From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE, SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EDCB4C433E0 for ; Thu, 18 Jun 2020 17:46:38 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id C1D62207E8 for ; Thu, 18 Jun 2020 17:46:38 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=xen.org header.i=@xen.org header.b="v6d4jRcY" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C1D62207E8 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=xen.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jlycG-0004Mi-Io; Thu, 18 Jun 2020 17:46:20 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jlycE-0004Md-RI for xen-devel@lists.xenproject.org; Thu, 18 Jun 2020 17:46:18 +0000 X-Inumbo-ID: 9cd39b0c-b18b-11ea-bad6-12813bfff9fa Received: from mail.xenproject.org (unknown [104.130.215.37]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 9cd39b0c-b18b-11ea-bad6-12813bfff9fa; Thu, 18 Jun 2020 17:46:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:Content-Type:In-Reply-To: MIME-Version:Date:Message-ID:From:References:Cc:To:Subject:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=VBX4pk3vzbZUK3ycpONoacX6vu9VZUWAfcvVsS1/NiI=; b=v6d4jRcYa9tJh3hs5BngBPWAZ2 GlqtY6KQPcKp9Lb4zgu+FX8M6whInSDGRoDS2cQxV0R0v8/bgpWW96ZjddAA+LM/RD6i0LqCr0iZ4 ZuIH9J3b8hhAbKlY+QXVd6b7n/H8Cl/T73B6TajsT8WElsbEJ+R7b8fMjlv1ZyhKUKPM=; Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jlyc6-0006HA-9q; Thu, 18 Jun 2020 17:46:10 +0000 Received: from 54-240-197-234.amazon.com ([54.240.197.234] helo=a483e7b01a66.ant.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1jlyc6-0000VK-2c; Thu, 18 Jun 2020 17:46:10 +0000 Subject: Re: [PATCH 2/2] xen/arm: Mitigate straight-line speculation for SMC call To: security@xenproject.org References: <20200616175913.7368-1-julien@xen.org> <20200616175913.7368-3-julien@xen.org> From: Julien Grall Message-ID: <0ae27312-f8ab-e3b6-fbaa-a4aba4905405@xen.org> Date: Thu, 18 Jun 2020 18:46:07 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 MIME-Version: 1.0 In-Reply-To: <20200616175913.7368-3-julien@xen.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-GB Content-Transfer-Encoding: 7bit X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: sstabellini@kernel.org, paul@xen.org, Andre.Przywara@arm.com, Julien Grall , Bertrand.Marquis@arm.com, xen-devel@lists.xenproject.org, Volodymyr_Babchuk@epam.com Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" On 16/06/2020 18:59, Julien Grall wrote: > From: Julien Grall > > SMC call will update some of registers (typically only x0) depending on > the arguments provided. > > Some CPUs can speculate past a SMC instruction and potentially perform > speculative access to emrmoy using the pre-call values before executing > the SMC. > > There is no known gadget available after the SMC call today. However > some of the registers may contain values from the guest and are expected > to be updated by the SMC call. > > In order to harden the code, it would be better to prevent straight-line > speculation from an SMC. Architecturally executing the speculation > barrier after every SMC can be rather expensive (particularly on core > not SB). Therefore we want to mitigate it diferrently: > > * For arm_smccc_1_0_smc, we can avoid a speculation barrier right > after the SMC instruction and instead rely on the one after eret. > * For arm_smccc_1_1_smc, we can place a B instruction after the SMC > instruction to skip the barrier. > > Note that arm_smccc_1_0_smc version on arm32 is just an alias to > arm_smccc_1_1_smc. > > Note that no speculation barrier has been added after the SMC > instruction in arm64/entry.S. This is fine because the call is not > expected to modify any registers. So straight-line speculation doesn't > matter. > > Signed-off-by: Julien Grall > > --- > > Note this hasn't been vetted by Arm but they are using the same > sort of mitigation for blr. So I am quite confident this could do the > trick. Actually there is some unknown on whether this may introduce issue on other sort of speculation. As there is no known reveal gadge after the SMC call and this is only about prevention, I will withdraw this patch for the time being. Patch #1 is still valid though. Cheers, -- Julien Grall