Re: [PATCH v2 1/1] x86/fred: Clear WFE in missing-ENDBRANCH #CPs

From: Xin Li
Date: Mon Nov 11 2024 - 21:55:06 EST


On 11/8/2024 12:53 PM, Andrew Cooper wrote:
Andrew,

can you please take another look?
After discussing with Dave on IRC, the ibt_clear_fred_wfe(regs); really
needs to be inside the ibt_selftest_noendbr path.


Sigh, I missed the discussion.

It's a selftest where we're deliberately trying to trigger #CP, and in
the one case where we're happy should we say "yeah, safe to clobber WFE
in the interrupted context" to let execution continue.

Clobbering WFE in any other circumstance is a security-relevant bug.

I think we also need to clear WFE when !ibt_fatal. No?

diff --git a/arch/x86/kernel/cet.c b/arch/x86/kernel/cet.c
index fb8f4238969e..69a34636811f 100644
--- a/arch/x86/kernel/cet.c
+++ b/arch/x86/kernel/cet.c
@@ -128,6 +128,7 @@ static void do_kernel_cp_fault(struct pt_regs *regs, unsigned long error_code)
if (!ibt_fatal) {
printk(KERN_DEFAULT CUT_HERE);
__warn(__FILE__, __LINE__, (void *)regs->ip, TAINT_WARN, regs, NULL);
+ ibt_clear_fred_wfe(regs);
return;
}
BUG();