Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1759578AbbFCM41 (ORCPT <rfc822;w@1wt.eu>);
	Wed, 3 Jun 2015 08:56:27 -0400
Received: from mx1.redhat.com ([209.132.183.28]:58755 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754424AbbFCM4Q (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Wed, 3 Jun 2015 08:56:16 -0400
From: Denys Vlasenko <dvlasenk@redhat.com>
To: Ingo Molnar <mingo@kernel.org>
Cc: Denys Vlasenko <dvlasenk@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Steven Rostedt <rostedt@goodmis.org>, Borislav Petkov <bp@alien8.de>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Andy Lutomirski <luto@amacapital.net>, Oleg Nesterov <oleg@redhat.com>,
        Frederic Weisbecker <fweisbec@gmail.com>,
        Alexei Starovoitov <ast@plumgrid.com>, Will Drewry <wad@chromium.org>,
        Kees Cook <keescook@chromium.org>, x86@kernel.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH] x86/asm/entry/32: Do not use r9 in SYSCALL32 entry point
Date: Wed,  3 Jun 2015 14:56:09 +0200
Message-Id: <1433336169-18964-1-git-send-email-dvlasenk@redhat.com>
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 4388
Lines: 140

SYSENTER and SYSCALL 32-bit entry points differ in handling of arg2
and arg6.

SYSENTER:
 * ecx  arg2
 * ebp  user stack
 * 0(%ebp) arg6

SYSCALL:
 * ebp  arg2
 * esp  user stack
 * 0(%esp) arg6

Sysenter code loads 0(%ebp) to %ebp right away.
(This destroys %ebp. It means we do not preserve it on return.
It's not causing problems since userspace VDSO code does not depend on it,
and SYSENTER insn can't be sanely used outside of VDSO).

Syscall code loads 0(%ebp) to %r9. This allows to eliminate one MOV insn
(r9 is a register where arg6 should be for 64-bit ABI), but on audit/ptrace
code paths this requires juggling of r9 and ebp:
(1) ptrace expects arg6 to be in pt_regs->bp;
(2) r9 is callee-clobbered register and needs to be saved/restored
    around calls to C functions.

This patch changes syscall code to load 0(%ebp) to %ebp, making it more
similar to sysenter code. It's a bit smaller:

   text    data     bss     dec     hex filename
   1407       0       0    1407     57f ia32entry.o.before
   1391       0       0    1391     56f ia32entry.o

To preserve ABI compat, we restore ebp on exit.

Run-tested.

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
CC: Linus Torvalds <torvalds@linux-foundation.org>
CC: Steven Rostedt <rostedt@goodmis.org>
CC: Ingo Molnar <mingo@kernel.org>
CC: Borislav Petkov <bp@alien8.de>
CC: "H. Peter Anvin" <hpa@zytor.com>
CC: Andy Lutomirski <luto@amacapital.net>
CC: Oleg Nesterov <oleg@redhat.com>
CC: Frederic Weisbecker <fweisbec@gmail.com>
CC: Alexei Starovoitov <ast@plumgrid.com>
CC: Will Drewry <wad@chromium.org>
CC: Kees Cook <keescook@chromium.org>
CC: x86@kernel.org
CC: linux-kernel@vger.kernel.org
---

This patch is on top of:

x86/asm/entry/32: Simplify zeroing of pt_regs->r8..r11 on int80 code path
x86/asm/entry/32: Open-code CLEAR_RREGS. No code changes.
x86/asm/entry/32: Open-code LOAD_ARGS32. No code changes.

 arch/x86/ia32/ia32entry.S | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S
index 0ff676a..6f29f1f 100644
--- a/arch/x86/ia32/ia32entry.S
+++ b/arch/x86/ia32/ia32entry.S
@@ -327,7 +327,7 @@ ENTRY(ia32_cstar_target)
 	 * 32bit zero extended
 	 */
 	ASM_STAC
-1:	movl	(%r8),%r9d
+1:	movl	(%r8),%ebp
 	_ASM_EXTABLE(1b,ia32_badarg)
 	ASM_CLAC
 	orl     $TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS)
@@ -337,7 +337,7 @@ ENTRY(ia32_cstar_target)
 cstar_do_call:
 	/* 32bit syscall -> 64bit C ABI argument conversion */
 	movl	%edi,%r8d	/* arg5 */
-	/* r9 already loaded */	/* arg6 */
+	movl	%ebp,%r9d	/* arg6 */
 	xchg	%ecx,%esi	/* rsi:arg2, rcx:arg4 */
 	movl	%ebx,%edi	/* arg1 */
 	movl	%edx,%edx	/* arg3 (zero extension) */
@@ -353,6 +353,7 @@ cstar_dispatch:
 	jnz sysretl_audit
 sysretl_from_sys_call:
 	andl $~TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS)
+	movl	RCX(%rsp), %ebp
 	RESTORE_RSI_RDI_RDX
 	movl RIP(%rsp),%ecx
 	movl EFLAGS(%rsp),%r11d
@@ -379,9 +380,8 @@ sysretl_from_sys_call:
 
 #ifdef CONFIG_AUDITSYSCALL
 cstar_auditsys:
-	movl %r9d,R9(%rsp)	/* register to be clobbered by call */
 	auditsys_entry_common
-	movl R9(%rsp),%r9d	/* reload 6th syscall arg */
+	movl	%ebp, %r9d	/* reload 6th syscall arg */
 	jmp cstar_dispatch
 
 sysretl_audit:
@@ -393,16 +393,14 @@ cstar_tracesys:
 	testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT), ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
 	jz cstar_auditsys
 #endif
-	xchgl %r9d,%ebp
 	SAVE_EXTRA_REGS
 	xorl	%eax, %eax
 	movq	%rax, R11(%rsp)
 	movq	%rax, R10(%rsp)
-	movq	%r9, R9(%rsp)
+	movq	%rax, R9(%rsp)
 	movq	%rax, R8(%rsp)
-	movq %rsp,%rdi        /* &pt_regs -> arg1 */
-	call syscall_trace_enter
-	movl	R9(%rsp),%r9d
+	movq	%rsp, %rdi        /* &pt_regs -> arg1 */
+	call	syscall_trace_enter
 	/*
 	 * Reload arg registers from stack in case ptrace changed them.
 	 * Don't reload %eax because syscall_trace_enter() returned
@@ -416,8 +414,7 @@ cstar_tracesys:
 	movl	RDI(%rsp), %edi
 	movl	%eax, %eax	/* zero extension */
 	RESTORE_EXTRA_REGS
-	xchgl %ebp,%r9d
-	jmp cstar_do_call
+	jmp	cstar_do_call
 END(ia32_cstar_target)
 				
 ia32_badarg:
-- 
1.8.1.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/