[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/2] xen/arm: entry: Place a speculation barrier following an ret instruction

  • To: Julien Grall <julien@xxxxxxx>
  • From: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • Date: Tue, 18 Aug 2020 16:35:01 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=loys/ucTW1IcWq/F9SAe22Bhk89jMrw+8VqdiTcBRDw=; b=F3SJ9nlQQ15hvw47rAuABUaF8n0xCfwyGAeIaVKcmrXI1+R7jYQklTr2/s4f1ZW/QaJCrGufZKl/SVFOdn71hmmETGpFyl+CG/+OP4Wnd++slpAefYPXL8obQZ7TxLE0J7Kv+3I4UWh/3VrzPl+8QUwljD4neMCmUpOvLpfcECEjfKqpywUxPJMGyVlSXf2X7jB/TsKHsjozGDYjoecqJ5nfVND8biOg+HO38jShpOuKeQPSOXCZLbBw/10OthHyVejyxkyhQag7tJFSC155omJGXDOujvdo4ckeirzuJhxTLON9BtgYdPdgnLkGeV5H40IwUFN8KKb0wpF4xNPO6g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IWmmYKO/4Bk7qNunsU9D1hqKvVfSV19eysL5tkHfdjQ2MRBF6+tub1onmwd5BJiVun6gnXPQbMobYh7nawBRN2DRu77btNu1RdKBT8OPlf4KD2l2HeoPfYeVeruy/ZqZq7lNZzBmULLRPO8NxN90tzxYdKUHdZ9dyijppk56hNiVKE3DJfXBcDDbi3h5C9cnbi3JAooD9H5505X3hczFnDMzhC+b42n+eatUx7+BGsU6iX0NnwAfl0xR3M0jBrb1W/J4lwaAPeMDur3VNxInjAfYPsFetzIR0cyhcAl4wNh0PH0hlK+u5anWYWguH5XECXrgB11b2IQVG7fHwp0B+w==
  • Authentication-results-original: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;
  • Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, "security@xxxxxxxxxxxxxx" <security@xxxxxxxxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andre Przywara <Andre.Przywara@xxxxxxx>, Julien Grall <jgrall@xxxxxxxxxx>, nd <nd@xxxxxxx>
  • Delivery-date: Tue, 18 Aug 2020 16:35:31 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHWRAfmStwU8wyN4kaMawtOMkuGS6jbwRUAgAE+BoCAGrNlgIBGwHmA
  • Thread-topic: [PATCH 1/2] xen/arm: entry: Place a speculation barrier following an ret instruction
Hi Julien,

Somehow we stopped on this thread and you did already most of the work so I 
think we should try to finish what you started


> On 4 Jul 2020, at 17:07, Julien Grall <julien@xxxxxxx> wrote:
> 
> On 17/06/2020 17:23, Julien Grall wrote:
>> Hi,
>> On 16/06/2020 22:24, Stefano Stabellini wrote:
>>> On Tue, 16 Jun 2020, Julien Grall wrote:
>>>> From: Julien Grall <jgrall@xxxxxxxxxx>
>>>> 
>>>> Some CPUs can speculate past a RET instruction and potentially perform
>>>> speculative accesses to memory before processing the return.
>>>> 
>>>> There is no known gadget available after the RET instruction today.
>>>> However some of the registers (such as in check_pending_guest_serror())
>>>> may contain a value provided the guest.
>>>                                ^ by
>>> 
>>> 
>>>> In order to harden the code, it would be better to add a speculation
>>>> barrier after each RET instruction. The performance is meant to be
>>>> negligeable as the speculation barrier is not meant to be archicturally
>>>> executed.
>>>> 
>>>> Note that on arm32, the ldmia instruction will act as a return from the
>>>> function __context_switch(). While the whitepaper doesn't suggest it is
>>>> possible to speculate after the instruction, add preventively a
>>>> speculation barrier after it as well.
>>>> 
>>>> This is part of the work to mitigate straight-line speculation.
>>>> 
>>>> Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>
>>> 
>>> Reviewed-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>
>>> 
>>> I did a compile-test on the patch too.
>>> 
>>> 
>>>> ---
>>>> 
>>>> I am still unsure whether we preventively should add a speculation barrier
>>>> preventively after all the RET instructions in arm*/lib/. The smc call be
>>>> taken care in a follow-up patch.
>>> 
>>> SMC is great to have but it seems to be overkill to do the ones under
>>> lib/.
>> From my understanding, the compiler will add a speculation barrier 
>> preventively after each 'ret' when the mitigation are turned on.So it feels 
>> to me we want to follow the same approach.
>> Obviously, we can avoid them but I would like to have a justification for 
>> not adding them (nothing is overkilled against speculation ;)).
> 
> I finally found some time to look at arm*/lib in more details. Some of the 
> helpers can definitely be called with guest inputs.
> 
> For instance, memchr() is called from hypfs_get_path_user() with the 3rd 
> argument controlled by the guest. In both 32-bit and 64-bit implementation, 
> you will reach the end of the function memchr() with r2/w2 and r3/w3 (it 
> contains a character from the buffer) controlled by the guest.
> 
> As this is the only function in the unit, we don't know what will be the 
> instructions right after RET. So it would be safer to add a speculation 
> barrier there too.

How about adding a speculation barrier directly in the ENDPROC macro ?

> 
> Note that hypfs is currently only accessibly by Dom0. Yet, I still think we 
> should try to harden any code if we can :).

Agree with that.

Cheers (and sorry for the delay)
Bertrand

> 
> Cheers,
> 
> -- 
> Julien Grall

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.