Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp10340529rwl; Wed, 11 Jan 2023 18:44:17 -0800 (PST) X-Google-Smtp-Source: AMrXdXv18gvNLv9cdDXdIWTufYpYKQRO3CPI/wGfFBa0LUWorIhUsFQtab31oVUHf62PYmijbWxC X-Received: by 2002:a17:90a:28a4:b0:229:476:2fb2 with SMTP id f33-20020a17090a28a400b0022904762fb2mr190593pjd.28.1673491457398; Wed, 11 Jan 2023 18:44:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673491457; cv=none; d=google.com; s=arc-20160816; b=yz4fqwcLD5YpjuZ7ak/NziLg3aza/fTar5hJyf9mG3fACe3HiXmxv+kjRDHV9C/rKl kDYkWMUvRH2ufAYndIZ+0+jpx4++B0O5cWP0uRmXmozoyTUV0ypy91fDZrQBEqVU8bSv YvA1Ut+m3rm2FiH/IkC9rZwVWLh3yVAv8oilj9hwt127EJqQRNhopgQ3aHLSENnXL7jV Q3Qmk2AyLO5ia/nHvMgggNm3GhhFyfS2GfcC9qRU8e7AbRuRZidBU4BngCRfQcA11CmK b/heQfOURkB+NOukMQBeV9clsy1VDJChiLtlnz2XeaYBA4PMuHtrKYZSs4vXmKbsKdx1 rVqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:references:in-reply-to:user-agent:subject:cc:to:from :date:dkim-signature:dkim-filter; bh=VGieq2MO5A1buIeiekgNn+iW1zNkO+ZFkczL48svTKc=; b=0/qcr5iS85C8QkHQfJQUvThgfFJL+/tvEfZFonGdOplE3MYncVWHpKhsyvhMGIUCpZ ACHXjjjp4VTiQeImqZ/dGDpT62kodvohpJoNudLAmQ/X0gl2rML5P5DYwm9VoYh05Hdl sU13IzhADrzFXyV14hLJ9gZ0ZuGbHCvCQ5ASHveoTA56dBan0vfodrfT1IMMDxpyrK/Z aUMZg7nf/ketarR5Mtmk7Ao6A30OIjCmVlQI4f3aXK+EbxCfW3x+SnQpmCbbstjHjPdi H9WVWO2ZmJsmBl0ButB1vl7bXIdDDrwie3yhOR18NfYRh7o+5jwz5tx5Ju0TV8C6q2KW O19Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zytor.com header.s=2023010601 header.b=JtlXfDni; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zytor.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bg2-20020a17090b0d8200b00225a37e6dc9si19401424pjb.4.2023.01.11.18.44.11; Wed, 11 Jan 2023 18:44:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zytor.com header.s=2023010601 header.b=JtlXfDni; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zytor.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235738AbjALByN (ORCPT + 50 others); Wed, 11 Jan 2023 20:54:13 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235975AbjALByL (ORCPT ); Wed, 11 Jan 2023 20:54:11 -0500 Received: from mail.zytor.com (unknown [IPv6:2607:7c80:54:3::138]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3A4F741D7A for ; Wed, 11 Jan 2023 17:54:09 -0800 (PST) Received: from [127.0.0.1] ([73.223.250.219]) (authenticated bits=0) by mail.zytor.com (8.17.1/8.17.1) with ESMTPSA id 30C1rfAG2011617 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Wed, 11 Jan 2023 17:53:42 -0800 DKIM-Filter: OpenDKIM Filter v2.11.0 mail.zytor.com 30C1rfAG2011617 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zytor.com; s=2023010601; t=1673488423; bh=VGieq2MO5A1buIeiekgNn+iW1zNkO+ZFkczL48svTKc=; h=Date:From:To:CC:Subject:In-Reply-To:References:From; b=JtlXfDni+v/9GVy2OqI9M0ZjxbksDYqF0MCOYyfzko0Tk7OonLo8E0szfIuZEyNjt JaH9yR9JOtMLy9u29Ln2csMpVrPl6+e+Wv9CuL/8+l3pcXvO7q3qcFhrQfzlSi1MAN 2Z2Ekrq/O+4/m6q77x+NiZDIHNGQTOtYbgKEJ+mXpEiTnHiivnQd3CXy1qTQzGYbfU 8nFPcNZDk4h9QV2wjv4QucqFTRjW+r1p+7OlwAHJsnmhsdVH4pLQ2fhqByCZR/H2B+ sRmqZf2+uSNpLo3CmDlaoLoDPuvZSTQxvM+Nm1NEOcL9m0HFdnD8f1y9qxCWSEMInh amnDhr+L1sHGQ== Date: Wed, 11 Jan 2023 17:53:37 -0800 From: "H. Peter Anvin" To: "Maciej W. Rozycki" , "Jason A. Donenfeld" CC: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, linux-kernel@vger.kernel.org Subject: =?US-ASCII?Q?Re=3A_=5BPATCH_v2=5D_x86=3A_Disable_kernel_?= =?US-ASCII?Q?stack_offset_randomization_for_!TSC?= User-Agent: K-9 Mail for Android In-Reply-To: References: Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On January 11, 2023 5:34:29 PM PST, "Maciej W=2E Rozycki" wrote: >On Tue, 10 Jan 2023, Jason A=2E Donenfeld wrote: > >> > Index: linux-macro/arch/x86/include/asm/entry-common=2Eh >> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >> > --- linux-macro=2Eorig/arch/x86/include/asm/entry-common=2Eh >> > +++ linux-macro/arch/x86/include/asm/entry-common=2Eh >> > @@ -5,6 +5,7 @@ >> > #include >> > #include >> > =20 >> > +#include >> > #include >> > #include >> > #include >> > @@ -85,7 +86,8 @@ static inline void arch_exit_to_user_mod >> > * Therefore, final stack offset entropy will be 5 (x86_64) or >> > * 6 (ia32) bits=2E >> > */ >> > - choose_random_kstack_offset(rdtsc() & 0xFF); >> > + if (cpu_feature_enabled(X86_FEATURE_TSC)) >> > + choose_random_kstack_offset(rdtsc() & 0xFF); >>=20 >> What would happen if you just called `get_random_u8()` here? > > Thank you for your input=2E I've had a look at the function and it seem= s a=20 >bit heavyweight compared to a mere single CPU instruction, but I guess wh= y=20 >not=2E Do you have any performance figures (in terms of CPU cycles) for = the=20 >usual cases? Offhand I'm not sure how I could benchmark it myself=2E > > I have made a patch and of course it makes the system boot too, although= =20 >it's not clear to me how I can actually verify randomisation works=2E I = can=20 >assume it does I suppose=2E > > Maciej Not to mention that we could use rdrand here if it is available (although = it is slower than rdtsc=2E) RDTSC isn't a super fast instruction either, but what is *way* more signif= icant is that this use of RDTSC is NOT safe: in certain power states it may= very well be that stone number of lower bits of TSC contain no entropy at = all=2E At the very least one should do a rotating multiply with a large (32-bit) = prime number=2E