From mboxrd@z Thu Jan 1 00:00:00 1970 From: Dave Hansen Subject: Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack Date: Fri, 9 Nov 2018 09:13:32 -0800 Message-ID: <6cd2ae51-2d2a-9c68-df7c-45b49e0a813f@intel.com> References: <20181011151523.27101-1-yu-cheng.yu@intel.com> <20181011151523.27101-5-yu-cheng.yu@intel.com> <4295b8f786c10c469870a6d9725749ce75dcdaa2.camel@intel.com> <043a17ef-dc9f-56d2-5fba-1a58b7b0fd4d@intel.com> <20181108220054.GP3074@bombadil.infradead.org> <20181109003225.GQ3074@bombadil.infradead.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: In-Reply-To: <20181109003225.GQ3074@bombadil.infradead.org> Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org To: Matthew Wilcox Cc: Andy Lutomirski , Yu-cheng Yu , X86 ML , "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , LKML , "open list:DOCUMENTATION" , Linux-MM , linux-arch , Linux API , Arnd Bergmann , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H. J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook List-Id: linux-arch.vger.kernel.org On 11/8/18 4:32 PM, Matthew Wilcox wrote: >> Now, looking at Yu-cheng's specific example, it doesn't matter. We've >> got 64-bit types and natural 64-bit alignment. Without __packed, we >> need to look out for natural alignment screwing us up. With __packed, >> it just does what it *looks* like it does. > The question is whether Yu-cheng's struct is ever embedded in another > struct. And if so, what does the hardware do? It's not really. +struct cet_user_state { + u64 u_cet; /* user control flow settings */ + u64 user_ssp; /* user shadow stack pointer */ +} __packed; This ends up embedded in 'struct fpu'. The hardware tells us what the sum of all the sizes of all the state components are, and also tells us the offsets inside the larger buffer. We double-check that the structure sizes exactly match the sizes that the hardware tells us that the buffer pieces are via XCHECK_SZ(). But, later versions of the hardware have instructions that don't have static offsets for the state components (when the XSAVES/XSAVEC instructions are used). So, for those, the structure embedding isn't used at *all* since some state might not be present. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga18.intel.com ([134.134.136.126]:48232 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727961AbeKJCzC (ORCPT ); Fri, 9 Nov 2018 21:55:02 -0500 Subject: Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for shadow stack References: <20181011151523.27101-1-yu-cheng.yu@intel.com> <20181011151523.27101-5-yu-cheng.yu@intel.com> <4295b8f786c10c469870a6d9725749ce75dcdaa2.camel@intel.com> <043a17ef-dc9f-56d2-5fba-1a58b7b0fd4d@intel.com> <20181108220054.GP3074@bombadil.infradead.org> <20181109003225.GQ3074@bombadil.infradead.org> From: Dave Hansen Message-ID: <6cd2ae51-2d2a-9c68-df7c-45b49e0a813f@intel.com> Date: Fri, 9 Nov 2018 09:13:32 -0800 MIME-Version: 1.0 In-Reply-To: <20181109003225.GQ3074@bombadil.infradead.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-arch-owner@vger.kernel.org List-ID: To: Matthew Wilcox Cc: Andy Lutomirski , Yu-cheng Yu , X86 ML , "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , LKML , "open list:DOCUMENTATION" , Linux-MM , linux-arch , Linux API , Arnd Bergmann , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H. J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , "Shanbhogue, Vedvyas" Message-ID: <20181109171332.yHYN4lVBMItky8Ckr5sTpQ_jnFncFkxejJ_pwjGOzQA@z> On 11/8/18 4:32 PM, Matthew Wilcox wrote: >> Now, looking at Yu-cheng's specific example, it doesn't matter. We've >> got 64-bit types and natural 64-bit alignment. Without __packed, we >> need to look out for natural alignment screwing us up. With __packed, >> it just does what it *looks* like it does. > The question is whether Yu-cheng's struct is ever embedded in another > struct. And if so, what does the hardware do? It's not really. +struct cet_user_state { + u64 u_cet; /* user control flow settings */ + u64 user_ssp; /* user shadow stack pointer */ +} __packed; This ends up embedded in 'struct fpu'. The hardware tells us what the sum of all the sizes of all the state components are, and also tells us the offsets inside the larger buffer. We double-check that the structure sizes exactly match the sizes that the hardware tells us that the buffer pieces are via XCHECK_SZ(). But, later versions of the hardware have instructions that don't have static offsets for the state components (when the XSAVES/XSAVEC instructions are used). So, for those, the structure embedding isn't used at *all* since some state might not be present.