Received: by 10.223.176.46 with SMTP id f43csp2606524wra;
        Thu, 25 Jan 2018 12:27:58 -0800 (PST)
X-Google-Smtp-Source: AH8x224h3L3QwP33GXSjMI9T+OO9KJwHJFq3r7QDHWDyGoG21nDCFke3z0JP48mHzKkD+rundRDy
X-Received: by 10.98.32.93 with SMTP id g90mr4236870pfg.17.1516912078100;
        Thu, 25 Jan 2018 12:27:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516912078; cv=none;
        d=google.com; s=arc-20160816;
        b=DYbCBkIB0SG9hVQpJoPD3ED9E+3QdUxsRN9wzadmKq//6NMizdiIGEENk+rDeubf97
         EKsKJk4jzC+0uOpwijTbf1cZkTJ+YpNbrYiG0FdIDpeQst62Ywh/D9zATbUYh9H9tiXE
         Iyalo7A3xNqVnCXENrGfKWq8mk4Ks5XKu1FrYzO69YYfBh5eeciUOL6jgqKCRWx6++0Y
         Ljm5b5EsJHIHaV3NYYEhZ2palsxYLz5WwOpt0jJbSdKp1RlsncgW6UUURrmvbP1EurYn
         lwEpWPyUcjJq5GwUTsrTIRE4NwIvAhlFnvKDI1cV77MjOMwd2cheuSXhPJ5Q37MCcn8J
         OX7Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=ZYRwTE9mYOl2JbE188ofg9zUxDzSjhnYLte0iTVU9Qo=;
        b=c8QRsewLDRffITCeHej2FIeMZ9mTaAqbYqOFsEPNrfUmdr5QuxJrqSYh3W9ysEdF+D
         klbI/h2GTkhH/yETZDBl0hb/tcK0In/MSyYm8LHdKAM4DY1d7LTV1JzlBO15H8sjaW4K
         MfMvHuEnFP23qNeVAKg9QVSA0P/X8nfhD/J4T6W0nSPd4hgVngPqdXZXWG8aPpnXrWch
         U/9nP/4U4TyS/C96Bcpa0DNhkyeQU/GvvhCOyinAt1QgP1Qo8oZjUJSD13d4A8EeoJTo
         3k/KpBrbXUrW7ZprgkWi3CQJZHec53gfUTjxSUY6aPB49DuXqq7ur48FQOvhy7hqorj/
         fpBQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=PwBOU2d2;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h32-v6si2476047pld.717.2018.01.25.12.27.23;
        Thu, 25 Jan 2018 12:27:58 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=PwBOU2d2;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751259AbeAYU0L (ORCPT <rfc822;zffurovfq63@gmail.com>
        + 99 others); Thu, 25 Jan 2018 15:26:11 -0500
Received: from mail-pg0-f67.google.com ([74.125.83.67]:39346 "EHLO
        mail-pg0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751109AbeAYU0K (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 25 Jan 2018 15:26:10 -0500
Received: by mail-pg0-f67.google.com with SMTP id w17so5776803pgv.6
        for <linux-kernel@vger.kernel.org>; Thu, 25 Jan 2018 12:26:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=ZYRwTE9mYOl2JbE188ofg9zUxDzSjhnYLte0iTVU9Qo=;
        b=PwBOU2d25ZBH6EIV687hKauuDw/MvBJ5Ja9rjZDmDsF9O1h/uiFDAJ8dvG1a/b/QGp
         m/jAxqRke2Kbg7XxapiBjmuK/lJQDw6TdSuwCLdhlDFG+oE/2vcEhV3kP+oeR33gDyxO
         gmIZehykzHhC+8XvFRtsDV9l9aWf3MbcJ6iq2sZKsXVYugFIZHNgBektXIa1508Dxbbr
         MwichCVGtNUSJHfFGi8xa4DNBC0kBs9Ep7by+YSvWJGiQftdkRbfxiS8amNA7uFRdml5
         U3klYZpyDra35jXmu/sJXrGkQEgEKyoy/u/3lvStbrycvvzvHHf+VAUJxq/LyaLSQ2BT
         BKZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=ZYRwTE9mYOl2JbE188ofg9zUxDzSjhnYLte0iTVU9Qo=;
        b=mZ/wnNFeG2qqb2PMBSJQr4l3acsb/IX07IPvban0fHDvxrA1uP5sBP8Zh+MmFL4cqL
         F8Q0MH5a7WTEF7jO9a5oYgSHbavs20KhoZ8YqlkrjznqcjPRj5Ytw8wjEiG9cJXDtoJ+
         ZtK+FS3fusrQe4E8Bz2dlfkAYdNgm/ILza3DmL9l9aGV4VZvEHmZaw8AhrcGBTUxilWj
         F3noQnkTJiyoa2iwqKMDx9qEZ1kN/WqleSUsgTUZkUIBMVISz1m245/lyMMtUY1af//k
         hREyYkaGwIP6bKuxTySXXqdQPJOcC+/4F5qNph9QmmL5LUtVY66Bya6aPbRWOE/iTBU6
         GSvw==
X-Gm-Message-State: AKwxytd7/M+jzJeiuF7tylp08FHiqDyG6Q6CZSEcP5Q7fonjRlPZzVc8
        Ku4/mpqQKsu904+M4ykI+aRv08/fvNhSDWO9Gg==
X-Received: by 2002:a17:902:8607:: with SMTP id f7-v6mr12466831plo.273.1516911969726;
 Thu, 25 Jan 2018 12:26:09 -0800 (PST)
MIME-Version: 1.0
Received: by 10.2.180.182 with HTTP; Thu, 25 Jan 2018 12:04:27 -0800 (PST)
In-Reply-To: <CA+55aFxMDAaQ-d3ktWCjcob8OQARcE=OWFXNJtQnW62rF-XY0g@mail.gmail.com>
References: <503224b776b9513885453756e44bab235221124e.1516644136.git.luto@kernel.org>
 <CA+55aFwcU_hHz+S9ZDphBDRQLw6pMsd+6Yp_=mQA8kTcmTzWcQ@mail.gmail.com>
 <CA+55aFyONQeyHit6LcQz_JM5+C9pr61fcWFSpdn=7K_2mZN+oA@mail.gmail.com> <CA+55aFxMDAaQ-d3ktWCjcob8OQARcE=OWFXNJtQnW62rF-XY0g@mail.gmail.com>
From:   Brian Gerst <brgerst@gmail.com>
Date:   Thu, 25 Jan 2018 15:04:27 -0500
Message-ID: <CAMzpN2h5_4yMQaKhvLw+eNuifVafpqRPcwzq81O4KvYGrcXFKg@mail.gmail.com>
Subject: Re: [PATCH] x86/retpoline/entry: Disable the entire SYSCALL64 fast
 path with retpolines on
To:     Linus Torvalds <torvalds@linux-foundation.org>
Cc:     Andy Lutomirski <luto@kernel.org>,
        "the arch/x86 maintainers" <x86@kernel.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Alan Cox <alan@linux.intel.com>, Jann Horn <jannh@google.com>,
        Samuel Neves <samuel.c.p.neves@gmail.com>,
        Dan Williams <dan.j.williams@intel.com>,
        Kernel Hardening <kernel-hardening@lists.openwall.com>,
        Borislav Petkov <bp@alien8.de>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

In Thu, Jan 25, 2018 at 2:16 PM, Linus Torvalds
<torvalds@linux-foundation.org> wrote:
> On Thu, Jan 25, 2018 at 10:48 AM, Linus Torvalds
> <torvalds@linux-foundation.org> wrote:
>>
>> So the biggest impact of this is the extra register saves
>
> Actually, the other noticeable part is the reloading of the argument
> registers from ptregs. Together with just the extra level of
> 'call/ret' and the stack setup, I'm guessing we're talking maybe 20
> cycles or so.
>
> So there's the extra register saves, and simply the fact that the
> fastpath had a flatter calling structure.
>
> It still feels worth it. And if we do decide that we want to do the
> register clearing on kernel entry for some paranoid mode, we'd pretty
> much have to do this anyway.
>
>                  Linus

Another extra step the slow path does is checking to see if ptregs is
safe for SYSRET.  I think that can be mitigated by moving the check to
the places that do modify ptregs (ptrace, sigreturn, and exec) which
would set a flag to force return with IRET if the modified regs do not
satisfy the criteria for SYSRET.

--
Brian Gerst