Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp10068910imu; Wed, 5 Dec 2018 15:37:27 -0800 (PST) X-Google-Smtp-Source: AFSGD/U9GfjL6ihlGwmZTFXXMvRyBkcUHnVlXVya+Cdd0WXxpKB92wOIWPRolAelH+VIUBkbm4xr X-Received: by 2002:a62:c42:: with SMTP id u63mr25789908pfi.73.1544053047205; Wed, 05 Dec 2018 15:37:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544053047; cv=none; d=google.com; s=arc-20160816; b=k+4znZi2TUvo5QjLDd4vzTI1Wivc85Jbr3c+mO/CbT7yfGnVpeKjdRsolgNd34q02h vumlQK517Nckck8DXRJeRJNBt0J08euXiR2pdIFim7t/yBWU0VvIw4cJPB0F5GI32gcP YF5GCjo8r0h1LNi6khQXsMktaGwq6U2CNkceSGrCkaIpKiCdn6X1s3pZmZry7KipX6BY jERoKFCYQ3wUBEQzQesV9VC7khuSD0qcWy6l67Oc8BSjMS3B1CMpBvb+rRxI/Vw9LJh3 1VVlJoSqxZIGE2knE910mO7SKiFvDClqHEpoAvNOnXgYqKeeoBwXqfJznIE+SS/nAuWE a5/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=kbak+6q0c5T8RX/1+P8Isk+KoCoolMRa0grABPh9354=; b=Hz7j6Pom3YWeyxZdQ5LUTZXoBHgkhXFeTDysbF+GcVpG2wdX6o0myEtZ3I6bfm2JNS DhSDGwNx+vxUKeBkz59ukQrc2odMseCA+4EHRa+H0TkHrWbUqq6YV1jJXoDkoA5AutTA Yrd0kCV7WQcHWsNkhf2neubKqggKhACEjnNiu5V/W9ZEMIP8bUzOsLTAx3iLKRNJUxSO YS9TE4AFSCQcd/w4YpsxwR3r5cBUtbjTgirpfUHU+gNsj5HDVID9VECKQwaPJ5HviK2X 6yHpFxeAXph45g0EVBCWpGaDzZTTglh/UjLlyhCePE/EM5vF2SEejscl1OnsUhSh5gA5 bYjw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=LKxsy6iw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o184si19024769pgo.591.2018.12.05.15.37.11; Wed, 05 Dec 2018 15:37:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=LKxsy6iw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728596AbeLEXgY (ORCPT + 99 others); Wed, 5 Dec 2018 18:36:24 -0500 Received: from mail.kernel.org ([198.145.29.99]:55080 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727628AbeLEXgX (ORCPT ); Wed, 5 Dec 2018 18:36:23 -0500 Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id EF201213A2 for ; Wed, 5 Dec 2018 23:36:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1544052983; bh=HdKzwjq0Ktp+3fDTmn75tOVezfVsQGQJUbhDfnOAGO4=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=LKxsy6iwT1syzHEMGN9kUv2eF8/m/yymbi4vbkd6+G5oL08pmdMJ961Ir9xVm481e 22rv/J5683IKZbWPExK200+EMPqjrIkRdoHYih5ShTCcXnlz1l4RRpQF6lOH8z0Dmo ad8u/N7VmNm2ipBaE8BGtTzkzYbcKSLzM4TCFi/k= Received: by mail-wr1-f53.google.com with SMTP id q18so21419715wrx.9 for ; Wed, 05 Dec 2018 15:36:22 -0800 (PST) X-Gm-Message-State: AA+aEWbIwSFS67nZCMiPFQyXrQBsDGooFoZI7YIEXgMxzi9GRZwfF2vx nfI39st2SYt1QvPJDAF1lVbAlp8pf6S2v4J6vY5XkA== X-Received: by 2002:a5d:5502:: with SMTP id b2mr24114300wrv.330.1544052981473; Wed, 05 Dec 2018 15:36:21 -0800 (PST) MIME-Version: 1.0 References: <20181204180835.29f9aa03@vmware.local.home> <20181205150422.mlrjcm5rm26ozg5j@treble> In-Reply-To: <20181205150422.mlrjcm5rm26ozg5j@treble> From: Andy Lutomirski Date: Wed, 5 Dec 2018 15:36:10 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 0/4] Static calls To: Josh Poimboeuf Cc: Steven Rostedt , X86 ML , LKML , Ard Biesheuvel , Andrew Lutomirski , Peter Zijlstra , Ingo Molnar , Thomas Gleixner , Linus Torvalds , Masami Hiramatsu , Jason Baron , Jiri Kosina , David Laight , Borislav Petkov , julia@ni.com, jeyu@kernel.org, "H. Peter Anvin" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org >> On Dec 5, 2018, at 7:04 AM, Josh Poimboeuf wrote: > > >> Anyway, I have a new objection to Josh=E2=80=99s create_gap proposal: wh= at on >> Earth will kernel CET do to it? Maybe my longjmp-like hack is >> actually better. > > Does CET even care about iret? I assumed it didn't. If it does, your > proposal would have the same problem, no? I think it doesn=E2=80=99t, but it doesn=E2=80=99t really matter. The shad= ow stack looks like: retaddr of function being poked call do_int3 + 5 And, to emulate a call, you need to stick a new frame right in the middle. At least with a longjmp-like approach, you can clobber the =E2=80=9Ccall do_int3 + 5=E2=80=9D part and then INCSSP on the way out. To= be fair, I think this also sucks. PeterZ, can we abuse NMI to make this problem go away? I don't suppose that we have some rule that NMI handlers never wait for other CPUs to finish doing anything?