Re: [PATCH v4] x86/entry_32: Use stack segment selector for VERW operand

From: Peter Zijlstra
Date: Thu Jul 11 2024 - 05:04:26 EST

Next message: Johan Hovold: "[PATCH] arm64: dts: qcom: x1e80100: enable GICv3 ITS for PCIe"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v0 1/2] dt-bindings: usb: qcom,dwc3: Add minItems for interrupt info"
In reply to: Jari Ruusu: "Re: [PATCH v4] x86/entry_32: Use stack segment selector for VERW operand"
Next in thread: Pawan Gupta: "Re: [PATCH v4] x86/entry_32: Use stack segment selector for VERW operand"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 10, 2024 at 12:06:47PM -0700, Pawan Gupta wrote:
> +/*
> + * Safer version of CLEAR_CPU_BUFFERS that uses %ss to reference VERW operand
> + * mds_verw_sel. This ensures VERW will not #GP for an arbitrary user %ds.
> + */
> +.macro CLEAR_CPU_BUFFERS_SAFE
> + ALTERNATIVE "jmp .Lskip_verw\@", "", X86_FEATURE_CLEAR_CPU_BUF
> + verw %ss:_ASM_RIP(mds_verw_sel)
> +.Lskip_verw\@:
> +.endm

I know this is somewhat of a common pattern, but I think it is silly in
this case. Since we already have the ALTERNATIVE() why not NOP the one
VERW instruction instead?

That is,

ALTERNATIVE("", "verw %ss:_ASM_RIP(mds_verw_sel)", X86_FEATURE_CLEAR_CPU_BUF)

and call it a day?

Next message: Johan Hovold: "[PATCH] arm64: dts: qcom: x1e80100: enable GICv3 ITS for PCIe"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v0 1/2] dt-bindings: usb: qcom,dwc3: Add minItems for interrupt info"
In reply to: Jari Ruusu: "Re: [PATCH v4] x86/entry_32: Use stack segment selector for VERW operand"
Next in thread: Pawan Gupta: "Re: [PATCH v4] x86/entry_32: Use stack segment selector for VERW operand"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]