Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Ingo Molnar wrote: > [...] so I implemented a real, per function register usage tracking. > > For the x86 defconfig kernel the results are: > > r11: used in 1704 fns, not used in 43310 fns, usage ratio:3.8% > r10: used in 3809 fns, not used in 41205 fns,

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Ingo Molnar wrote: > [...] so I implemented a real, per function register usage tracking. > > For the x86 defconfig kernel the results are: > > r11: used in 1704 fns, not used in 43310 fns, usage ratio:3.8% > r10: used in 3809 fns, not used in 41205 fns, usage ratio:8.5% >

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Mon, Feb 5, 2018 at 7:48 PM, Ingo Molnar wrote: > > * Brian Gerst wrote: > >> On Mon, Feb 5, 2018 at 1:29 PM, Ingo Molnar wrote: >> > >> > * Andy Lutomirski wrote: >> > >> >> [...] Clearing R10 is mostly useless in the

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Mon, Feb 5, 2018 at 7:48 PM, Ingo Molnar wrote: > > * Brian Gerst wrote: > >> On Mon, Feb 5, 2018 at 1:29 PM, Ingo Molnar wrote: >> > >> > * Andy Lutomirski wrote: >> > >> >> [...] Clearing R10 is mostly useless in the syscall path because we'll >> >> just >> >> unconditionally reload it

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Ingo Molnar wrote: > Btw., to underline these arguments, here's some statistical data about actual > register usage the x86 kernel. So this caveat was bothering me: > List of caveats/notes: > > Note #4: > The 'avg uses per fn' number is over-estimates the real uses per

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Ingo Molnar wrote: > Btw., to underline these arguments, here's some statistical data about actual > register usage the x86 kernel. So this caveat was bothering me: > List of caveats/notes: > > Note #4: > The 'avg uses per fn' number is over-estimates the real uses per function, >

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Brian Gerst wrote: > On Mon, Feb 5, 2018 at 1:29 PM, Ingo Molnar wrote: > > > > * Andy Lutomirski wrote: > > > >> [...] Clearing R10 is mostly useless in the syscall path because we'll just > >> unconditionally reload it in

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Brian Gerst wrote: > On Mon, Feb 5, 2018 at 1:29 PM, Ingo Molnar wrote: > > > > * Andy Lutomirski wrote: > > > >> [...] Clearing R10 is mostly useless in the syscall path because we'll just > >> unconditionally reload it in do_syscall_64(). > > > > AFAICS do_syscall_64() doesn't touch R10

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Mon, Feb 5, 2018 at 1:29 PM, Ingo Molnar wrote: > > * Andy Lutomirski wrote: > >> [...] Clearing R10 is mostly useless in the syscall path because we'll just >> unconditionally reload it in do_syscall_64(). > > AFAICS do_syscall_64() doesn't touch R10 at

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Mon, Feb 5, 2018 at 1:29 PM, Ingo Molnar wrote: > > * Andy Lutomirski wrote: > >> [...] Clearing R10 is mostly useless in the syscall path because we'll just >> unconditionally reload it in do_syscall_64(). > > AFAICS do_syscall_64() doesn't touch R10 at all. So how does it reload R10? > > In

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Andy Lutomirski wrote: > [...] Clearing R10 is mostly useless in the syscall path because we'll just > unconditionally reload it in do_syscall_64(). AFAICS do_syscall_64() doesn't touch R10 at all. So how does it reload R10? In fact do_syscall_64() as a C function does not

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Andy Lutomirski wrote: > [...] Clearing R10 is mostly useless in the syscall path because we'll just > unconditionally reload it in do_syscall_64(). AFAICS do_syscall_64() doesn't touch R10 at all. So how does it reload R10? In fact do_syscall_64() as a C function does not touch R10, R11,

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Mon, Feb 5, 2018 at 4:26 PM, Ingo Molnar wrote: > > * Linus Torvalds wrote: > >> [...] >> >> But as the commit message says, the system call argument registers are >> also likely to be aggressively clobbered unless used, since the low >>

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Mon, Feb 5, 2018 at 4:26 PM, Ingo Molnar wrote: > > * Linus Torvalds wrote: > >> [...] >> >> But as the commit message says, the system call argument registers are >> also likely to be aggressively clobbered unless used, since the low >> registers are preferred for code generation (smaller

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Linus Torvalds wrote: > [...] > > But as the commit message says, the system call argument registers are > also likely to be aggressively clobbered unless used, since the low > registers are preferred for code generation (smaller code, and many of > them are

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

* Linus Torvalds wrote: > [...] > > But as the commit message says, the system call argument registers are > also likely to be aggressively clobbered unless used, since the low > registers are preferred for code generation (smaller code, and many of > them are special anyway in various ways

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sun, Feb 4, 2018 at 9:42 AM, Dan Williams wrote: > On Sun, Feb 4, 2018 at 5:01 AM, Brian Gerst wrote: >> >> Now that the fast syscall path is gone, all regs (except RSP >> obviously) are dead after being saved to pt_regs. > > They're saved, but not

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sun, Feb 4, 2018 at 9:42 AM, Dan Williams wrote: > On Sun, Feb 4, 2018 at 5:01 AM, Brian Gerst wrote: >> >> Now that the fast syscall path is gone, all regs (except RSP >> obviously) are dead after being saved to pt_regs. > > They're saved, but not dead afaics. Actually, they _are_ dead with

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sun, Feb 4, 2018 at 5:01 AM, Brian Gerst wrote: > On Sat, Feb 3, 2018 at 6:21 PM, Dan Williams wrote: >> At entry userspace may have populated the extra registers outside the >> syscall calling convention with values that could be useful in a >>

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sun, Feb 4, 2018 at 5:01 AM, Brian Gerst wrote: > On Sat, Feb 3, 2018 at 6:21 PM, Dan Williams wrote: >> At entry userspace may have populated the extra registers outside the >> syscall calling convention with values that could be useful in a >> speculative execution attack. Clear them to

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sat, Feb 3, 2018 at 6:21 PM, Dan Williams wrote: > At entry userspace may have populated the extra registers outside the > syscall calling convention with values that could be useful in a > speculative execution attack. Clear them to minimize the kernel's attack >

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sat, Feb 3, 2018 at 6:21 PM, Dan Williams wrote: > At entry userspace may have populated the extra registers outside the > syscall calling convention with values that could be useful in a > speculative execution attack. Clear them to minimize the kernel's attack > surface. Note, this only

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sun, Feb 4, 2018 at 1:25 AM, Dan Williams wrote: > On Sat, Feb 3, 2018 at 4:14 PM, Andy Lutomirski wrote: >> On Sat, Feb 3, 2018 at 11:21 PM, Dan Williams >> wrote: >>> At entry userspace may have populated the extra

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sun, Feb 4, 2018 at 1:25 AM, Dan Williams wrote: > On Sat, Feb 3, 2018 at 4:14 PM, Andy Lutomirski wrote: >> On Sat, Feb 3, 2018 at 11:21 PM, Dan Williams >> wrote: >>> At entry userspace may have populated the extra registers outside the >>> syscall calling convention with values that

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sat, Feb 3, 2018 at 4:14 PM, Andy Lutomirski wrote: > On Sat, Feb 3, 2018 at 11:21 PM, Dan Williams > wrote: >> At entry userspace may have populated the extra registers outside the >> syscall calling convention with values that could be useful in a

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sat, Feb 3, 2018 at 4:14 PM, Andy Lutomirski wrote: > On Sat, Feb 3, 2018 at 11:21 PM, Dan Williams > wrote: >> At entry userspace may have populated the extra registers outside the >> syscall calling convention with values that could be useful in a >> speculative execution attack. Clear

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sat, Feb 3, 2018 at 11:21 PM, Dan Williams wrote: > At entry userspace may have populated the extra registers outside the > syscall calling convention with values that could be useful in a > speculative execution attack. Clear them to minimize the kernel's attack >

Re: [PATCH 1/3] x86/entry: Clear extra registers beyond syscall arguments for 64bit kernels

On Sat, Feb 3, 2018 at 11:21 PM, Dan Williams wrote: > At entry userspace may have populated the extra registers outside the > syscall calling convention with values that could be useful in a > speculative execution attack. Clear them to minimize the kernel's attack > surface. Note, this only