From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eu-smtp-delivery-151.mimecast.com (eu-smtp-delivery-151.mimecast.com [185.58.85.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3D3CA10E8 for ; Tue, 17 May 2022 08:48:51 +0000 (UTC) Received: from AcuMS.aculab.com (156.67.243.121 [156.67.243.121]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id uk-mta-34-6UbOAxNsPEi7Kzwns5WYfw-1; Tue, 17 May 2022 09:48:49 +0100 X-MC-Unique: 6UbOAxNsPEi7Kzwns5WYfw-1 Received: from AcuMS.Aculab.com (fd9f:af1c:a25b:0:994c:f5c2:35d6:9b65) by AcuMS.aculab.com (fd9f:af1c:a25b:0:994c:f5c2:35d6:9b65) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Tue, 17 May 2022 09:48:41 +0100 Received: from AcuMS.Aculab.com ([fe80::994c:f5c2:35d6:9b65]) by AcuMS.aculab.com ([fe80::994c:f5c2:35d6:9b65%12]) with mapi id 15.00.1497.036; Tue, 17 May 2022 09:48:41 +0100 From: David Laight To: 'Peter Zijlstra' , Kees Cook CC: Sami Tolvanen , "linux-kernel@vger.kernel.org" , Josh Poimboeuf , "x86@kernel.org" , Catalin Marinas , Will Deacon , Mark Rutland , "Nathan Chancellor" , Nick Desaulniers , Joao Moreira , Sedat Dilek , Steven Rostedt , "linux-hardening@vger.kernel.org" , "linux-arm-kernel@lists.infradead.org" , "llvm@lists.linux.dev" Subject: RE: [RFC PATCH v2 20/21] x86: Add support for CONFIG_CFI_CLANG Thread-Topic: [RFC PATCH v2 20/21] x86: Add support for CONFIG_CFI_CLANG Thread-Index: AQHYacnJgt4N7xLw0EK8voqNmmoVIa0iwPIw Date: Tue, 17 May 2022 08:48:41 +0000 Message-ID: References: <20220513202159.1550547-1-samitolvanen@google.com> <20220513202159.1550547-21-samitolvanen@google.com> <20220516183047.GM76023@worktop.programming.kicks-ass.net> <202205161531.3339CA95@keescook> In-Reply-To: Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.202.205.107] Precedence: bulk X-Mailing-List: llvm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=C51A453 smtp.mailfrom=david.laight@aculab.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: aculab.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable From: Peter Zijlstra > Sent: 17 May 2022 09:41 ... > > If we use %eax instead of %r10d for the hash transfer (as per Joao), an= d > > use int3 instead of ud2, then we can shrink the fineibt sequence to: > > > > __cfi_\func: > > =09endbr=09=09=09=09# 4 > > =09xorl=09$0x12345678, %eax=09# 5 > > =09jz=091f=09=09=09# 2 > > =09int3=09=09=09=09# 1 > > \func: > > =09... > > > > Which is 12 bytes, and needs a larger preamble (up from 9 in the curren= t > > proposal). >=20 > On all that; perhaps it would be good to have a compiler option to > specify the preamble size. It can enforce the minimum at 7 to have at > least the required: >=20 > =09movl $0x12345678, %eax > =09int3 > =09int3 >=20 > but any larger number will just increase the preamble with int3 padding > at the top. >=20 > That can go right along with the option to supress endbr when preamble > :-) You also need a compiler option to specify the register. While (I think) %eax is usable in kernel, it isn't in userspace. It is used in varargs calls to pass (IIRC) the number of fp args that are passed in registers. (I can't remember which registers userspace has reserved for the PLT code? - That might include r10??) =09David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1= PT, UK Registration No: 1397386 (Wales) From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 00364C433F5 for ; Tue, 17 May 2022 08:50:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:In-Reply-To:References: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=3T/CPWzbnjW4RglVROcnbMvrskfFOqjNxQstqX8eVJ4=; b=odO1k7YNQ/6Vf0 Lb172fucVxS8CC8WqrfYvEmNMKvyhlj4Wr7Srl64pTRqFXn6q2gAnT8PLstOZtyul6cx1GIIEZlcL 4nlQifL9URhoFSO/qzj5vJyXB5B4xmAq5DnfMpfosl2nfqajGZbWB5MKOW0ntj224x1TaQwU7N3dz 2+6XFlVMjuqrRlxKWSbL90XhYk/Gj4UyMu46DXEOwENeuIQZv3TOCqRvIEqfWCX6OPRBacZme/8VK cAiUgX4PzPQ1y6xt421WebbnKcROv9LRb8z1X+JWYSTw/Xv22pxSO4jkRaFA/ZAhWadbs/RTnCB/g yS/YJYynpBMYLP78YqRA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nqst0-00CZ1O-LX; Tue, 17 May 2022 08:48:58 +0000 Received: from eu-smtp-delivery-151.mimecast.com ([185.58.85.151]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nqssw-00CYxg-Qp for linux-arm-kernel@lists.infradead.org; Tue, 17 May 2022 08:48:56 +0000 Received: from AcuMS.aculab.com (156.67.243.121 [156.67.243.121]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id uk-mta-34-6UbOAxNsPEi7Kzwns5WYfw-1; Tue, 17 May 2022 09:48:49 +0100 X-MC-Unique: 6UbOAxNsPEi7Kzwns5WYfw-1 Received: from AcuMS.Aculab.com (fd9f:af1c:a25b:0:994c:f5c2:35d6:9b65) by AcuMS.aculab.com (fd9f:af1c:a25b:0:994c:f5c2:35d6:9b65) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Tue, 17 May 2022 09:48:41 +0100 Received: from AcuMS.Aculab.com ([fe80::994c:f5c2:35d6:9b65]) by AcuMS.aculab.com ([fe80::994c:f5c2:35d6:9b65%12]) with mapi id 15.00.1497.036; Tue, 17 May 2022 09:48:41 +0100 From: David Laight To: 'Peter Zijlstra' , Kees Cook CC: Sami Tolvanen , "linux-kernel@vger.kernel.org" , Josh Poimboeuf , "x86@kernel.org" , Catalin Marinas , Will Deacon , Mark Rutland , "Nathan Chancellor" , Nick Desaulniers , Joao Moreira , Sedat Dilek , Steven Rostedt , "linux-hardening@vger.kernel.org" , "linux-arm-kernel@lists.infradead.org" , "llvm@lists.linux.dev" Subject: RE: [RFC PATCH v2 20/21] x86: Add support for CONFIG_CFI_CLANG Thread-Topic: [RFC PATCH v2 20/21] x86: Add support for CONFIG_CFI_CLANG Thread-Index: AQHYacnJgt4N7xLw0EK8voqNmmoVIa0iwPIw Date: Tue, 17 May 2022 08:48:41 +0000 Message-ID: References: <20220513202159.1550547-1-samitolvanen@google.com> <20220513202159.1550547-21-samitolvanen@google.com> <20220516183047.GM76023@worktop.programming.kicks-ass.net> <202205161531.3339CA95@keescook> In-Reply-To: Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.202.205.107] MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=C51A453 smtp.mailfrom=david.laight@aculab.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: aculab.com Content-Language: en-US X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220517_014855_171544_ED3BA688 X-CRM114-Status: GOOD ( 14.82 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Peter Zijlstra > Sent: 17 May 2022 09:41 ... > > If we use %eax instead of %r10d for the hash transfer (as per Joao), and > > use int3 instead of ud2, then we can shrink the fineibt sequence to: > > > > __cfi_\func: > > endbr # 4 > > xorl $0x12345678, %eax # 5 > > jz 1f # 2 > > int3 # 1 > > \func: > > ... > > > > Which is 12 bytes, and needs a larger preamble (up from 9 in the current > > proposal). > > On all that; perhaps it would be good to have a compiler option to > specify the preamble size. It can enforce the minimum at 7 to have at > least the required: > > movl $0x12345678, %eax > int3 > int3 > > but any larger number will just increase the preamble with int3 padding > at the top. > > That can go right along with the option to supress endbr when preamble > :-) You also need a compiler option to specify the register. While (I think) %eax is usable in kernel, it isn't in userspace. It is used in varargs calls to pass (IIRC) the number of fp args that are passed in registers. (I can't remember which registers userspace has reserved for the PLT code? - That might include r10??) David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales) _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel