[tip:x86/pti] x86/entry/64: Use PUSH_AND_CLEAN_REGS in more cases
Commit-ID: 30907fd13bb593202574bb20af58d67c70a1ee14 Gitweb: https://git.kernel.org/tip/30907fd13bb593202574bb20af58d67c70a1ee14 Author: Dominik Brodowski AuthorDate: Sun, 11 Feb 2018 11:49:46 +0100 Committer: Ingo Molnar CommitDate: Tue, 13 Feb 2018 09:04:53 +0100 x86/entry/64: Use PUSH_AND_CLEAN_REGS in more cases entry_SYSCALL_64_after_hwframe() and nmi() can be converted to use PUSH_AND_CLEAN_REGS instead of opencoded variants thereof. Due to the interleaving, the additional XOR-based clearing of R8 and R9 in entry_SYSCALL_64_after_hwframe() should not have any noticeable negative implications. Suggested-by: Linus Torvalds Signed-off-by: Dominik Brodowski Cc: Andy Lutomirski Cc: Borislav Petkov Cc: Brian Gerst Cc: Denys Vlasenko Cc: H. Peter Anvin Cc: Josh Poimboeuf Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: dan.j.willi...@intel.com Link: http://lkml.kernel.org/r/20180211104949.12992-6-li...@dominikbrodowski.net Signed-off-by: Ingo Molnar --- arch/x86/entry/calling.h | 6 ++--- arch/x86/entry/entry_64.S | 65 +++ 2 files changed, 6 insertions(+), 65 deletions(-) diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h index 57b1b87..d6a97e2 100644 --- a/arch/x86/entry/calling.h +++ b/arch/x86/entry/calling.h @@ -137,7 +137,7 @@ For 32-bit we have the following conventions - kernel is built with UNWIND_HINT_REGS offset=\offset .endm - .macro PUSH_AND_CLEAR_REGS + .macro PUSH_AND_CLEAR_REGS rdx=%rdx rax=%rax /* * Push registers and sanitize registers of values that a * speculation attack might otherwise want to exploit. The @@ -147,9 +147,9 @@ For 32-bit we have the following conventions - kernel is built with */ pushq %rdi/* pt_regs->di */ pushq %rsi/* pt_regs->si */ - pushq %rdx/* pt_regs->dx */ + pushq \rdx/* pt_regs->dx */ pushq %rcx/* pt_regs->cx */ - pushq %rax/* pt_regs->ax */ + pushq \rax/* pt_regs->ax */ pushq %r8 /* pt_regs->r8 */ xorq%r8, %r8/* nospec r8 */ pushq %r9 /* pt_regs->r9 */ diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index cf4a9ae..b06a4b5 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -227,35 +227,8 @@ ENTRY(entry_SYSCALL_64) pushq %rcx/* pt_regs->ip */ GLOBAL(entry_SYSCALL_64_after_hwframe) pushq %rax/* pt_regs->orig_ax */ - pushq %rdi/* pt_regs->di */ - pushq %rsi/* pt_regs->si */ - pushq %rdx/* pt_regs->dx */ - pushq %rcx/* pt_regs->cx */ - pushq $-ENOSYS/* pt_regs->ax */ - pushq %r8 /* pt_regs->r8 */ - pushq %r9 /* pt_regs->r9 */ - pushq %r10/* pt_regs->r10 */ - /* -* Clear extra registers that a speculation attack might -* otherwise want to exploit. Interleave XOR with PUSH -* for better uop scheduling: -*/ - xorq%r10, %r10 /* nospec r10 */ - pushq %r11/* pt_regs->r11 */ - xorq%r11, %r11 /* nospec r11 */ - pushq %rbx/* pt_regs->rbx */ - xorl%ebx, %ebx /* nospec rbx */ - pushq %rbp/* pt_regs->rbp */ - xorl%ebp, %ebp /* nospec rbp */ - pushq %r12/* pt_regs->r12 */ - xorq%r12, %r12 /* nospec r12 */ - pushq %r13/* pt_regs->r13 */ - xorq%r13, %r13 /* nospec r13 */ - pushq %r14/* pt_regs->r14 */ - xorq%r14, %r14 /* nospec r14 */ - pushq %r15/* pt_regs->r15 */ - xorq%r15, %r15 /* nospec r15 */ - UNWIND_HINT_REGS + + PUSH_AND_CLEAR_REGS rax=$-ENOSYS TRACE_IRQS_OFF @@ -1388,39 +1361,7 @@ ENTRY(nmi) pushq 1*8(%rdx) /* pt_regs->rip */ UNWIND_HINT_IRET_REGS pushq $-1 /* pt_regs->orig_ax */ - pushq %rdi/* pt_regs->di */ - pushq %rsi/* pt_regs->si */ - pushq (%rdx) /* pt_regs->dx */ - pushq %rcx/* pt_regs->cx */ - pushq %rax/* pt_regs->ax */ - /* -* Sanitize registers of values that a speculation attack -*
[tip:x86/pti] x86/entry/64: Use PUSH_AND_CLEAN_REGS in more cases
Commit-ID: 0e61b0142a4bdbe855c1d80342d2ca00241488b6 Gitweb: https://git.kernel.org/tip/0e61b0142a4bdbe855c1d80342d2ca00241488b6 Author: Dominik Brodowski AuthorDate: Sun, 11 Feb 2018 11:49:46 +0100 Committer: Ingo Molnar CommitDate: Mon, 12 Feb 2018 08:06:36 +0100 x86/entry/64: Use PUSH_AND_CLEAN_REGS in more cases entry_SYSCALL_64_after_hwframe() and nmi() can be converted to use PUSH_AND_CLEAN_REGS instead of opencoded variants thereof. Due to the interleaving, the additional XOR-based clearing of R8 and R9 in entry_SYSCALL_64_after_hwframe() should not have any noticeable negative implications. Suggested-by: Linus Torvalds Signed-off-by: Dominik Brodowski Cc: Andy Lutomirski Cc: Borislav Petkov Cc: Brian Gerst Cc: Denys Vlasenko Cc: H. Peter Anvin Cc: Josh Poimboeuf Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: dan.j.willi...@intel.com Link: http://lkml.kernel.org/r/20180211104949.12992-6-li...@dominikbrodowski.net Signed-off-by: Ingo Molnar --- arch/x86/entry/calling.h | 6 ++--- arch/x86/entry/entry_64.S | 65 +++ 2 files changed, 6 insertions(+), 65 deletions(-) diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h index 57b1b87..d6a97e2 100644 --- a/arch/x86/entry/calling.h +++ b/arch/x86/entry/calling.h @@ -137,7 +137,7 @@ For 32-bit we have the following conventions - kernel is built with UNWIND_HINT_REGS offset=\offset .endm - .macro PUSH_AND_CLEAR_REGS + .macro PUSH_AND_CLEAR_REGS rdx=%rdx rax=%rax /* * Push registers and sanitize registers of values that a * speculation attack might otherwise want to exploit. The @@ -147,9 +147,9 @@ For 32-bit we have the following conventions - kernel is built with */ pushq %rdi/* pt_regs->di */ pushq %rsi/* pt_regs->si */ - pushq %rdx/* pt_regs->dx */ + pushq \rdx/* pt_regs->dx */ pushq %rcx/* pt_regs->cx */ - pushq %rax/* pt_regs->ax */ + pushq \rax/* pt_regs->ax */ pushq %r8 /* pt_regs->r8 */ xorq%r8, %r8/* nospec r8 */ pushq %r9 /* pt_regs->r9 */ diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index cf4a9ae..b06a4b5 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -227,35 +227,8 @@ ENTRY(entry_SYSCALL_64) pushq %rcx/* pt_regs->ip */ GLOBAL(entry_SYSCALL_64_after_hwframe) pushq %rax/* pt_regs->orig_ax */ - pushq %rdi/* pt_regs->di */ - pushq %rsi/* pt_regs->si */ - pushq %rdx/* pt_regs->dx */ - pushq %rcx/* pt_regs->cx */ - pushq $-ENOSYS/* pt_regs->ax */ - pushq %r8 /* pt_regs->r8 */ - pushq %r9 /* pt_regs->r9 */ - pushq %r10/* pt_regs->r10 */ - /* -* Clear extra registers that a speculation attack might -* otherwise want to exploit. Interleave XOR with PUSH -* for better uop scheduling: -*/ - xorq%r10, %r10 /* nospec r10 */ - pushq %r11/* pt_regs->r11 */ - xorq%r11, %r11 /* nospec r11 */ - pushq %rbx/* pt_regs->rbx */ - xorl%ebx, %ebx /* nospec rbx */ - pushq %rbp/* pt_regs->rbp */ - xorl%ebp, %ebp /* nospec rbp */ - pushq %r12/* pt_regs->r12 */ - xorq%r12, %r12 /* nospec r12 */ - pushq %r13/* pt_regs->r13 */ - xorq%r13, %r13 /* nospec r13 */ - pushq %r14/* pt_regs->r14 */ - xorq%r14, %r14 /* nospec r14 */ - pushq %r15/* pt_regs->r15 */ - xorq%r15, %r15 /* nospec r15 */ - UNWIND_HINT_REGS + + PUSH_AND_CLEAR_REGS rax=$-ENOSYS TRACE_IRQS_OFF @@ -1388,39 +1361,7 @@ ENTRY(nmi) pushq 1*8(%rdx) /* pt_regs->rip */ UNWIND_HINT_IRET_REGS pushq $-1 /* pt_regs->orig_ax */ - pushq %rdi/* pt_regs->di */ - pushq %rsi/* pt_regs->si */ - pushq (%rdx) /* pt_regs->dx */ - pushq %rcx/* pt_regs->cx */ - pushq %rax/* pt_regs->ax */ - /* -* Sanitize registers of values that a speculation attack -*