Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp402063ybv; Fri, 7 Feb 2020 01:25:56 -0800 (PST) X-Google-Smtp-Source: APXvYqxDcJA1wq5hFMizi8NaMz7jv7DELXNbesZQt/NPobYKMtMubT/30aMLj+y3YszT5eErxmN3 X-Received: by 2002:aca:1a06:: with SMTP id a6mr1378816oia.148.1581067555976; Fri, 07 Feb 2020 01:25:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581067555; cv=none; d=google.com; s=arc-20160816; b=G/7/86fIrkZkCqouwffEJ78YXyMzmsX0HpywvJMVWuwhpEXJU3fWSIDIPYYaEAfWbM RTrK7BNcLVZMp2kO0GW46aKBmobAT5Tu62s0anDZ4NFpSZXGq2YbLKLWIMG8JV9HRzPG M7PfLilpn3Gpr4VfE9H1pKJuljpbcRENaNTzXJILCI8T9+6g76NFjvYA3lYDo8zJ1Zr8 OcQR9t4BANvzJRmLcV1pzvLBycQiG1ZjIcUEusqjuXh6UyHgi4wHSIKK1odGxgtIUPEB RhO0qbw4xH7d2/1tiD8rVMT1DALLDpvXIQg28aHUZ8CHnMKU/IIb7vjMKtXHB0VJpZPE 70xA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=yaE19GgpjVX5EZUeoCXo1Tot1/ENKsmmaOeID2j9w7k=; b=wPZ5zDS3eNZ/M1r9dd+kEn/YHbcGRYai2OGyQH2y1ER+EKXOpoiqKqwl8hzozjrh8q 94fAdx5L99aqXKBfQXiXQO3lFeQsSRZ+TQHjTl/pq4CRPRHg3rCURrEjRKdc/Z70K8AC W8/kVq3v7Lpi8XlZfmqCpilwriLxnlhVRrSwp0z1qP8T91Ha3pIl5pT3c1p6Ri9eIuVq hkjO77BADobaoM9wbfuqhoLFwwTRMBii8YMpHcXEGXBMEszyCHyc8dyZltZ3R7NT3ESG zN3Qj71YPzA6V/FbfPNSR+hzA+6MQzFeEv1MrDGhmIIaqG5Bdakss9adIEaAFfeo3JF1 v2SQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b="fuRDhn/w"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r21si1388076otd.135.2020.02.07.01.25.44; Fri, 07 Feb 2020 01:25:55 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b="fuRDhn/w"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727018AbgBGJYg (ORCPT + 99 others); Fri, 7 Feb 2020 04:24:36 -0500 Received: from bombadil.infradead.org ([198.137.202.133]:58182 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726417AbgBGJYf (ORCPT ); Fri, 7 Feb 2020 04:24:35 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=In-Reply-To:Content-Transfer-Encoding :Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date: Sender:Reply-To:Content-ID:Content-Description; bh=yaE19GgpjVX5EZUeoCXo1Tot1/ENKsmmaOeID2j9w7k=; b=fuRDhn/wOjdvyk0m/AyqA/kup7 zrsbwXouGB5slDalE0R/KNtPkUPPkbVHPhS9GkjhGlxd2QdwEG+HgNMz8WK+EqsCwmUHfP2i3YUb6 /Nt5s0JUx4pw2up1M/cQs/WXlr1o8zdkaAhQ2nh6fVIfysjqB1RrqFlu0wVpeYZn9/7l1PHcHe1PA S00jCNQJeqSygWrfPYXDdPej8QUmNXK0In69nBO8Rp6pX2DRS3frF6KHbQE8Hx7/qbQi1E6eXZMVF BYhV/FD4QlgOXZL6y1VtNr/6Ba1Gk6AoZ5sfo5Pq2L0W8Et7/gUgUzxQgGvovtV4xX42g6v3mKFcT CJFQnSOg==; Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=noisy.programming.kicks-ass.net) by bombadil.infradead.org with esmtpsa (Exim 4.92.3 #3 (Red Hat Linux)) id 1izzsA-0007ba-3H; Fri, 07 Feb 2020 09:24:26 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id ABAC3304B7F; Fri, 7 Feb 2020 10:22:36 +0100 (CET) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 7BFDA2B81491C; Fri, 7 Feb 2020 10:24:23 +0100 (CET) Date: Fri, 7 Feb 2020 10:24:23 +0100 From: Peter Zijlstra To: Andy Lutomirski Cc: Kristen Carlson Accardi , Kees Cook , tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, arjan@linux.intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: Re: [RFC PATCH 06/11] x86: make sure _etext includes function sections Message-ID: <20200207092423.GC14914@hirez.programming.kicks-ass.net> References: <75f0bd0365857ba4442ee69016b63764a8d2ad68.camel@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 06, 2020 at 12:02:36PM -0800, Andy Lutomirski wrote: > Also, in the shiny new era of > Intel-CPUs-can’t-handle-Jcc-spanning-a-cacheline, function alignment > may actually matter. *groan*, indeed. I just went and looked that up. I missed this one in all the other fuss :/ So per: https://www.intel.com/content/dam/support/us/en/documents/processors/mitigations-jump-conditional-code-erratum.pdf the toolchain mitigations only work if the offset in the ifetch window (32 bytes) is preserved. Which seems to suggest we ought to align all functions to 32byte before randomizing it, otherwise we're almost guaranteed to change this offset by the act of randomizing.