From: Andy Lutomirski <luto@kernel.org>
To: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
Borislav Petkov <bp@alien8.de>,
Dominik Brodowski <linux@dominikbrodowski.net>
Subject: Re: [PATCH] x86/entry/64/compat: Preserve r8-r11 in int $0x80
Date: Wed, 18 Apr 2018 09:53:16 -0700 [thread overview]
Message-ID: <CALCETrU3KLXwToBTOTnHpKrUhENFUVFJbWxfiPMbs2iQHoDDZA@mail.gmail.com> (raw)
In-Reply-To: <cd1a4b8c-dd8e-d88d-c154-fcf02aca5d74@redhat.com>
On Tue, Apr 17, 2018 at 8:00 AM, Denys Vlasenko <dvlasenk@redhat.com> wrote:
> This means that the new behavior is there for some 8 years already.
> Whoever was impacted by it, probably already switched to the new ABI.
>
> Current ABI is "weaker", it allows kernel to save fewer registers.
>
> Which is generally a good thing, since saving/restoring things cost
> cycles, and sometimes painful on entry paths where you may desperately
> need a scratch register or two. (Recall this one? -
> ...
> movq %rsp, PER_CPU_VAR(rsp_scratch)
> movq PER_CPU_VAR(cpu_current_top_of_stack), %rsp
> /* Construct struct pt_regs on stack */
> pushq $__USER_DS /* pt_regs->ss */
> pushq PER_CPU_VAR(rsp_scratch) /* pt_regs->sp */
> ...
> wouldn't it be _great_ if one of GPRs would be available here
> to hold userspace %rsp?
> )
But this is the int $0x80 entry, which uses the stack sanely and
doesn't have this problem at all.
>
> If userspace needs some registers saved, it's trivial for it to have:
>
> push reg1
> push reg2
> int 0x80
> pop reg2
> pop reg1
>
> OTOH if userspace _does not_ need some registers saved,
> but they are defined as saved by the entrypoint ABI, then save/restore work
> is done every time, even when not needed.
>
> Thus, I propose to retain the current behavior.
The problems are:
1. If you look up how to do int $0x80, every answer you get doesn't
mention any clobbers. The code works on x86_32 and seems to work on
x86_64. I think we should make it actually work.
2. It's very easy to make this mistake and get away with it for a long
time, and the failure modes are hard to debug. gcc doesn't allocate
r8..r11 that often, and there are plenty of contexts (near end of a
leaf function) where r8..r11 are dead even if they were allocated. So
there is probably a decent body of code out there that makes this
mistake and is okay for now. But if anyone ever compiles it with LTO,
it's reasonably likely to go boom.
So I think we should fix it in the interest of avoiding weird bugs.
next prev parent reply other threads:[~2018-04-18 16:53 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-17 14:36 [PATCH] x86/entry/64/compat: Preserve r8-r11 in int $0x80 Andy Lutomirski
2018-04-17 15:00 ` Denys Vlasenko
2018-04-18 16:53 ` Andy Lutomirski [this message]
2018-04-18 17:13 ` Denys Vlasenko
2018-04-23 12:50 ` Borislav Petkov
2018-04-27 15:12 ` [tip:x86/pti] " tip-bot for Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALCETrU3KLXwToBTOTnHpKrUhENFUVFJbWxfiPMbs2iQHoDDZA@mail.gmail.com \
--to=luto@kernel.org \
--cc=bp@alien8.de \
--cc=dvlasenk@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.