* Dan Williams <dan.j.willi...@intel.com> wrote:
> + /*
> + * Sanitize extra registers of values that a speculation attack
> + * might want to exploit. In the CONFIG_FRAME_POINTER=y case,
> + * the expectation is that %ebp will be clobbered before it
> + * could be used.
> + */
> + .macro CLEAR_EXTRA_REGS_NOSPEC
> + xorq %r15, %r15
> + xorq %r14, %r14
> + xorq %r13, %r13
> + xorq %r12, %r12
> + xorl %ebx, %ebx
> +#ifndef CONFIG_FRAME_POINTER
> + xorl %ebp, %ebp
> +#endif
BTW., is there any reason behind the order of the clearing of these registers?
This ordering seems rather random:
- The canonical register order is: RBX, RBP, R12, R13, R14, R15, which is also
their push-order on the stack.
- The CLEAR_EXTRA_REGS_NOSPEC order appears to be the reverse order
(pop-order),
but with RBX and RBP reversed.
So since this is a 'push side' primitive I'd use the regular (push-) ordering
instead:
.macro CLEAR_EXTRA_REGS_NOSPEC
xorl %ebx, %ebx
xorl %ebp, %ebp
xorq %r12, %r12
xorq %r13, %r13
xorq %r14, %r14
xorq %r15, %r15
It obviously doesn't matter to correctness - only to readability.
There's also a (very) small micro-optimization argument in favor of the regular
order: the earlier registers are more likely to be utilized by C functions, so
the
sooner we clear them, the less potential interaction these clearing
instructions
are going to have with any later use.
Thanks,
Ingo
