Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp8866imm; Thu, 11 Oct 2018 14:24:15 -0700 (PDT) X-Google-Smtp-Source: ACcGV63VzA6aiQXKI09tvBLw6MnLdNEDRwqjjpNONJ067E/8T7SGsCFn4hmsp9ZXeqaACDHqQOOw X-Received: by 2002:a17:902:209:: with SMTP id 9-v6mr3157805plc.270.1539293055113; Thu, 11 Oct 2018 14:24:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539293055; cv=none; d=google.com; s=arc-20160816; b=BCGVHltx6PZDKmhoFHPt6XaltFoOP1wHoFEKlWgQ5DoKPqm1w8SGQjeD/DUbYE5ZSr kTrRgh7DeC5WXmFomchPsDN/olLFd2juinVGQwZe8RvEwEwIX1Ji+X9hJm4lASy9XZYw Nb8NaOabhC2YpSrhfhFAPljlTm59e3H2uJTVMktPABCMEdm1mz7hCc6xCPjMw1qcDqRL POEXERFf1ONzOZ/tuDHMzt1gK44xoZU96oJS2tRGrME5X67Um9DfoOXWO6ZVDZLIk+yi Dg1y9FEG6NTLDQSM1nPsCEJ+7SjIFFb3uQwFQH98eEsMgJRW/OWQ5SEmaRI3nEWPv0BK wk0w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id; bh=djF7h6n20+Hm/hEKJ5q+ykWGTR4Z9TviXK+JkKZFndQ=; b=D2Lf4wxxyKwe0JhuNTc52N2lUJpGC6LWBl38jVlbdXaDb8pQVD02UaFf0BeRtv5p5v +uaaBgJG0DxxwKAKmhZJkTkyEi54F4bKoVtMBTE+yQK3YrYsoHi+63iG1mR3jFnKUDQn ijTyBY6b3n/NFJTtgicihQmQ0z5TGiJXEMC4yfqaC2sar9FFBBFZ8lzuE4zRauv4JSyH 93z8Avz9dc7VwfT1iePxJI7R7iIJGblXn1xjksta1yf9DUSh7L4iR9tKbMmXoq4RCeYK CXmLzqQdkOP1oAOLQxYPpstbwyh1bxLIcbCg3q1tAg3s7tIvsv4B2zneuEx4ykAN9BVV Uqvw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b127-v6si28168732pga.153.2018.10.11.14.23.58; Thu, 11 Oct 2018 14:24:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726870AbeJLEw3 (ORCPT + 99 others); Fri, 12 Oct 2018 00:52:29 -0400 Received: from mga06.intel.com ([134.134.136.31]:19164 "EHLO mga06.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725819AbeJLEw3 (ORCPT ); Fri, 12 Oct 2018 00:52:29 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Oct 2018 14:23:23 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.54,370,1534834800"; d="scan'208";a="99509075" Received: from kcaccard-mobl3.jf.intel.com ([10.24.8.209]) by orsmga002.jf.intel.com with ESMTP; 11 Oct 2018 14:23:23 -0700 Message-ID: <1539293003.3566.15.camel@linux.intel.com> Subject: Re: [PATCH] x86: entry: flush the cache if syscall error From: Kristen C Accardi To: Kees Cook , Andy Lutomirski Cc: Kernel Hardening , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , X86 ML , LKML Date: Thu, 11 Oct 2018 14:23:23 -0700 In-Reply-To: References: <20181011185458.10186-1-kristen@linux.intel.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.26.6 (3.26.6-1.fc27) Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2018-10-11 at 13:55 -0700, Kees Cook wrote: > On Thu, Oct 11, 2018 at 1:48 PM, Andy Lutomirski > wrote: > > On Thu, Oct 11, 2018 at 11:55 AM Kristen Carlson Accardi > > wrote: > > > > > > This patch aims to make it harder to perform cache timing attacks > > > on data > > > left behind by system calls. If we have an error returned from a > > > syscall, > > > flush the L1 cache. > > > > > > It's important to note that this patch is not addressing any > > > specific > > > exploit, nor is it intended to be a complete defense against > > > anything. > > > It is intended to be a low cost way of eliminating some of side > > > effects > > > of a failed system call. > > > > > > A performance test using sysbench on one hyperthread and a script > > > which > > > attempts to repeatedly access files it does not have permission > > > to access > > > on the other hyperthread found no significant performance impact. > > > > > > Suggested-by: Alan Cox > > > Signed-off-by: Kristen Carlson Accardi > > > --- > > > arch/x86/Kconfig | 9 +++++++++ > > > arch/x86/entry/common.c | 18 ++++++++++++++++++ > > > 2 files changed, 27 insertions(+) > > > > > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > > > index 1a0be022f91d..bde978eb3b4e 100644 > > > --- a/arch/x86/Kconfig > > > +++ b/arch/x86/Kconfig > > > @@ -445,6 +445,15 @@ config RETPOLINE > > > code are eliminated. Since this includes the syscall > > > entry path, > > > it is not entirely pointless. > > > > > > +config SYSCALL_FLUSH > > > + bool "Clear L1 Cache on syscall errors" > > > + default n > > > + help > > > + Selecting 'y' allows the L1 cache to be cleared upon > > > return of > > > + an error code from a syscall if the CPU supports > > > "flush_l1d". > > > + This may reduce the likelyhood of speculative execution > > > style > > > + attacks on syscalls. > > > + > > > config INTEL_RDT > > > bool "Intel Resource Director Technology support" > > > default n > > > diff --git a/arch/x86/entry/common.c b/arch/x86/entry/common.c > > > index 3b2490b81918..26de8ea71293 100644 > > > --- a/arch/x86/entry/common.c > > > +++ b/arch/x86/entry/common.c > > > @@ -268,6 +268,20 @@ __visible inline void > > > syscall_return_slowpath(struct pt_regs *regs) > > > prepare_exit_to_usermode(regs); > > > } > > > > > > +__visible inline void l1_cache_flush(struct pt_regs *regs) > > > +{ > > > + if (IS_ENABLED(CONFIG_SYSCALL_FLUSH) && > > > + static_cpu_has(X86_FEATURE_FLUSH_L1D)) { > > > + if (regs->ax == 0 || regs->ax == -EAGAIN || > > > + regs->ax == -EEXIST || regs->ax == -ENOENT || > > > + regs->ax == -EXDEV || regs->ax == -ETIMEDOUT > > > || > > > + regs->ax == -ENOTCONN || regs->ax == > > > -EINPROGRESS) > > > > What about ax > 0? (Or more generally, any ax outside the range of > > -1 > > .. -4095 or whatever the error range is.) As it stands, it looks > > like > > you'll flush on successful read(), write(), recv(), etc, and that > > could seriously hurt performance on real workloads. > > Seems like just changing this with "ax == 0" into "ax >= 0" would > solve that? thanks, will do. > > I think this looks like a good idea. It might be worth adding a > comment about the checks to explain why those errors are whitelisted. > It's a cheap and effective mitigation for "unknown future problems" > that doesn't degrade normal workloads. > > > > + return; > > > + > > > + wrmsrl(MSR_IA32_FLUSH_CMD, L1D_FLUSH); > > What about CPUs without FLUSH_L1D? Could it be done manually with a > memcpy or something? It could - my original implementation (pre l1d_flush msr) did, but it did come with some additional cost in that I allocated per-cpu memory to keep a 32K buffer around that I could memcpy. It also sacrificed completeness for simplicity by not taking into account cases where L1 was not 32K. As far as I know this msr is pretty widely deployed, even on older hardware.