Re: [tip:x86/asm] x86/i386: Make sure stack-protector segment base is cache aligned

[Jeremy Fitzhardinge <jeremy@goop.org>]

On 09/04/09 07:15, Arjan van de Ven wrote:
> On Thu, 3 Sep 2009 23:18:05 +0200
> Ingo Molnar <mingo@elte.hu> wrote:
>
>   
>> * H. Peter Anvin <hpa@zytor.com> wrote:
>>
>>     
>>> On 09/03/2009 01:45 PM, Jeremy Fitzhardinge wrote:
>>>       
>>>> Two problems:
>>>>
>>>>     * gcc generates %gs: references for stack-protector, but we
>>>> use %fs for percpu data (because restoring %fs is faster if it's
>>>> a null selector; TLS uses %gs).  I guess we could use %fs if
>>>>       !CONFIG_CC_STACKPROTECTOR, or %gs if we are using it
>>>> (though that has some fiddly ramifications for things like
>>>> ptrace).
>>>>         
>>> Well, by touching two segments we're getting the worst of both 
>>> worlds, so at least assuming some significant number of real-world 
>>> deployments use CC_STACKPROTECTOR, we really don't want to 
>>> pessimize that case too much.
>>>       
>> Fedora has stackprotector enabled so it's used in a widespread way.
>>
>> 	Ingo
>>     
> the other issue is that afaik we want the kernel to use the other
> register than userspace does...
>   

We do for percpu (%fs), but gcc always generates %gs references for
stack-protector.  The difference between "pop %seg" for a null vs
non-null selector was fairly small (a couple of cycles), so using %gs
when stack-protector is enabled isn't a huge deal.  To put it another
way, calling one stack-protected function in kernel mode would probably
make up the difference between using %fs vs %gs.

    J
>
>