[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 11/16] x86/spec-ctrl: Adjust DO_OVERWRITE_RSB to be shadow stack compatible

To: Jan Beulich <jbeulich@xxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Thu, 7 May 2020 14:25:31 +0100
Authentication-results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@xxxxxxxxxx; spf=Pass smtp.mailfrom=Andrew.Cooper3@xxxxxxxxxx; spf=None smtp.helo=postmaster@xxxxxxxxxxxxxxx
Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
Delivery-date: Thu, 07 May 2020 13:25:48 +0000
Ironport-sdr: 5B91iZU6GiMi0Qa9HGqChNkYNtitwrQRk5OeFoA7btNgRad+9lG0RgkjzuHQAV5N/ZdS9HmwQX 2OQ2ApOLjRRXk7TKtyEIYbS4txD9RfxVUQfhqGWfnnlGdsohvM9o7ykdn4jXzPcQ7KZLIw5Zqs 49+t9csNLLf4feyEc+KZUzh5h6SuhJBeBZFV5zroF6D0YDASMdxhqwTkTjM+HQpGIyAprvqKlp 7+gk4M7lesIKa6kmFjqRYWqlxJUGlIXsZbbgXUFTRD+9FFfwzrINek6rvZTsEa7devf+89iJeN pGo=
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 07/05/2020 14:22, Jan Beulich wrote:
> On 02.05.2020 00:58, Andrew Cooper wrote:
>> @@ -114,6 +114,16 @@
>>      sub $1, %ecx
>>      jnz .L\@_fill_rsb_loop
>>      mov %\tmp, %rsp                 /* Restore old %rsp */
>> +
>> +#ifdef CONFIG_XEN_SHSTK
>> +    mov $1, %ecx
>> +    rdsspd %ecx
>> +    cmp $1, %ecx
>> +    je .L\@_shstk_done
>> +    mov $64, %ecx                   /* 64 * 4 bytes, given incsspd */
>> +    incsspd %ecx                    /* Restore old SSP */
>> +.L\@_shstk_done:
>> +#endif
> The latest here I wonder why you don't use alternatives patching.
> I thought that's what you've introduced the synthetic feature
> flag for.

We're already in the middle of an alternative and they don't nest.  More
importantly, this path gets used on the BSP, after patching and before
CET gets enabled.

~Andrew

Follow-Ups:
- Re: [PATCH 11/16] x86/spec-ctrl: Adjust DO_OVERWRITE_RSB to be shadow stack compatible
  - From: Jan Beulich

References:
- [PATCH 00/16] x86: Support for CET Supervisor Shadow Stacks
  - From: Andrew Cooper
- [PATCH 11/16] x86/spec-ctrl: Adjust DO_OVERWRITE_RSB to be shadow stack compatible
  - From: Andrew Cooper
- Re: [PATCH 11/16] x86/spec-ctrl: Adjust DO_OVERWRITE_RSB to be shadow stack compatible
  - From: Jan Beulich

Prev by Date: [PATCH] x86/idle: prevent entering C6 with in service interrupts on Intel
Next by Date: Re: [PATCH 12/16] x86/extable: Adjust extable handling to be shadow stack compatible
Previous by thread: Re: [PATCH 11/16] x86/spec-ctrl: Adjust DO_OVERWRITE_RSB to be shadow stack compatible
Next by thread: Re: [PATCH 11/16] x86/spec-ctrl: Adjust DO_OVERWRITE_RSB to be shadow stack compatible
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.