Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp4196806imm; Fri, 18 May 2018 00:37:15 -0700 (PDT) X-Google-Smtp-Source: AB8JxZp4IMuPVKzkXBCLkCHRe+6GVLK6C5ZDR1ZQcMHvfghqStEUkxN/6BjB1XYuZMizOtRmmBxn X-Received: by 2002:a65:61c8:: with SMTP id j8-v6mr6567811pgv.370.1526629035746; Fri, 18 May 2018 00:37:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526629035; cv=none; d=google.com; s=arc-20160816; b=Tpc8nzLRo7Jj+H79s+dKrgVhNLGDJF/sZj4wzGyC29paPY2zlLR8u+Pse+SNx33Xh7 nwn+fKwBi+dkkM4RFGEe590a8ZAWFvl6mTzUO1ZiDZHVskqCb1hjgI0rcvclGlyALSg4 0wl8cA1bU9s5zE9x7Uchy50HFvNAx6LsBAtBn88ppTrusunEDYcsuHNUPKMr5uCIw2MT KoO9NYIGLcOfpO624Y/xIU6A8xLMPlbV/31pMbJvWhPt1Q8aInseFUb5BmtxojDAW7ze Cg3Zjfskb2CGlsw15KBUSWuCDQu2f7rdWrmzzaQud7HPUK1hyik4cQg9ILS6DWlphSKa vd+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=9j7KJ+ELag2Mo7st/20jT7mRB9FY+DBPI1ROO04QSS0=; b=q+3dliGIp4UXGfWRxS854jRVi4dVsKkGlIzkux5aoxymF2S1LMeBKsk5sKAK7yDeBK AF+XnyX6XpJCWeJpd5pSX/PodiioMk9g8U60mug/sWiUBNLMWlA2OLqowkd8MtX6qSPo bQKyYu+lpIRo7BY67PAyfFSFCUzLd7aYexq+VQ0z+JCERLLSffn7TqtQspzAJ+tXfzOK AMipMWhPk7/g3y8BionBtjxD+FHfTPiizOV2yZyMJObzJ3Vq1Q1MR+enIex7IrqfL2rX V0mt7cwqFNntudzaZK08tC/px3Qjvz24Srxf8/HXLnvKL92V8RqrWmJe8qqqlipk9KB5 6j1w== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=vc2FVoWu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q66-v6si6998842pfi.235.2018.05.18.00.37.01; Fri, 18 May 2018 00:37:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=vc2FVoWu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752408AbeERHgx (ORCPT + 99 others); Fri, 18 May 2018 03:36:53 -0400 Received: from mail-wr0-f194.google.com ([209.85.128.194]:37060 "EHLO mail-wr0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752273AbeERHgs (ORCPT ); Fri, 18 May 2018 03:36:48 -0400 Received: by mail-wr0-f194.google.com with SMTP id h5-v6so8115653wrm.4 for ; Fri, 18 May 2018 00:36:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=9j7KJ+ELag2Mo7st/20jT7mRB9FY+DBPI1ROO04QSS0=; b=vc2FVoWuEqAiKsSn1Kgb4rb/CTEn7z1kjhV7mcMTHkigCq8Xi6tGAloEXi/BNH2xK3 j6oKMcCpPGhf8eKmlGsFINMCDPMtfeguMA0fXRZwXBXf7Mo7TPpDhShX1YYypfymJbpj 7P6hFeVOVtBs6HJwLtwTsIUK5rsffH+hcktz/MYNDhV+1qUur6JAnKced1MX9ooJZfYy 03uRwtgeCunzAj0OmPtLICXQZB5NtZO4zF2hDHNzBh1uS9/edpcONGaWGj5qXkea9vWC TH+UtYpGrlG+aVeHl276etPDR2ERbEQ3+s/G9ToU2Wtef5XlNjQcx5kKXb+gINELAdQv FMRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to:user-agent; bh=9j7KJ+ELag2Mo7st/20jT7mRB9FY+DBPI1ROO04QSS0=; b=js1D4wrdLwQmqtXmFyn6RHpGzXl4ILfdjClncaqkIrerD7iXgHKD2ppZ51pRc/tmVT QKLHl6aVP7U649AQB6JbQ3b4wn+mRqUka4l+wvb77b17kJB8y8IflBRg7QDo0ASfvQMU lq0SkmFZU0rjep6cw+jq4v2Gzmf5ZdO/lVsDSGVV5HeS/PrzDOmRGYF4y/oIHu/mnik1 YDx0tHOAhwAAh5E7j2Z0etTFu2YDh4Ljuhna8bxurIwzBheAbeIebwPlemx6LpE+kwRB YS6AyKpMFsDy2Z/kSa7tnPuWkrwGUpkTOR0dMMJo5fPwAuoK2Rk3/4N0iYQd5gZSAFqV 2JEA== X-Gm-Message-State: ALKqPwepuPksNkUAo5zuil0P9wJZ4UeSwdgkv1bed7nx6XiXq4Oes7Oq 1p+W7i3U6v6is2WYYv/MsvE= X-Received: by 2002:adf:891a:: with SMTP id s26-v6mr6262968wrs.276.1526629007556; Fri, 18 May 2018 00:36:47 -0700 (PDT) Received: from gmail.com (2E8B0CD5.catv.pool.telekom.hu. [46.139.12.213]) by smtp.gmail.com with ESMTPSA id y81-v6sm7193410wmd.31.2018.05.18.00.36.46 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 18 May 2018 00:36:46 -0700 (PDT) Date: Fri, 18 May 2018 09:36:44 +0200 From: Ingo Molnar To: Alexey Dobriyan Cc: tglx@linutronix.de, Peter Anvin , kernel test robot , Andrew Lutomirski , Borislav Petkov , Brian Gerst , Denys Vlasenko , Josh Poimboeuf , Peter Zijlstra , Linux Kernel Mailing List , Peter Anvin , tipbuild@zytor.com, LKP , torvalds@linux-foundation.org, x86@kernel.org Subject: Re: [PATCH v2] x86/asm: Pad assembly functions with INT3 instructions Message-ID: <20180518073644.GA8593@gmail.com> References: <20180515080033.GA7714@yexl-desktop> <20180515210757.GA12225@avx2> <20180515214337.GA18021@avx2> <20180515225028.GA21902@avx2> <20180515225845.GB21902@avx2> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180515225845.GB21902@avx2> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Alexey Dobriyan wrote: > Use INT3 instead of NOP. All that padding between functions is > an illegal area, no legitimate code should jump into it. > > I've checked x86_64 allyesconfig disassembly, all changes looks sane: > INT3 is only used after RET or unconditional JMP. > > On i386: > * promote ret_from_exception into ENTRY as it has corresponding END, > * demote "resume_userspace" -- unused, > * delete ALIGN directive in page_fault. It is leftover from x86 assembly > cleanups. > > commit d211af055d0c12dc3416c2886e6fbdc6eb74a381 > i386: get rid of the use of KPROBE_ENTRY / KPROBE_END > > has ALIGN directive before branch target which makes sense. > All the code after ALIGN disappeared later. > > Signed-off-by: Alexey Dobriyan > --- > > arch/x86/entry/entry_32.S | 6 +----- > arch/x86/include/asm/linkage.h | 2 +- > 2 files changed, 2 insertions(+), 6 deletions(-) > > --- a/arch/x86/entry/entry_32.S > +++ b/arch/x86/entry/entry_32.S > @@ -320,8 +320,7 @@ END(ret_from_fork) > */ > > # userspace resumption stub bypassing syscall exit tracing > - ALIGN > -ret_from_exception: > +ENTRY(ret_from_exception) > preempt_stop(CLBR_ANY) > ret_from_intr: > #ifdef CONFIG_VM86 > @@ -337,8 +336,6 @@ ret_from_intr: > #endif > cmpl $USER_RPL, %eax > jb resume_kernel # not returning to v8086 or userspace > - > -ENTRY(resume_userspace) > DISABLE_INTERRUPTS(CLBR_ANY) > TRACE_IRQS_OFF > movl %esp, %eax > @@ -910,7 +907,6 @@ BUILD_INTERRUPT3(hv_stimer0_callback_vector, HYPERV_STIMER0_VECTOR, > ENTRY(page_fault) > ASM_CLAC > pushl $do_page_fault > - ALIGN > jmp common_exception > END(page_fault) > > --- a/arch/x86/include/asm/linkage.h > +++ b/arch/x86/include/asm/linkage.h > @@ -18,7 +18,7 @@ > name: > > #if defined(CONFIG_X86_64) || defined(CONFIG_X86_ALIGNMENT_16) > -#define __ALIGN .p2align 4, 0x90 > +#define __ALIGN .p2align 4, 0xCC > #define __ALIGN_STR __stringify(__ALIGN) > #endif So the question is, without objtool support, how will we find INT3-padding related crash bugs on 32-bit kernels? Thanks, Ingo