Received: by 2002:ac0:b08d:0:0:0:0:0 with SMTP id l13csp4601032imc; Mon, 25 Feb 2019 07:43:09 -0800 (PST) X-Google-Smtp-Source: AHgI3IYHGaLvZVfzfuCbpG27zlFhOF36Qct3Fa1/a9QNgUsA8bUOLhwpuZdt2M5ZqSAqRLHmHCls X-Received: by 2002:a62:465d:: with SMTP id t90mr21570645pfa.181.1551109389513; Mon, 25 Feb 2019 07:43:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551109389; cv=none; d=google.com; s=arc-20160816; b=hF6WmsHnkg/i1DCLJW94wyiwyLVT8Ym2J0zIOutoQyCSBFjzg4eOIqCvAdkmiMDiuh 1Ho5RpPpCcAehQCe8W5DjHhZg8tSU4+n4mZlEnhAbpb/8Yy5WRnEK+VlXc2e9axPXguI 8GOZk99zLnwU+C9LqB0slK7HGvRUo6dVCJ39NrXvl2Sd/02HgRvD+bbysmu20ERuYJuu rDpLdaVMh/8dm1fRDEn2qhAGuG8SeeMAhTH+LTrmBUO9Bb0cz+5QWcG4WKEMHJSYG+le CzJAFPxppZNFEYPABIfMpywg/Pf9+QWM2zRYAgRos+BoPexdJagFfK9W0/78MO26w6uA N8Sg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=/PhMVer6cJ+0OmNDHeuEY29H9bgR5jD9IGeXAW6c908=; b=SMVK+xGJG6P4HBLZE7WIBiwc2xlrlp6vXmFL8CFvAN/wKWi2SD5YwwWxdVJT9pIfK7 AJe2DVPJltJc6wGHMJm0r/qlyNfFcZyoQnWWiVbzbxfWeeYk2tddkaaVETA8sRqOMs6N wFkIqMWDK0sbBkDFLAipUGQGYTM/XX0PLNtqUCwe3eqjFabm1iwruUt1ncwqLaFgK/mO zCRpiwnwyw4w7gCvg5WrCPGsuWfOlRLX680I+yzpJSnjTw6n6vsvJwLjK54kkWshpuk6 U7EInie4xxu/bEC1SZnAStjmbPT/EHU6+Y+x0ywhcyDSte4deylEB0ng9fh+t0k2w8TV l0yQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=RbSdFh8+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f76si10582060pfa.238.2019.02.25.07.42.54; Mon, 25 Feb 2019 07:43:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=RbSdFh8+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727791AbfBYPmF (ORCPT + 99 others); Mon, 25 Feb 2019 10:42:05 -0500 Received: from mail-wm1-f65.google.com ([209.85.128.65]:34991 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727628AbfBYPmF (ORCPT ); Mon, 25 Feb 2019 10:42:05 -0500 Received: by mail-wm1-f65.google.com with SMTP id y15so8544853wma.0 for ; Mon, 25 Feb 2019 07:42:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/PhMVer6cJ+0OmNDHeuEY29H9bgR5jD9IGeXAW6c908=; b=RbSdFh8+9GMLKl/GTWpQxhxZy0plUn5SiiQZIk8HV05DN+U/cr4knPT5IjkbsfKgZn bJNrcxB7pKFU1VYOvlSy5pZiPwFN+0N+xZta4hehf/A8qB6UYRqnwGzAxt4QqchzpyB+ kzoMKUQ3bJcLnx09XCXD06K10phtMKBjHZy1QjJECWAmqnGCBwRYrkF2msluV6tU5WNZ 4XQsmVVX53jJ3IoaFfBbE0+LY69hMClW5EYtiNqi0PcFayPmnIaPnXYjfeIszEVebKew R71gO1xEEBkYRTR5jDd91hzJ+P0Ovut+9K2uwoO09aYPnH98yYpSI8xo924bSzSPC1z8 Zu+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/PhMVer6cJ+0OmNDHeuEY29H9bgR5jD9IGeXAW6c908=; b=pqBVlPRe15JlUXjoLxwgb0OZcva5hkFvmFkNTNIbCkWIsEy5qIQhihotd9c5FloCQy PMUp7Kb2nDUd6976V3x0ac0HiredbyQEDIY+YS5Y+fYZUelT+k1aOd0YmErFxd9kyirK 1j9EcuRJFFhu8pfSQKC5R5PiYxSTHL13qeOMgnxziN0PfLqPtOaAVBhI66dqq0cYtdTc R03vC4e3PiJLdaBCTQNXMlsneFUblH69e8azZUnXGuOUZkP6phgp/0aTO6o3k9ZAxgYT mdxkkgQjgA8YIk/VaevcV0nxZHCjDUgYxbGHtmlfq4q7ViIMiaNxExRUTTFMwgUI6IoF Noxg== X-Gm-Message-State: AHQUAuajMTI/aCV81eOw+/gHGkWDOmlnGXiujq62P9NhQxybWlM+f3c9 DhiabwJqH40jAhKmOU3UfsEjiYkL35v4WFe/MAm7sA== X-Received: by 2002:a7b:c84b:: with SMTP id c11mr10827034wml.108.1551109322740; Mon, 25 Feb 2019 07:42:02 -0800 (PST) MIME-Version: 1.0 References: <20190225124330.613028745@infradead.org> <20190225125231.936952143@infradead.org> In-Reply-To: <20190225125231.936952143@infradead.org> From: Andy Lutomirski Date: Mon, 25 Feb 2019 07:41:50 -0800 Message-ID: Subject: Re: [PATCH 2/6] x86/ia32: Fix ia32_restore_sigcontext AC leak To: Peter Zijlstra Cc: Linus Torvalds , Thomas Gleixner , "H. Peter Anvin" , Julien Thierry , Will Deacon , Ingo Molnar , Catalin Marinas , James Morse , valentin.schneider@arm.com, Brian Gerst , Josh Poimboeuf , Andrew Lutomirski , Borislav Petkov , Denys Vlasenko , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Feb 25, 2019 at 4:53 AM Peter Zijlstra wrote: > > Don't call load_gs_index() with AC set; delay the segment setting > until after the AC section. > > Signed-off-by: Peter Zijlstra (Intel) > --- > arch/x86/ia32/ia32_signal.c | 29 +++++++++++++++++++---------- > 1 file changed, 19 insertions(+), 10 deletions(-) > > --- a/arch/x86/ia32/ia32_signal.c > +++ b/arch/x86/ia32/ia32_signal.c > @@ -60,17 +60,21 @@ > regs->seg = GET_SEG(seg) | 3; \ > } while (0) > > -#define RELOAD_SEG(seg) { \ > - unsigned int pre = GET_SEG(seg); \ > - unsigned int cur = get_user_seg(seg); \ > - pre |= 3; \ > - if (pre != cur) \ > - set_user_seg(seg, pre); \ > +#define LOAD_SEG(seg) { \ > + pre_##seg = 3 | GET_SEG(seg); \ > + cur_##seg = get_user_seg(seg); \ > +} > + > +#define RELOAD_SEG(seg) { \ > + if (pre_##seg != cur_##seg) \ > + set_user_seg(seg, pre_##seg); \ > } This is so tangled. How about changing RELOAD_SEG to replace unsigned int pre = GET_SEG(seg); with unsigned int pre = (seg); to make it less magic. Then do: unsigned int gs = GET_SEG(gs); ... RELOAD_SEG(gs); And now the code actually does what it looks like it does.