	%ebx, %ebx			/* swapgs needed? */
diff --git a/arch/x86/entry/entry_64_compat.S b/arch/x86/entry/entry_64_compat.S
index 08425c42f8b7..93233a13f4c5 100644
--- a/arch/x86/entry/entry_64_compat.S
+++ b/arch/x86/entry/entry_64_compat.S
@@ -14,6 +14,7 @@
 #include <asm/irqflags.h>
 #include <asm/asm.h>
 #include <asm/smap.h>
+#include <asm/nospec-branch.h>
 #include <linux/linkage.h>
 #include <linux/err.h>
 
@@ -55,6 +56,7 @@ ENTRY(entry_SYSENTER_compat)
 
 	movq	PER_CPU_VAR(cpu_current_top_of_stack), %rsp
 
+	ENABLE_SPEC_CTRL
 	/*
 	 * User tracing code (ptrace or signal handlers) might assume that
 	 * the saved RAX contains a 32-bit number when we're invoking a 32-bit
@@ -140,6 +142,7 @@ ENTRY(entry_SYSENTER_compat)
 	/* XEN PV guests always use IRET path */
 	ALTERNATIVE "testl %eax, %eax; jz .Lsyscall_32_done", \
 		    "jmp .Lsyscall_32_done", X86_FEATURE_XENPV
+	DISABLE_SPEC_CTRL
 	jmp	sysret32_from_system_call
 
 .Lsysenter_fix_flags:
@@ -244,6 +247,7 @@ GLOBAL(entry_SYSCALL_compat_after_hwframe)
 	pushq   $0			/* pt_regs->r15 = 0 */
 	xorl	%r15d, %r15d		/* nospec   r15 */
 
+	ENABLE_SPEC_CTRL
 	/*
 	 * User mode is traced as though IRQs are on, and SYSENTER
 	 * turned them off.
@@ -259,6 +263,7 @@ GLOBAL(entry_SYSCALL_compat_after_hwframe)
 	/* Opportunistic SYSRET */
 sysret32_from_system_call:
 	TRACE_IRQS_ON			/* User mode traces as IRQs on. */
+	DISABLE_SPEC_CTRL
 	movq	RBX(%rsp), %rbx		/* pt_regs->rbx */
 	movq	RBP(%rsp), %rbp		/* pt_regs->rbp */
 	movq	EFLAGS(%rsp), %r11	/* pt_regs->flags (in r11) */
@@ -390,6 +395,8 @@ ENTRY(entry_INT80_compat)
 	xorl	%r15d, %r15d		/* nospec   r15 */
 	cld
 
+	ENABLE_SPEC_CTRL_CLOBBER
+
 	/*
 	 * User mode is traced as though IRQs are on, and the interrupt
 	 * gate turned them off.
-- 
2.14.3

^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2018-04-18 14:15 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-13  2:26 [MODERATED] [patch 7/8] [PATCH v1.3.1 7/7] Linux Patch 7 konrad.wilk

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.