Re: [PATCH 1/2] stackleak: allow to specify arch specific stackleak poison function
From: Mark Rutland
Date: Wed Apr 12 2023 - 06:07:15 EST
On Wed, Apr 12, 2023 at 11:58:07AM +0200, Heiko Carstens wrote:
> On Wed, Apr 12, 2023 at 10:03:46AM +0100, Mark Rutland wrote:
> > On Wed, Apr 05, 2023 at 03:08:40PM +0200, Heiko Carstens wrote:
> > > Factor out the code that fills the stack with the stackleak poison value
> > > in order to allow architectures to provide a faster implementation.
> > >
> > > Acked-by: Vasily Gorbik <gor@xxxxxxxxxxxxx>
> > > Signed-off-by: Heiko Carstens <hca@xxxxxxxxxxxxx>
> >
> > As on patch 2, it might be nicer to have a noinstr-safe memset64() and use that
> > directly, but I don't have strong feelings either way, and I'll defer to Kees's
> > judgement:
>
> Wouldn't that enforce that memset64() wouldn't be allowed to have an own
> stackframe, since otherwise it would write poison values to it, since we
> have
>
> if (on_task_stack)
> erase_high = current_stack_pointer;
>
> in __stackleak_erase()?
Yes, sorry -- I was implicitly assuming that a noinstr-safe version would be
__always_inline.
> That was actually my motiviation to make this s390 optimization an always
> inline asm.
>
> Besides that this wouldn't be a problem for at least s390, since memset64()
> is an asm function which comes whithout the need for a stackframe, but on
> the other hand this would add a quite subtle requirement to memset64(), if
> I'm not mistaken.
That's a fair enough justification, I think. Thanks for the details!
Thanks,
Mark.