On 04/27/2015 01:35 PM, Borislav Petkov wrote: > On Mon, Apr 27, 2015 at 10:53:05AM +0200, Borislav Petkov wrote: >> ALTERNATIVE "", >> "shl $(64 - (__VIRTUAL_MASK_SHIFT+1)), %rcx \ >> sar $(64 - (__VIRTUAL_MASK_SHIFT+1)), %rcx \ >> cmpq %rcx, %r11 \ >> jne opportunistic_sysret_failed" >> X86_BUG_SYSRET_CANONICAL_RCX > > Right, so I can do this: > > /* > * Change top 16 bits to be the sign-extension of 47th bit, if this > * changed %rcx, it was not canonical. > */ > ALTERNATIVE "", \ > "shl $(64 - (47+1)), %rcx; \ > sar $(64 - (47+1)), %rcx; \ > cmpq %rcx, %r11; \ > jne opportunistic_sysret_failed", X86_BUG_SYSRET_CANON_RCX > > If I use the __VIRTUAL_MASK_SHIFT macro *in* the ALTERNATIVE macro, I get some > really cryptic gas error: > > arch/x86/kernel/entry_64.S: Assembler messages: > arch/x86/kernel/entry_64.S:441: Error: can't resolve `L0' {*ABS* section} - > `L0' {*UND* section} > scripts/Makefile.build:294: recipe for target 'arch/x86/kernel/entry_64.o' > failed > make[1]: *** [arch/x86/kernel/entry_64.o] Error 1 > Makefile:1536: recipe for target 'arch/x86/kernel/entry_64.o' failed > make: *** [arch/x86/kernel/entry_64.o] Error 2 > > but I guess we can simply use the naked "47" because a couple of lines > above, we already have the sanity-check: > > .ifne __VIRTUAL_MASK_SHIFT - 47 > .error "virtual address width changed -- SYSRET checks need update" > .endif > > so we should be guarded just fine. > > Anyway, if we do it this way, we get 17 NOPs added at build time which is the > length of the 4 instructions: > > ffffffff819ef40c: 48 c1 e1 10 shl $0x10,%rcx > ffffffff819ef410: 48 c1 f9 10 sar $0x10,%rcx > ffffffff819ef414: 49 39 cb cmp %rcx,%r11 > ffffffff819ef417: 0f 85 ff 9c bc ff jne ffffffff815b911c > <opportunistic_sysret_failed>
This looks strange. opportunistic_sysret_failed label is just a few instructions below. Why are you getting "ff 9c bc ff" offset in JNE instead of short jump of 0x5f bytes I see without ALTERNATIVE? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/