[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3] x86/cet: Use dedicated NOP4 for cf_clobber

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Thu, 17 Mar 2022 14:29:42 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/Irteg4vs7a8bVWVjDNFHYCbuAIWQmyd5je9a7ZzyXs=; b=Af4lXlvVM9HjEv5BNla1RmkZylfj1UZ09BFKgmBZWrF9J8APKpt+X8X7ffxdsMmy+Qhb/hmoACLsgY9S9qgCd9VKM5me6PjLekMZxE9HuUPSecS2XVUZYRLyrfrqTVdBwhywAwswTwyk/u/cw6mGeep7oM3L4R9RKM4Xa+SeWknkPOmouvSV6pO4s79v0n3tnX4Dc6/KjUV6IbKRXr9SGx+2Ghe1qJRdBW1x6jRaMx4urD8Dht2g1Ota3QyJ29y2jlKKA2WghNL/Isia5ZSCDi3MuS6jCxiFva6XpYC2mGZze4VoVo6TDAkKpCSOxZGlmJ2XqNbIrGjU7Mye+1kD1w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E96+/A7BLp7RLp7UYW49qUDVxqQC+JhspMrWa5U5HBax70h3u+dpw9CgvA8l31bHAn/F/2bOXvV1gbxRt/rKAuS/qyQKNPb12sNJBAGS8bmQwfLbKTKfHWueuqp0uXonYgmP0Ovn28Y9jvB/x8BCZ9vrCfDrUpYOLaW5lSWlNh113ygxLMlJAegZWxvTVg97jhiKHF81/VfwBYaleVD0QlW5lluKodSgLRaqZ/MKA0rL5MtoQLgRhYPR2K1zegUKwe5FZue+lAD5JeLQaKBmFOSARVr3xdrtDH55k9GNMlCvhhSlrmsvHtysYC3PocveoZlYfbh1czf/HmjyIkYVsw==
  • Authentication-results: esa1.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, "Bjoern Doebel" <doebel@xxxxxxxxx>, Michael Kurth <mku@xxxxxxxxx>, Martin Pohlack <mpohlack@xxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 17 Mar 2022 14:29:50 +0000
  • Ironport-data: A9a23:X42eWaut+AcChFGUY9SATbe31OfnVJ9eMUV32f8akzHdYApBsoF/q tZmKT+HPqyMZGKhc911OYTl8hxSvJbcmoUxQFRorygwFHxD+JbJXdiXEBz9bniYRiHhoOOLz Cm8hv3odp1coqr0/0/1WlTZhSAgk/nOHNIQMcacUsxLbVYMpBwJ1FQyw4bVvqYy2YLjW1jU5 ouoyyHiEATNNwBcYzp8B52r8HuDjNyq0N/PlgVjDRzjlAa2e0g9VPrzF4noR5fLatA88tqBb /TC1NmEElbxpH/BPD8HfoHTKSXmSpaKVeSHZ+E/t6KK2nCurQRquko32WZ1he66RFxlkvgoo Oihu6BcRi8JD7DXveEAWiMALA9TL4xZ1ebXA16g5Jn7I03uKxMAwt1rBUAye4YZ5vx2ESdF8 vlwxDIlN07ZwbjsmfTiF7cq1p9LwMrDZevzvllJyz3DAOlgapfEW6jQvvdT3Ssqh9AIFvHbD yYcQWQxPUyQM0YQUrsRIMMFre2wjHrNSABzp2uooKMY4WbrxwMkhdABN/KKI4fXFK25hH2wo 2Hb1238CwMdMpqTxFKt92qrhuvGliDTUYcbBrq+sPJn6HWDy2pWBBAIWF+TpfiillX4S99ZM 1YT+Cclse417kPDZtv3UgC8oXWElgUBQNcWGOo/gCmSzoLE7gDfAXILJhZNb9EsucseTDkjx FiP2d/kbQGDq5XMFyjbrO3N62rvZ25FdgfueBPoUyMl0sT4hYQuhyiXcfhOAo+qo4TlOxfvl mXiQDcFu50fissC1qOe9F/Bgi6xqpWhcjPZ9jk7TUr+sFonOdfNi5iArAGCsK0edNrxokyp5 iBspiSI0AwZ4XhhfgSpSf5FIrym7u3t3Nb00Q82RMlJG9hAFheekWFsDNNWeR8B3iUsI2aBj KrvVeV5vsM70JyCN/MfXm5JI552pZUM7Py8PhwuUvJAY4JqaCiM9zx0aEib0gjFyRZwzv1iZ s7BL57zUB727JiLKhLsG4/xNpdxmkgDKZ77H8inn3xLL5LDDJJqdVv1GATXNb1ohE91iA7U7 8xeJ6O3J+Z3C4XDjt3s2ddLdzgidCFjbbiv8pA/XrPTc2JORTB6Y9eMkOxJRmCQt/kM/gs+1 irmAREwJZuWrSCvFDhmnVg4MeKxB8kj9SxnVcHuVH7xs0UejU+UxP53X7M8fKU99fwlyvhxT vIffN6HDOgJQTPCkwnxp7GkxGC+XHxHXT6zAhc=
  • Ironport-hdrordr: A9a23:/z69xKvJJhj6ReSLlugKZgnI7skDT9V00zEX/kB9WHVpm5Sj5q OTdYcgpH3JYVcqKRcdcL+7WZVoLUm3yXcX2/hpAV7BZmnbUQKTRekI0WKI+VHd8ljFmNK1op 0OT0ERMrDN5BNB/KPHCUGDYrIdKfe8gceVuds=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYOghShtEsT1aba0eWFJLpGnMDLazDoKGAgAACLoA=
  • Thread-topic: [PATCH v3] x86/cet: Use dedicated NOP4 for cf_clobber
On 17/03/2022 14:21, Jan Beulich wrote:
> On 17.03.2022 15:06, Andrew Cooper wrote:
>> For livepatching, we need to look at a potentially clobbered function and
>> determine whether it used to have an ENDBR64 instruction.
>>
>> Use a non-default 4-byte P6 long nop, not emitted by toolchains, and extend
>> check-endbr.sh to look for it.  The same logic can check for the absence of
>> any endbr32 instructions, so include a check for those too.
>>
>> The choice of nop has some complicated consequences.  nopw (%rax) has a ModRM
>> byte of 0, which the Bourne compatible shells unconditionally strip from
>> parameters, meaning that we can't pass it to `grep -aob`.
>>
>> Therefore, use nopw (%rcx) so the ModRM byte becomes 1.
>>
>> This then demonstrates another bug.  Under perl regexes, \1 thru \9 are
>> subpattern matches, and not octal escapes, while the behaviour of \10 and
>> higher depend on the number of capture groups.  Switch the `grep -P` runes to
>> use hex escapes instead, which are unambiguous
>>
>> The build time check then requires that the endbr64 poison have the same
>> treatment as endbr64 to avoid placing the byte pattern in immediate operands.
>>
>> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>

Thanks.

> with one nit (which likely I should have spotted before):

Unlikely, seeing as that was part that I rewrote between v2 and v3.

Will fix.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.