From: Borislav Petkov <bp@suse.de>
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Andy Lutomirski <luto@amacapital.net>,
Brian Gerst <brgerst@gmail.com>,
the arch/x86 maintainers <x86@kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Ingo Molnar <mingo@kernel.org>,
Denys Vlasenko <dvlasenk@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH] x86: static_cpu_has_safe: discard dynamic check after init
Date: Fri, 22 Jan 2016 11:32:17 +0100 [thread overview]
Message-ID: <20160122103217.GA9306@pd.tnic> (raw)
In-Reply-To: <56A16BAC.2030405@zytor.com>
On Thu, Jan 21, 2016 at 03:37:16PM -0800, H. Peter Anvin wrote:
> Maybe a label attribute would help, I don't know.
Here's another version which works, not really better though:
Change is this:
---
+ asm_volatile_goto(ALTERNATIVE("", "jmp %l[t_fixup_ss]",
+ X86_BUG_SYSRET_SS_ATTRS)
+ : : : : t_fixup_ss);
+
+ return prev_p;
+
+t_fixup_ss:
<snip comment>
+ savesegment(ss, ss_sel);
+ if (ss_sel != __KERNEL_DS)
+ loadsegment(ss, __KERNEL_DS);
return prev_p;
---
with two "return prev_p" with the hope that gcc won't generate a second
JMP back to the frame restore and ret code. But, nah, it does.
vmlinux:
ffffffff8100472a: 90 nop
ffffffff8100472b: 90 nop
ffffffff8100472c: 90 nop
ffffffff8100472d: 90 nop
ffffffff8100472e: 90 nop
ffffffff8100472f: 48 83 c4 18 add $0x18,%rsp
ffffffff81004733: 4c 89 e0 mov %r12,%rax
ffffffff81004736: 5b pop %rbx
ffffffff81004737: 41 5c pop %r12
ffffffff81004739: 41 5d pop %r13
ffffffff8100473b: 41 5e pop %r14
ffffffff8100473d: 41 5f pop %r15
ffffffff8100473f: 5d pop %rbp
ffffffff81004740: c3 retq
after patching on an X86_BUG_SYSRET_SS_ATTRS CPU:
[ 0.264007] apply_alternatives: feat: 16*32+8, old: (ffffffff8100472a, len: 5), repl: (ffffffff81de4e05, len: 5), pad: 5
[ 0.268005] ffffffff8100472a: old_insn: 90 90 90 90 90
[ 0.273510] ffffffff81de4e05: rpl_insn: e9 68 f9 21 ff
[ 0.277496] recompute_jump: target RIP: ffffffff81004772, new_displ: 0x48
[ 0.280005] recompute_jump: final displ: 0x00000046, JMP 0xffffffff81004772
[ 0.283159] ffffffff8100472a: final_insn: eb 46 0f 1f 00
ffffffff8100472a: eb 46 0f 1f 00 jmp ffffffff81004772
ffffffff8100472f: 48 83 c4 18 add $0x18,%rsp
ffffffff81004733: 4c 89 e0 mov %r12,%rax
ffffffff81004736: 5b pop %rbx
ffffffff81004737: 41 5c pop %r12
ffffffff81004739: 41 5d pop %r13
ffffffff8100473b: 41 5e pop %r14
ffffffff8100473d: 41 5f pop %r15
ffffffff8100473f: 5d pop %rbp
ffffffff81004740: c3 retq
so a two-byte JMP jumping to:
ffffffff81004772: 66 8c d0 mov %ss,%ax
ffffffff81004775: 66 83 f8 18 cmp $0x18,%ax
ffffffff81004779: 74 b4 je ffffffff8100472f <__switch_to+0x2df>
ffffffff8100477b: b8 18 00 00 00 mov $0x18,%eax
ffffffff81004780: 8e d0 mov %eax,%ss
ffffffff81004782: eb ab jmp ffffffff8100472f <__switch_to+0x2df>
which does the fixup and jumps back to ...472f which restores the frame
and returns.
I wish I could be able to tell gcc to not jump back but add the function
return here too as we don't care about code size in that case.
And it's not like it is really better on !X86_BUG_SYSRET_SS_ATTRS CPUs -
there we have the 5-byte padding NOP being converted to 5-byte one:
[ 0.293164] ffffffff8100472a: [0:5) optimized NOPs: 0f 1f 44 00 00
I need to talk to my gcc guy... :)
--
Regards/Gruss,
Boris.
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
--
next prev parent reply other threads:[~2016-01-22 10:32 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-16 19:22 [PATCH] x86: static_cpu_has_safe: discard dynamic check after init Brian Gerst
2016-01-16 19:36 ` Borislav Petkov
2016-01-16 19:58 ` Brian Gerst
2016-01-17 10:33 ` Borislav Petkov
2016-01-18 16:52 ` Brian Gerst
2016-01-18 17:49 ` Andy Lutomirski
2016-01-18 18:14 ` Borislav Petkov
2016-01-18 18:29 ` Andy Lutomirski
2016-01-18 18:39 ` Borislav Petkov
2016-01-18 19:45 ` H. Peter Anvin
2016-01-18 23:05 ` Borislav Petkov
2016-01-18 23:13 ` H. Peter Anvin
2016-01-18 23:25 ` Borislav Petkov
2016-01-19 13:57 ` Borislav Petkov
2016-01-19 16:23 ` Borislav Petkov
2016-01-19 23:10 ` Borislav Petkov
2016-01-19 23:26 ` Andy Lutomirski
2016-01-19 23:49 ` Boris Petkov
2016-01-20 4:03 ` H. Peter Anvin
2016-01-20 10:33 ` Borislav Petkov
2016-01-20 10:41 ` H. Peter Anvin
2016-01-21 22:14 ` Borislav Petkov
2016-01-21 22:22 ` H. Peter Anvin
2016-01-21 22:56 ` Borislav Petkov
2016-01-21 23:36 ` H. Peter Anvin
2016-01-21 23:37 ` H. Peter Anvin
2016-01-22 10:32 ` Borislav Petkov [this message]
2016-01-18 18:51 ` Borislav Petkov
2016-01-19 1:10 ` Borislav Petkov
2016-01-19 1:33 ` H. Peter Anvin
2016-01-19 9:22 ` Borislav Petkov
2016-01-20 4:02 ` H. Peter Anvin
2016-01-20 4:39 ` Brian Gerst
2016-01-20 4:42 ` H. Peter Anvin
2016-01-20 10:50 ` Borislav Petkov
2016-01-20 10:55 ` H. Peter Anvin
2016-01-20 11:05 ` Borislav Petkov
2016-01-20 14:48 ` H. Peter Anvin
2016-01-20 15:01 ` Borislav Petkov
2016-01-20 15:09 ` H. Peter Anvin
2016-01-20 16:04 ` Borislav Petkov
2016-01-20 16:16 ` H. Peter Anvin
2016-01-23 6:50 [PATCH] x86/head_64.S: do not use temporary register to check alignment Alexander Kuleshov
2016-01-26 9:31 ` Borislav Petkov
2016-01-26 21:12 [PATCH 00/10] tip-queue 2016-01-26, rest Borislav Petkov
2016-01-26 21:12 ` [PATCH 01/10] x86/asm: Add condition codes clobber to memory barrier macros Borislav Petkov
2016-01-26 21:12 ` [PATCH 02/10] x86/asm: Drop a comment left over from X86_OOSTORE Borislav Petkov
2016-01-26 21:12 ` [PATCH 03/10] x86/asm: Tweak the comment about wmb() use for IO Borislav Petkov
2016-01-26 21:12 ` [PATCH 04/10] x86/cpufeature: Carve out X86_FEATURE_* Borislav Petkov
2016-01-30 13:18 ` [tip:x86/asm] " tip-bot for Borislav Petkov
2016-01-26 21:12 ` [PATCH 05/10] x86/cpufeature: Replace the old static_cpu_has() with safe variant Borislav Petkov
2016-01-30 13:19 ` [tip:x86/asm] " tip-bot for Borislav Petkov
2016-01-26 21:12 ` [PATCH 06/10] x86/cpufeature: Get rid of the non-asm goto variant Borislav Petkov
2016-01-27 3:36 ` Brian Gerst
2016-01-27 8:41 ` Borislav Petkov
2016-01-27 8:43 ` [PATCH -v1.1 " Borislav Petkov
2016-01-30 13:19 ` [tip:x86/asm] " tip-bot for Borislav Petkov
2016-01-27 8:45 ` [PATCH -v1.1 8/10] x86/alternatives: Discard dynamic check after init Borislav Petkov
2016-01-30 13:20 ` [tip:x86/asm] " tip-bot for Brian Gerst
2016-01-26 21:12 ` [PATCH 07/10] x86/alternatives: Add an auxilary section Borislav Petkov
2016-01-30 13:19 ` [tip:x86/asm] " tip-bot for Borislav Petkov
2016-01-26 21:12 ` [PATCH 08/10] x86/alternatives: Discard dynamic check after init Borislav Petkov
2016-01-26 21:12 ` [PATCH 09/10] x86/vdso: Use static_cpu_has() Borislav Petkov
2016-01-30 13:20 ` [tip:x86/asm] " tip-bot for Borislav Petkov
2016-01-26 21:12 ` [PATCH 10/10] x86/head_64: Simplify kernel load address alignment check Borislav Petkov
2016-01-30 13:20 ` [tip:x86/boot] x86/boot: " tip-bot for Alexander Kuleshov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160122103217.GA9306@pd.tnic \
--to=bp@suse.de \
--cc=brgerst@gmail.com \
--cc=dvlasenk@redhat.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).