Received: by 2002:a05:6358:489b:b0:bb:da1:e618 with SMTP id x27csp8107351rwn; Wed, 14 Sep 2022 09:03:43 -0700 (PDT) X-Google-Smtp-Source: AA6agR4cu8IZG02sDVWGMCWmAJ2afJlgf00LsvqAcnVCaFbB3bpGKhKRzMePTBkNy04UXsVxD9jx X-Received: by 2002:a17:907:724e:b0:77a:63:4a24 with SMTP id ds14-20020a170907724e00b0077a00634a24mr18061111ejc.35.1663171422805; Wed, 14 Sep 2022 09:03:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663171422; cv=none; d=google.com; s=arc-20160816; b=AB7h3IT33L3CPOy4xCDTO+cT2wl4W6zP2pcMpgiv9+z5LCiRxJDyu1b83i/zU3SVmY YqbmJ5/11zcqOoQbR6jH8XBfng3gg2PkU+nX8I4ew2HzGy1OvcTq3RZDOHDV6zs8kf8i QusVHhEsh2wU/HYDud1iAbP67swLCyb1Kd5hgp8u8Gk1AL1ncShzDoZOm6h3OFHxQcnh VZUdqYRIK8v77cKbBz1qzPA3ioM8+uFJowP9t6R64m2EGEe21oI0FiLUYF+qbGCpM25p Ocn+QagYjhMeKxj+sqkYtMsvd4RALqwpYy9P3fAM63kWTbttrFVq52VzThqyo7R6OCvY +50g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=4dhFsHlPlvcgQnVjUa+mHnTzrJV68XTZuGnDxYxZSu4=; b=jhDZYryxLdZI0v49fQAWn8S8WJTl+bEH/VQRy4PvkHDDM5D/1e0iUFxNQAbHCcX/JM 3+p/pA1GA75nj+6ze5S0eM8aE6upnmAQoWJuQVn3riAqPzuo1O8349LILodsXgF7uphS ZBPrTomMD8sO1fIhzCOtSArawdwcT2y0ONVOmTYioBawOM+ZTNj6AhLUiPTaO1/HCUzN vYmyDKCgeWRpvrp2xFLI1bdlFBFQrW4AEExTDk9IqLSF/xPMvM3ftYN0fUXOAAvRIVuH yRcpm5mhyplSX8Tn1xHU+KxBEVNosys5jGZi5AFmphTsDlEYbAUCuk0OxdY80X5DV8qD ztpQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=IN4R36fV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gt16-20020a1709072d9000b0077f0a70e44dsi7215219ejc.200.2022.09.14.09.03.16; Wed, 14 Sep 2022 09:03:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=IN4R36fV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230037AbiINPtl (ORCPT + 99 others); Wed, 14 Sep 2022 11:49:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44954 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229473AbiINPtj (ORCPT ); Wed, 14 Sep 2022 11:49:39 -0400 Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 72952101D3 for ; Wed, 14 Sep 2022 08:49:37 -0700 (PDT) Received: by mail-ed1-x529.google.com with SMTP id m3so3068137eda.12 for ; Wed, 14 Sep 2022 08:49:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=4dhFsHlPlvcgQnVjUa+mHnTzrJV68XTZuGnDxYxZSu4=; b=IN4R36fVYPVs6/B3yawNpatvT0g56oTugoNv50vlbOXyXAsWcQoX74Glmu+xcRhOae GvAaCg3MG/L8Q3tas9HwCOXN3WC128YoUW6cyI94sICqKBOFj+qu5Pqj+Xtjd7FCE/B9 KkxrkeW/KK4wmkj30T3mcNCqF/q+6LqDkPiPNAKPsxrctP5e4Kojgv2JnihFQoPjqdJ/ DM/T11hN+TzYjoppc5tkW7sVbID5LzLP59xDvMfco3TjvCbrG0Oq/OjRNaBHrGmkAU+U 11JcCqoTcYzdCIF31VPjJE7zXI8LZoG7BMP+YKmd9Nk/SlkVy6K+g49IFh1ZQOJfuSxr 8gXA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=4dhFsHlPlvcgQnVjUa+mHnTzrJV68XTZuGnDxYxZSu4=; b=e5Z1hIXdlw/JCUExR7ksyjvO88KkmepYFu0G1ByGSkt7hcxeeEd/Eg8czuvbekycYK G1DMqmzMvT65uQSwCKo7yzqGz3cOmSl5wcr7BqYE3AMKASGkb1Cxz1ypZ7+ig9Nk6RUI O+eMUHHReVvZsp1lGR/UVgzQM5vQhCmO10WVJIACy/YS/xoAvIK6yMKt8yj0mPGP7R1+ YD2UAigimV9nELkoOH757E+HHGGljm8+YdL3zJ0NPaHj8LonxqcsPxS81ksriXPL4HVH UGxTkUYw2EIBowelB3PeOpxNbH7FW57QgrkMbE4nQT670WnbuBxBfP2LQDs0VUjjfMNm 7PIA== X-Gm-Message-State: ACgBeo186Ft+1lH3BVttlYznAetEmiKoKX1svyLjWRfhuCqiMqWo68dG uI8I9Hv1YO2TnqusvZu0m8X6pbZrHPe6Q8BAnYib X-Received: by 2002:a05:6402:274c:b0:44f:334e:1e11 with SMTP id z12-20020a056402274c00b0044f334e1e11mr28344216edd.304.1663170575800; Wed, 14 Sep 2022 08:49:35 -0700 (PDT) MIME-Version: 1.0 References: <20220902213750.1124421-1-morbo@google.com> <20220902213750.1124421-3-morbo@google.com> <202209022251.B14BD50B29@keescook> In-Reply-To: From: Bill Wendling Date: Wed, 14 Sep 2022 16:49:19 +0100 Message-ID: Subject: Re: [PATCH 2/2] x86/paravirt: add extra clobbers with ZERO_CALL_USED_REGS enabled To: Nathan Chancellor Cc: Peter Zijlstra , Nick Desaulniers , Kees Cook , Juergen Gross , "Srivatsa S. Bhat (VMware)" , Alexey Makhalov , VMware PV-Drivers Reviewers , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" , "H. Peter Anvin" , virtualization@lists.linux-foundation.org, LKML , clang-built-linux , linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Sep 14, 2022 at 3:41 PM Nathan Chancellor wrote: > On Wed, Sep 07, 2022 at 10:50:03AM +0200, Peter Zijlstra wrote: > > On Tue, Sep 06, 2022 at 11:00:07PM -0700, Nick Desaulniers wrote: > > > On Sun, Sep 4, 2022 at 11:02 PM Bill Wendling wrote: > > > > > > > > On Sat, Sep 3, 2022 at 12:18 AM Kees Cook wrote: > > > > > > > > > > On Fri, Sep 02, 2022 at 09:37:50PM +0000, Bill Wendling wrote: > > > > > > [...] > > > > > > callq *pv_ops+536(%rip) > > > > > > > > > > Do you know which pv_ops function is this? I can't figure out where > > > > > pte_offset_kernel() gets converted into a pv_ops call.... > > > > > > > > > This one is _paravirt_ident_64, I believe. I think that the original > > > > issue Nathan was seeing was with another seemingly innocuous function. > > > > > > _paravirt_ident_64 is marked noinstr, which makes me suspect that it > > > really needs to not be touched at all by the compiler for > > > these...special features. > > > > My source tree sayeth: > > > > u64 notrace _paravirt_ident_64(u64 x) > > > > And that function is only ever called at boot, after alternatives runs > > it's patched with: > > > > mov %_ASM_ARG1, %_ASM_AX > > > > Anyway, if you want to take it away from the compiler, something like > > so should do. > > This appears to work fine for me in QEMU, as I can still boot with > CONFIG_ZERO_CALL_USED_REGS and spawn a nested guest without any issues. > Thanks, Nathan. I much prefer to use this patch then and file a separate issue to investigate the clobbers issue for later. -bw > > diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c > > index 7ca2d46c08cc..8922e2887779 100644 > > --- a/arch/x86/kernel/paravirt.c > > +++ b/arch/x86/kernel/paravirt.c > > @@ -80,11 +80,16 @@ static unsigned paravirt_patch_call(void *insn_buff, const void *target, > > } > > > > #ifdef CONFIG_PARAVIRT_XXL > > -/* identity function, which can be inlined */ > > -u64 notrace _paravirt_ident_64(u64 x) > > -{ > > - return x; > > -} > > +extern u64 _paravirt_ident_64(u64 x); > > +asm (".pushsection .entry.text, \"ax\"\n" > > + ".global _paravirt_ident_64\n" > > + "_paravirt_ident_64:\n\t" > > + ASM_ENDBR > > + "mov %" _ASM_ARG1 ", %" _ASM_AX "\n\t" > > + ASM_RET > > + ".size _paravirt_ident_64, . - _paravirt_ident_64\n\t" > > + ".type _paravirt_ident_64, @function\n\t" > > + ".popsection"); > > #endif > > > > DEFINE_STATIC_KEY_TRUE(virt_spin_lock_key); > >