[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 0/4] x86: Further harden function pointers


  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 29 Nov 2021 09:51:48 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lyySaEq89sPMQp80bGSBPjq8INEHew6hleOR6yp3Gd0=; b=Oa4J16/WJEsRlXunenC+vdsExbGtuikt5kJhJxDb0USu+gqD4KB4O1EFf7OBYjrVVBRan0GbdxqBaPPHMYiuyj47rDfPLlFOXAjhi9Zk5wFrCms9Gd80ZIrD3jn1hS2Sl+gYfQPAEhC7l6Fm9xjQ+xjLNbvgtjaCnvb/LPU7iX2lUhoL2WDqkhZzlXfCf+8SQZBjgY5wWPO761I3YTRp3iwY+oUEUvyIvoTLG70LRcliRH3FxALbRMOJX3MsSRIdnCpJKPkdPB5W/qJdKj/YRFe6TGydG9UV1mKQbWGAKeis4bXC61YYJrWXCldz/ck37EqXub0+wS3DPZ5oWoFd0w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lsV5o5jsH4IDGk+ZBh9Jg66M1yQzCqK7VT8I1kwl7zNbjRV+WwLD6ryebAkuj9E6QGV2rOWH/qnVDD/oCVZXXSJL4ezfoC3CJ0E5lP5RmoHH3GtyE1CZm8TWUN0QK8m6wzR4jnIwv9dR8DgJqdrmKTstC7YmztdN6c8JBw8RHwb96ik0oBgs9B2fnwqL9Jfga11zrcCZ1/G1irX/Q9z+tZRCkbc3iLSfBAn15KC66JazKnq8cbMfpOc84mfdcCeCWmkQdSKzOpkVkxGfQB+fnIVt+c7qG7tD4JDEalJ7i4Yhh16mLowciRerIwUJMTnnL7lwGTz6sibSBJbGmJP0RA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Mon, 29 Nov 2021 08:52:09 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 26.11.2021 22:22, Andrew Cooper wrote:
> Slightly RFC, because patch 2 has some minor structure (ab)use, but the result
> works alarmingly well.  So far, this demonstrates converting two subsystems.
> 
> hvm_funcs is the other area of especially low hanging fruit, but IOMMU, vPMU
> also look like good candidates.  Anything which is partially altcall'd already
> would benefit from being fully altcall'd.

I'll post patches for hvm_funcs and vPMU hopefully later today. I intend
to look into the remaining unconverted IOMMU instances (so far I've
spotted one, but proper auditing may turn up more). For hvm_funcs what I
have leaves a few ones still unconverted; I guess we can discuss whether
to go beyond what I have in the context of that patch.

> Should we consider introducing __ro_after_init right now (as an alias to
> __read_mostly) as this conversion is touching a lot of ares where true
> post-init immutability ought to be enforced.

Well, it's largely orthogonal, but this might indeed be a good opportunity
to at least make a first step. I'd go slightly beyond what you say and at
least also introduce a respective new section, rather than aliasing
__read_mostly.

Jan

> Andrew Cooper (4):
>   x86/altcall: Check and optimise altcall targets
>   x86/altcall: Optimise away endbr64 instruction where possible
>   xen/xsm: Use __init_data_cf_clobber for xsm_ops
>   x86/ucode: Use altcall, and __initdata_cf_clobber
> 
>  xen/arch/x86/alternative.c           | 60 
> ++++++++++++++++++++++++++++++++++++
>  xen/arch/x86/cpu/microcode/amd.c     |  2 +-
>  xen/arch/x86/cpu/microcode/core.c    | 38 ++++++++++++-----------
>  xen/arch/x86/cpu/microcode/intel.c   |  2 +-
>  xen/arch/x86/cpu/microcode/private.h |  2 +-
>  xen/arch/x86/xen.lds.S               |  5 +++
>  xen/include/xen/init.h               |  2 ++
>  xen/xsm/dummy.c                      |  2 +-
>  xen/xsm/flask/hooks.c                |  2 +-
>  xen/xsm/silo.c                       |  2 +-
>  10 files changed, 93 insertions(+), 24 deletions(-)
> 




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.