linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Lai Jiangshan <jiangshanlai@gmail.com>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: LKML <linux-kernel@vger.kernel.org>,
	Borislav Petkov <bp@alien8.de>,
	Peter Zijlstra <peterz@infradead.org>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Andy Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>,
	Lai Jiangshan <jiangshan.ljs@antgroup.com>,
	Ingo Molnar <mingo@redhat.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	"H. Peter Anvin" <hpa@zytor.com>, Joerg Roedel <jroedel@suse.de>,
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	"Chang S. Bae" <chang.seok.bae@intel.com>,
	Kees Cook <keescook@chromium.org>
Subject: Re: [PATCH V5 7/7] x86/entry: Use idtentry macro for entry_INT80_compat
Date: Mon, 25 Apr 2022 21:25:18 +0800	[thread overview]
Message-ID: <CAJhGHyAuu6RN-uFsu8XocFLewX1M=c7e+K948meobndXV5PLYQ@mail.gmail.com> (raw)
In-Reply-To: <877d7d31fq.ffs@tglx>

On Mon, Apr 25, 2022 at 6:24 PM Thomas Gleixner <tglx@linutronix.de> wrote:
>
> On Tue, Apr 12 2022 at 20:15, Lai Jiangshan wrote:
> > From: Lai Jiangshan <jiangshan.ljs@antgroup.com>
> >
> > entry_INT80_compat is identical to idtentry macro except a special
> > handling for %rax in the prolog.
>
> Seriously?
>
> > -     pushq   %rsi                    /* pt_regs->si */
> > -     xorl    %esi, %esi              /* nospec   si */
>
> esi is not cleared in CLEAR_REGS. So much for identical.
>
>

Hello, Thomas

Thank you for the review.

They (the old entry_INT80_compat() and the new using the macro
idtentry) are not identical in ASM code.

The macro idtentry pushes %rsi to the entry stack and then copies
it from the entry stack to the kernel stack and then switches
the stack.

The original entry_INT80_compat() is much more straightforward
and efficient.  It switches the stack as soon as possible and
then pushes %rsi directly onto the kernel stack.

So they are different in this aspect.

I compared the macro idtentry and the original entry_INT80_compat(),
to check if the macro idtentry has all the behaviors that the INT80
thing has and check if what the macro idtentry has but the INT80
thing doesn't is a No-op (like the handling of bad IRET).

In my view, the checks don't fail my expectations except for
regs->ax and regs->orig_ax.

As for CLEAR_REGS, I also have reviewed it many times.  To me, it
equals clearing all registers although it doesn't clear ax, sp,
di, si.  In the comments, it says

   The lower registers are likely clobbered well before they could
   be put to use in a speculative execution gadget.

When using CLEAR_REGS for the INT80 thing, the %rsi will be cleared
explicitly when syscall_enter_from_user_mode() which has 2 arguments
is called.

"identical" is overstated. I will change the changelog to say their
behaviors are almost similar and the final result are the same when
the macro idtentry has the prolog.

Thanks
Lai

      reply	other threads:[~2022-04-25 13:25 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-12 12:15 [PATCH V5 0/7] x86/entry: Clean up entry code Lai Jiangshan
2022-04-12 12:15 ` [PATCH V5 1/7] x86/traps: Move pt_regs only in fixup_bad_iret() Lai Jiangshan
2022-04-12 12:15 ` [PATCH V5 2/7] x86/entry: Switch the stack after error_entry() returns Lai Jiangshan
2022-04-12 12:15 ` [PATCH V5 3/7] x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() Lai Jiangshan
2022-04-12 13:26   ` Borislav Petkov
2022-04-12 13:52     ` Lai Jiangshan
2022-04-12 14:30       ` Borislav Petkov
2022-04-13  3:48         ` Lai Jiangshan
2022-04-13  8:39           ` Borislav Petkov
2022-04-12 12:15 ` [PATCH V5 4/7] x86/entry: Move cld to the start of idtentry macro Lai Jiangshan
2022-04-12 12:15 ` [PATCH V5 5/7] x86/entry: Don't call error_entry() for XENPV Lai Jiangshan
2022-04-20 16:32   ` Borislav Petkov
2022-04-12 12:15 ` [PATCH V5 6/7] x86/entry: Convert SWAPGS to swapgs and remove the definition of SWAPGS Lai Jiangshan
2022-04-12 12:15 ` [PATCH V5 7/7] x86/entry: Use idtentry macro for entry_INT80_compat Lai Jiangshan
2022-04-25 10:24   ` Thomas Gleixner
2022-04-25 13:25     ` Lai Jiangshan [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAJhGHyAuu6RN-uFsu8XocFLewX1M=c7e+K948meobndXV5PLYQ@mail.gmail.com' \
    --to=jiangshanlai@gmail.com \
    --cc=bp@alien8.de \
    --cc=chang.seok.bae@intel.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=jiangshan.ljs@antgroup.com \
    --cc=jpoimboe@redhat.com \
    --cc=jroedel@suse.de \
    --cc=keescook@chromium.org \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=peterz@infradead.org \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).