[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 5/7] x86: guard against straight-line speculation past RET

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Thu, 12 Nov 2020 11:35:08 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MEEjLEP/zHA/yXqIeWbl2pBjd23k2UPx3qQL4Jl/nVw=; b=mh720namB5e++RjelzlqR7rOtG1BX1iL8ws3g5diGHVP/9foPasWkhAFtf7rCIL3d0ymPpXc5g4Zy4X5WP5tEXx6rhTrSf7yqFKv9buUcsMYFqANJpkA8EKeVnW1qe6IQhQk4alGfHVV+qG5FweIGxJRl16L3SJOzcLo5kl8iGEE6qF+v60Kb4fc+oxrDGttPSWffamBJoJTDy9KTYT7l7/QtxECZ+zqhRXPKbZehqz/h+kQf2lkwbxoWpG2PknhrF42yg6mgxU1yi+QIy80QdPXF37PL+HtCWJZNI66b/LqRdWzeJZxGo4N8VSBZyTpiFgl7cMv+hfh+pZ4thtq0g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iidulBiQGbH+/hrHNTE4OLWNW4XUszONW0mRE5X+zzl9V+WSWMZupQxATzykrPWuAZDIJfAsB+I4Xv6P+GaqMpi9EIUHx5IK4xXqKXfKRAW+jbUGs/k8+dTN3Kbs7rWnRrvlaSLh2HC55uyaHPxhX/zqQSzOmjFTXjr3CxhSmL0BbZg1YaPdXlxwTI6gEEWcHjvbMDm0RPiFZvrcl7j54PqdQFEDcVF8QVyuT+99aA8O9wADw/7R37ii+/QUmlE6Elqn7gNTJ15ZANIZ2oogF53vRnPGCVGZ2Rai737SdWrg9ybAFGm66yfDh8CUYhfZt9QqPn793i4H+rOFQzoMew==
  • Authentication-results: esa2.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Andrew Cooper" <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Thu, 12 Nov 2020 10:35:27 +0000
  • Ironport-sdr: PfHtFi9M8d6PVVc/pKF0mnJL5DeLgMzvdIMgemYX32ldDMSygW934npku/4OH4wvsNXItT1XwA R4X0twJ9LTACiwefnGlvIUG2gLDxiBp2t0bQxKPW/pNiaRxsFamFY6zVWh7Nk7rUyqaWu0q8b+ KHIFbSJrJox6b94raLgBrR7vuGxGl1nq0yD+tWdqmQCO7G2D/OHfqBPacrRDwzWue02irSN3EB vPYihzQ5QAyvcq2m2vqYWGFBr6y2pDZ66URZMiI0EqeOQxo2cv0RubHTAwYj2PCtHrPEpbQjNV vC4=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Fri, Oct 23, 2020 at 10:38:04AM +0200, Jan Beulich wrote:
> Under certain conditions CPUs can speculate into the instruction stream
> past a RET instruction. Guard against this just like 3b7dab93f240
> ("x86/spec-ctrl: Protect against CALL/JMP straight-line speculation")
> did - by inserting an "INT $3" insn. It's merely the mechanics of how to
> achieve this that differ: A set of macros gets introduced to post-
> process RET insns issued by the compiler (or living in assembly files).
> 
> Unfortunately for clang this requires further features their built-in
> assembler doesn't support: We need to be able to override insn mnemonics
> produced by the compiler (which may be impossible, if internally
> assembly mnemonics never get generated)

FTR I've reported this to LLVM upstream:

https://bugs.llvm.org/show_bug.cgi?id=48159

Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.