From: Josh Poimboeuf <jpoimboe@redhat.com>
To: Borislav Petkov <bp@alien8.de>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Michal Marek <mmarek@suse.cz>,
Peter Zijlstra <peterz@infradead.org>,
Andy Lutomirski <luto@kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Andi Kleen <andi@firstfloor.org>, Pedro Alves <palves@redhat.com>,
x86@kernel.org, live-patching@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH 04/21] x86/hweight: Add stack frame dependency for __arch_hweight*()
Date: Fri, 17 Jul 2015 12:32:20 -0500 [thread overview]
Message-ID: <20150717173220.GA12761@treble.redhat.com> (raw)
In-Reply-To: <20150717171726.GA21568@nazgul.tnic>
On Fri, Jul 17, 2015 at 07:17:26PM +0200, Borislav Petkov wrote:
> On Fri, Jul 17, 2015 at 11:47:20AM -0500, Josh Poimboeuf wrote:
> > If __arch_hweight32() or __arch_hweight64() is inlined at the beginning
> > of a function, gcc can insert the call instruction before setting up a
> > stack frame, which breaks frame pointer convention if
> > CONFIG_FRAME_POINTER is enabled and can result in a bad stack trace.
> >
> > Force a stack frame to be created if CONFIG_FRAME_POINTER is enabled by
> > listing the stack pointer as an output operand for the inline asm
> > statement.
> >
> > Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
> > ---
> > arch/x86/include/asm/arch_hweight.h | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/x86/include/asm/arch_hweight.h b/arch/x86/include/asm/arch_hweight.h
> > index 9686c3d..e438a0d 100644
> > --- a/arch/x86/include/asm/arch_hweight.h
> > +++ b/arch/x86/include/asm/arch_hweight.h
> > @@ -23,10 +23,11 @@
> > */
> > static inline unsigned int __arch_hweight32(unsigned int w)
> > {
> > + register void *__sp asm("esp");
> > unsigned int res = 0;
> >
> > asm (ALTERNATIVE("call __sw_hweight32", POPCNT32, X86_FEATURE_POPCNT)
> > - : "="REG_OUT (res)
> > + : "="REG_OUT (res), "+r" (__sp)
> > : REG_IN (w));
> >
> > return res;
> > @@ -44,6 +45,7 @@ static inline unsigned int __arch_hweight8(unsigned int w)
> >
> > static inline unsigned long __arch_hweight64(__u64 w)
> > {
> > + register void __maybe_unused *__sp asm("rsp");
> > unsigned long res = 0;
> >
> > #ifdef CONFIG_X86_32
> > @@ -51,7 +53,7 @@ static inline unsigned long __arch_hweight64(__u64 w)
> > __arch_hweight32((u32)(w >> 32));
> > #else
> > asm (ALTERNATIVE("call __sw_hweight64", POPCNT64, X86_FEATURE_POPCNT)
> > - : "="REG_OUT (res)
> > + : "="REG_OUT (res), "+r" (__sp)
> > : REG_IN (w));
> > #endif /* CONFIG_X86_32 */
>
> Eeew, useless code so that some compile-time validation is done. Let's
> not add this clutter please.
>
> In this particular case, the majority of CPUs out there will get POPCNT
> patched in and that CALL is gone. And for the remaining cases where we
> do end up using the __sw_* variants, I'd prefer to rather not do the
> validation instead of polluting the code with that fake rsp dependency.
Well, but this isn't some whitelist code to make stackvalidate happy.
It's actually a real runtime frame pointer bug, and the rsp dependency
is real. If it does the call without first creating the stack frame
then it breaks frame pointer based stack traces.
--
Josh
next prev parent reply other threads:[~2015-07-17 17:32 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-14 17:14 [PATCH v7 0/4] Compile-time stack validation Josh Poimboeuf
2015-07-14 17:14 ` [PATCH v7 1/4] x86/asm: Frame pointer macro cleanup Josh Poimboeuf
2015-07-14 17:14 ` [PATCH v7 2/4] x86/stackvalidate: Compile-time stack validation Josh Poimboeuf
2015-07-14 20:57 ` Peter Zijlstra
2015-07-14 21:11 ` Josh Poimboeuf
2015-07-14 21:08 ` Peter Zijlstra
2015-07-14 21:30 ` Josh Poimboeuf
2015-07-14 21:56 ` Peter Zijlstra
2015-07-14 22:32 ` Josh Poimboeuf
2015-07-20 16:53 ` Namhyung Kim
2015-07-20 17:50 ` Josh Poimboeuf
2015-07-21 8:02 ` Ingo Molnar
2015-07-21 12:04 ` Josh Poimboeuf
2015-07-21 8:42 ` Bernd Petrovitsch
2015-07-21 12:06 ` Josh Poimboeuf
2015-07-14 17:14 ` [PATCH v7 3/4] x86/stackvalidate: Add file and directory ignores Josh Poimboeuf
2015-07-14 17:14 ` [PATCH v7 4/4] x86/stackvalidate: Add ignore macros Josh Poimboeuf
2015-07-14 17:25 ` [PATCH v7 0/4] Compile-time stack validation Josh Poimboeuf
2015-07-15 10:16 ` Ingo Molnar
2015-07-15 16:05 ` Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 00/21] x86: Proposed fixes for stackvalidate warnings Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 01/21] stackvalidate: Process ignores earlier and add more ignore checks Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 02/21] stackvalidate: Add C version of STACKVALIDATE_IGNORE_INSN Josh Poimboeuf
2015-07-18 14:56 ` Borislav Petkov
2015-07-18 16:00 ` Josh Poimboeuf
[not found] ` <CA+55aFyoO75n-mQBrB_YBLx9yNpAjisFAqkO8+YsphD-xmgY+w@mail.gmail.com>
2015-07-18 16:40 ` Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 03/21] x86/asm: Add C versions of FRAME and ENDFRAME macros Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 04/21] x86/hweight: Add stack frame dependency for __arch_hweight*() Josh Poimboeuf
2015-07-17 17:17 ` Borislav Petkov
2015-07-17 17:32 ` Josh Poimboeuf [this message]
2015-07-18 5:05 ` Borislav Petkov
2015-07-18 13:44 ` Josh Poimboeuf
2015-07-18 14:56 ` Borislav Petkov
2015-07-18 15:57 ` Josh Poimboeuf
2015-07-19 4:12 ` Borislav Petkov
2015-07-22 0:13 ` Andy Lutomirski
2015-07-22 4:25 ` Borislav Petkov
2015-07-22 4:39 ` Andy Lutomirski
2015-07-22 4:45 ` Borislav Petkov
2015-07-17 16:47 ` [RFC PATCH 05/21] x86/xen: Add stack frame dependency to hypercall inline asm calls Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 06/21] x86/paravirt: Add stack frame dependency to PVOP " Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 07/21] x86/paravirt: Fix frame pointer usage in PV_CALLEE_SAVE_REGS_THUNK Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 08/21] x86/paravirt: Align paravirt thunk functions at 16-byte boundaries Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 09/21] x86/amd: Set ELF function type for vide() Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 10/21] x86/reboot: Add ljmp instructions to stackvalidate whitelist Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 11/21] x86/xen: Add xen_cpuid() and xen_setup_gdt() to stackvalidate whitelists Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 12/21] sched: Add __schedule() to stackvalidate whitelist Josh Poimboeuf
2015-07-17 19:46 ` Peter Zijlstra
2015-07-17 19:58 ` Andy Lutomirski
2015-07-17 21:03 ` Peter Zijlstra
2015-07-17 21:23 ` Josh Poimboeuf
2015-07-18 3:44 ` Ingo Molnar
2015-07-17 16:47 ` [RFC PATCH 13/21] x86/asm/crypto: Fix frame pointer usage in aesni-intel_asm.S Josh Poimboeuf
2015-07-17 19:43 ` Ingo Molnar
2015-07-17 19:44 ` Andy Lutomirski
2015-07-17 20:37 ` Josh Poimboeuf
2015-07-17 20:39 ` Andy Lutomirski
2015-07-17 20:44 ` Josh Poimboeuf
2015-07-17 20:46 ` Andy Lutomirski
2015-07-17 20:59 ` Josh Poimboeuf
2015-07-17 21:01 ` Andy Lutomirski
2015-07-17 21:10 ` Josh Poimboeuf
2015-07-18 8:42 ` Borislav Petkov
2015-07-18 13:46 ` Josh Poimboeuf
2015-07-18 14:25 ` Borislav Petkov
2015-07-18 15:40 ` Josh Poimboeuf
2015-07-18 2:51 ` Ingo Molnar
2015-07-18 3:56 ` Josh Poimboeuf
2015-07-20 7:56 ` Ingo Molnar
2015-07-20 13:59 ` Josh Poimboeuf
2015-07-20 17:21 ` Ingo Molnar
2015-07-20 18:00 ` Josh Poimboeuf
2015-07-22 11:52 ` Josh Poimboeuf
2015-07-20 15:30 ` Andy Lutomirski
2015-07-20 16:36 ` Josh Poimboeuf
2015-07-20 16:52 ` Peter Zijlstra
2015-07-20 17:19 ` Josh Poimboeuf
2015-07-21 8:00 ` Ingo Molnar
2015-07-21 12:06 ` Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 14/21] x86/asm/crypto: Move .Lbswap_mask data to .rodata section Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 15/21] x86/asm/crypto: Move jump_table " Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 16/21] x86/asm/crypto: Fix frame pointer usage in clmul_ghash_mul/update() Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 17/21] x86/asm/entry: Fix frame pointer usage in thunk functions Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 18/21] x86/asm/acpi: Fix frame pointer usage in do_suspend_lowlevel() Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 19/21] x86/asm: Fix frame pointer usage in rwsem functions Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 20/21] x86/asm/efi: Fix frame pointer usage in efi_call() Josh Poimboeuf
2015-07-17 16:47 ` [RFC PATCH 21/21] x86/asm/power: Fix frame pointer usage in hibernate_asm_64.S Josh Poimboeuf
2015-07-17 18:56 ` [RFC PATCH 00/21] x86: Proposed fixes for stackvalidate warnings Andy Lutomirski
2015-07-18 3:05 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150717173220.GA12761@treble.redhat.com \
--to=jpoimboe@redhat.com \
--cc=andi@firstfloor.org \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=mmarek@suse.cz \
--cc=palves@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.