From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id F34B4C433F5 for ; Tue, 17 May 2022 08:33:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: Content-Transfer-Encoding:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Message-ID:References:In-Reply-To:Subject:Cc:To:From :Date:MIME-Version:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=N3m3LWrZ/tfwJ5EohNKWaxzvuuqEIdtv/Q5AYf9DpQA=; b=aI/4yy5bR5wY96ZDqj8JoBM3E5 y86BXGj4tNkMq7Jhs0JO8PpSKMyWdv52H+vCgOCv5lxTIXBlj0mPdiibe3X1fShGR+8uH512yh4jg +rz5Eu/h7IAEvGLBOz153prvw9gGzPcPGk2vI3vYOSLfWf7jrugtBJI8AflQiKXYjUm7d/lAJxm1L qdE8+O3QjRZBvniuRSMxd3+jxbXsY5bUy6E/WyOTY2EL9psBbsOcR3N7FWSItO/ramTf1YwFbEhPY iSI3L2U775S8qdcflBrTHbr9+EAzm1fMtDhIMUP3bLAQiC0n2TFL2asdtonI29DqnMkawSqhMVf44 A3/zsjSA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nqsdN-00CTut-5f; Tue, 17 May 2022 08:32:49 +0000 Received: from relay1-d.mail.gandi.net ([2001:4b98:dc4:8::221]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nqsdJ-00CTsu-Dc for linux-arm-kernel@lists.infradead.org; Tue, 17 May 2022 08:32:47 +0000 Received: (Authenticated sender: joao@overdrivepizza.com) by mail.gandi.net (Postfix) with ESMTPA id C70C0240008; Tue, 17 May 2022 08:32:31 +0000 (UTC) MIME-Version: 1.0 Date: Tue, 17 May 2022 01:32:31 -0700 From: Joao Moreira To: Peter Zijlstra Cc: Kees Cook , Sami Tolvanen , linux-kernel@vger.kernel.org, Josh Poimboeuf , x86@kernel.org, Catalin Marinas , Will Deacon , Mark Rutland , Nathan Chancellor , Nick Desaulniers , Sedat Dilek , Steven Rostedt , linux-hardening@vger.kernel.org, linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev Subject: Re: [RFC PATCH v2 20/21] x86: Add support for CONFIG_CFI_CLANG In-Reply-To: References: <20220513202159.1550547-1-samitolvanen@google.com> <20220513202159.1550547-21-samitolvanen@google.com> <20220516183047.GM76023@worktop.programming.kicks-ass.net> <202205161531.3339CA95@keescook> Message-ID: <141870fac344a671029e2684f84bc828@overdrivepizza.com> X-Sender: joao@overdrivepizza.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220517_013245_809599_3F8E0D00 X-CRM114-Status: GOOD ( 32.45 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org >> Cons: >> - FineIBT does callee-based hash verification, which means any >> attacker-constructed memory region just has to have an endbr and >> nops at >> "shellcode - 9". KCFI would need the region to have the hash at >> "shellcode - 6" and an endbr at "shellcode". However, that hash is >> well >> known, so it's not much protection. > > How would you get the ENDBR there anyway? If you can write code it's > game over. > +1 here. If you can't keep W^X, both approaches are equally doomed. Yet, there is a relevant detail here. ENDBR has a pre-defined/fixed opcode, which means that it is predictable from the binary perspective. Because of that, compilers already do security optimizations and prevent for example the emission of ENDBR's opcode as immediate operands. This very same approach can be used by JIT stuff, preventing ENDBRs to be emitted as unintended gadgets. Because KCFI hashes aren't predictable, you can't (or at least I can't think of a way to) prevent these from being emitted as operands, which means that if you have an IBT-able machine, you will want to enable it even if you have KCFI. With this said, the instrumentation for KCFI on IBT-enabled machines should be of at least 9 bytes (5 for the hash/mov and 4 for ENDBR, not counting the additional 4 bytes we asked for). >> - Potential performance hit due to making an additional "call" outside >> the cache lines of both caller and callee. > > That was all an effort to shrink and simplify, all this CFI stuff is > massive bloat :/ > > If we use %eax instead of %r10d for the hash transfer (as per Joao), > and > use int3 instead of ud2, then we can shrink the fineibt sequence to: > > __cfi_\func: > endbr # 4 > xorl $0x12345678, %eax # 5 > jz 1f # 2 > int3 # 1 > \func: > ... > > Which is 12 bytes, and needs a larger preamble (up from 9 in the > current > proposal). As per the above-analysis, if we can make FineIBT instrumentation fit in 12 bytes, this means that the 9 bytes required for KCFI+IBT plus three bytes would suffice for having FineIBT (again, if we can make it fit). And this would make that call go away. > > If we do the objtool/linker fixup, such that direct calls/jumps will > *never* hit ENDBR, then we can do something ugly like: > > kCFI FineIBT > > __cfi_\func: __cfi_\func: > int3 endbr > movl $0x12345678, %rax xorl $0x12345678, %eax > int3 jz 1f > int3 int3 > \func: > endbr > __direct_\func: __direct_\func: > ... ... > > which is 12 bytes on both sides and shrinks the preaamble to 8 bytes > while additionally also supporting kCFI+IBT for those few people that > don't care about speculation based attacks much. > > But now it's complicated again and requires significant tools work :/ > (also, using int3 isn't ideal). > >> Pros: >> - FineIBT can be done without read access to the kernel text, which >> will >> be nice in the exec-only future. > > - Mostly kills SpectreBHB (because it has the hash check *after* > ENDBR). - Callee-side checks allow you to make an specific function coarse-grained without making an indirect call instruction coarse-grained. I.e: If you have a binary blob or some function that for whatever reason can't have a hash, you just disable the check in this function, making it reachable by every indirect call in the binary but being reasonably able to measure the risks behind it. If you make an indirect call coarse-grained, this means that now this indirect call can reach all functions in the binary, including functions like "disable_cet" and "disable_super_nice_security_feature". The risk impacts of these latter relaxations are much harder to measure, imho (yet, I would enjoy hearing counter-arguments, if any). > > So were IBT limits speculation to all sites that have ENDBR, you can > still target any of them. With FineIBT you loose all sites that don't > match on hash value, significantly reducing the options. > >> I'd kind of like the "dynamic FineIBT conversion" to be a config >> option, >> at least at first. We could at least do performance comparisons >> between >> them. > > Why would you need a config option for that? Since it is dynamic anyway > a boot option works fine. > > > Also, regardless of all this, it probably makes sense to add an LTO > pass > to remove all unused __cfi_ symbols and endbr instructions, less viable > targets is more better :-) We have that for IBT in clang already (I implemented and upstreamed it back when you were trying ibt-seal in objtool). I did not find the time to test it with the final IBT support but it is in my todo list to take a look and perhaps send a RFC here. FWIIW, https://reviews.llvm.org/D116070 > > I've been doing that with objtool for the IBT builds. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel