[PATCH for_v23 v2 0/3] x86/vdso: sgx: Bug fixes for v23

[PATCH for_v23 v2 0/3] x86/vdso: sgx: Bug fixes for v23

[Sean Christopherson]

Cedric pointed out several screw ups in the previous round of bug fixes.

Sean Christopherson (3):
  x86/vdso: sgx: Save untrusted stack before aligning %rsp
  x86/vdso: sgx: Use an extra push to align the stack
  x86/vdso: sgx: Fix unwinder support, again

 arch/x86/entry/vdso/vsgx_enter_enclave.S | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

-- 
2.22.0

[PATCH for_v23 v2 1/3] x86/vdso: sgx: Save untrusted stack before aligning %rsp

[Sean Christopherson]

The untrusted stack is restored from %rbx after the userspace exit
handler, but that only works if %rsp is first saved into %rbx...

Reported-by: Cedric Xing <cedric.xing@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/entry/vdso/vsgx_enter_enclave.S | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S b/arch/x86/entry/vdso/vsgx_enter_enclave.S
index 94f613b53b13..e56737cc9f2c 100644
--- a/arch/x86/entry/vdso/vsgx_enter_enclave.S
+++ b/arch/x86/entry/vdso/vsgx_enter_enclave.S
@@ -137,6 +137,9 @@ ENTRY(__vdso_sgx_enter_enclave)
 	/* Pass the untrusted RSP (at exit) to the callback via %rcx. */
 	mov	%rsp, %rcx
 
+	/* Save the untrusted RSP in %rbx (non-volatile register). */
+	mov	%rsp, %rbx
+
 	/*
 	 * Align stack per x86_64 ABI. Note, %rsp needs to be 16-byte aligned
 	 * _after_ pushing the three parameters on the stack.
-- 
2.22.0

[PATCH for_v23 v2 2/3] x86/vdso: sgx: Use an extra push to align the stack

[Sean Christopherson]

Use a "PUSH reg" instead of "SUB imm32, reg" to align the stack.  The
PUSH is a one-byte opcode, whereas the SUB is a four-byte opcode.

Suggested-by: Cedric Xing <cedric.xing@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/entry/vdso/vsgx_enter_enclave.S | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S b/arch/x86/entry/vdso/vsgx_enter_enclave.S
index e56737cc9f2c..d36043b99dc6 100644
--- a/arch/x86/entry/vdso/vsgx_enter_enclave.S
+++ b/arch/x86/entry/vdso/vsgx_enter_enclave.S
@@ -142,10 +142,10 @@ ENTRY(__vdso_sgx_enter_enclave)
 
 	/*
 	 * Align stack per x86_64 ABI. Note, %rsp needs to be 16-byte aligned
-	 * _after_ pushing the three parameters on the stack.
+	 * _after_ pushing the parameters on the stack, hence the bonus push.
 	 */
 	and	$-0x10, %rsp
-	sub	$0x8, %rsp
+	push	%rax
 
 	/* Push @e, the "return" value and @tcs as params to the callback. */
 	push	0x18(%rbp)
-- 
2.22.0

[PATCH for_v23 v2 3/3] x86/vdso: sgx: Fix unwinder support, again

[Sean Christopherson]

Move the .cfi_endproc directive back to the end of the function where it
belongs, and instead update the Canonical Frame Address to account for
the out-of-line code running in the pre-leave context, i.e. before the
stack frame is popped.

Reported-by: Cedric Xing <cedric.xing@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/entry/vdso/vsgx_enter_enclave.S | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S b/arch/x86/entry/vdso/vsgx_enter_enclave.S
index d36043b99dc6..c6ca6e6031b6 100644
--- a/arch/x86/entry/vdso/vsgx_enter_enclave.S
+++ b/arch/x86/entry/vdso/vsgx_enter_enclave.S
@@ -113,7 +113,9 @@ ENTRY(__vdso_sgx_enter_enclave)
 	leave
 	.cfi_def_cfa		%rsp, 8
 	ret
-	.cfi_endproc
+
+	/* The out-of-line code runs with the pre-leave stack frame. */
+	.cfi_def_cfa		%rbp, 16
 
 .Linvalid_leaf:
 	mov	$(-EINVAL), %eax
@@ -178,6 +180,7 @@ ENTRY(__vdso_sgx_enter_enclave)
 	jmp	1b
 2:	mov	%rax, (%rsp)
 	ret
+	.cfi_endproc
 
 _ASM_VDSO_EXTABLE_HANDLE(.Lenclu_eenter_eresume, .Lhandle_exception)
 
-- 
2.22.0