Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation

From: David Woodhouse
Date: Tue Feb 06 2018 - 04:15:23 EST

Next message: Dominik Brodowski: "Re: [PATCH v3 2/3] x86/entry: Clear registers for 64bit exceptions/interrupts"
Previous message: Peter Zijlstra: "Re: linux-next: manual merge of the tip tree with Linus' tree"
In reply to: David Woodhouse: "Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 2018-02-04 at 19:43 +0100, Thomas Gleixner wrote:
> Yet another possibility is to avoid the function entry and accouting magic
> and use the generic gcc return thunk:
>
> __x86_return_thunk:
> ÂÂÂÂÂÂÂÂcall L2
> L1:
> ÂÂÂÂÂÂÂÂpause
> ÂÂÂÂÂÂÂÂlfence
> ÂÂÂÂÂÂÂÂjmp L1
> L2:
> ÂÂÂÂÂÂÂÂlea 8(%rsp), %rsp|lea 4(%esp), %esp
> ÂÂÂÂÂÂÂÂret
>
> which basically refills the RSB on every return. That can be inline or
> extern, but in both cases we should be able to patch it out.
>
> I have no idea how that affects performance, but it might be worthwhile to
> experiment with that.

That was what I had in mind when I asked HJ to add -mfunction-return.

I suspect the performance hit would be significant because it would
cause a prediction miss on *every* return.

But as I said, let's implement what we can without IBRS for Skylake,
then we can compare the two options for performance, security coverage
and general fugliness.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Next message: Dominik Brodowski: "Re: [PATCH v3 2/3] x86/entry: Clear registers for 64bit exceptions/interrupts"
Previous message: Peter Zijlstra: "Re: linux-next: manual merge of the tip tree with Linus' tree"
In reply to: David Woodhouse: "Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]