Re: [PATCH v2 4/4] x86/static_call: Add inline static call implementation for x86-64
From: Steven Rostedt
Date: Thu Nov 29 2018 - 12:50:01 EST
On Thu, 29 Nov 2018 09:41:33 -0800
Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
> > On Nov 29, 2018, at 9:21 AM, Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> >
> > On Thu, 29 Nov 2018 12:20:00 -0500
> > Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> >
> >
> >> r8 = return address
> >> r9 = function to call
> >>
> >
> > Bad example, r8 and r9 are args, but r10 and r11 are available.
> >
> > -- Steve
> >
> >> push r8
> >> jmp *r9
> >>
> >> Then have the regs->ip point to that trampoline.
>
> Cute. Thatâll need ORC annotations and some kind of retpoline to replace the indirect jump, though.
>
Do we really need to worry about retpoline here?
I'm not fully up on all the current vulnerabilities, but can this
really be taken advantage of when it only happens in the transition of
changing a static call with the small chance of one of those calls
triggering the break point?
If someone can take advantage of that, I almost think they deserve
cracking my box ;-)
-- Steve