* [PATCH] x86/compat: correct SMEP/SMAP NOPs patching
@ 2016-05-25 15:00 Jan Beulich
2016-05-25 16:03 ` Wei Liu
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Jan Beulich @ 2016-05-25 15:00 UTC (permalink / raw)
To: xen-devel; +Cc: Andrew Cooper, Wei Liu
[-- Attachment #1: Type: text/plain, Size: 1410 bytes --]
Correct the number of single byte NOPs we want to be replaced in case
neither SMEP nor SMAP are available.
Also simplify the expression adding these NOPs - at that location .
equals .Lcr4_orig, and removing that part of the expression fixes a
bogus ".space or fill with negative value, ignored" warning by very old
gas (which actually is what made me look at those constructs again).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/x86_64/compat/entry.S
+++ b/xen/arch/x86/x86_64/compat/entry.S
@@ -175,7 +175,7 @@ compat_bad_hypercall:
ENTRY(compat_restore_all_guest)
ASSERT_INTERRUPTS_DISABLED
.Lcr4_orig:
- .skip (.Lcr4_alt_end - .Lcr4_alt) - (. - .Lcr4_orig), 0x90
+ .skip .Lcr4_alt_end - .Lcr4_alt, 0x90
.Lcr4_orig_end:
.pushsection .altinstr_replacement, "ax"
.Lcr4_alt:
@@ -200,7 +200,8 @@ ENTRY(compat_restore_all_guest)
jne 1b
.Lcr4_alt_end:
.section .altinstructions, "a"
- altinstruction_entry .Lcr4_orig, .Lcr4_orig, X86_FEATURE_ALWAYS, 12, 0
+ altinstruction_entry .Lcr4_orig, .Lcr4_orig, X86_FEATURE_ALWAYS, \
+ (.Lcr4_orig_end - .Lcr4_orig), 0
altinstruction_entry .Lcr4_orig, .Lcr4_alt, X86_FEATURE_SMEP, \
(.Lcr4_orig_end - .Lcr4_orig), \
(.Lcr4_alt_end - .Lcr4_alt)
[-- Attachment #2: x86-SMEP-SMAP-NOPs-adjust.patch --]
[-- Type: text/plain, Size: 1451 bytes --]
x86/compat: correct SMEP/SMAP NOPs patching
Correct the number of single byte NOPs we want to be replaced in case
neither SMEP nor SMAP are available.
Also simplify the expression adding these NOPs - at that location .
equals .Lcr4_orig, and removing that part of the expression fixes a
bogus ".space or fill with negative value, ignored" warning by very old
gas (which actually is what made me look at those constructs again).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/x86_64/compat/entry.S
+++ b/xen/arch/x86/x86_64/compat/entry.S
@@ -175,7 +175,7 @@ compat_bad_hypercall:
ENTRY(compat_restore_all_guest)
ASSERT_INTERRUPTS_DISABLED
.Lcr4_orig:
- .skip (.Lcr4_alt_end - .Lcr4_alt) - (. - .Lcr4_orig), 0x90
+ .skip .Lcr4_alt_end - .Lcr4_alt, 0x90
.Lcr4_orig_end:
.pushsection .altinstr_replacement, "ax"
.Lcr4_alt:
@@ -200,7 +200,8 @@ ENTRY(compat_restore_all_guest)
jne 1b
.Lcr4_alt_end:
.section .altinstructions, "a"
- altinstruction_entry .Lcr4_orig, .Lcr4_orig, X86_FEATURE_ALWAYS, 12, 0
+ altinstruction_entry .Lcr4_orig, .Lcr4_orig, X86_FEATURE_ALWAYS, \
+ (.Lcr4_orig_end - .Lcr4_orig), 0
altinstruction_entry .Lcr4_orig, .Lcr4_alt, X86_FEATURE_SMEP, \
(.Lcr4_orig_end - .Lcr4_orig), \
(.Lcr4_alt_end - .Lcr4_alt)
[-- Attachment #3: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH] x86/compat: correct SMEP/SMAP NOPs patching
2016-05-25 15:00 [PATCH] x86/compat: correct SMEP/SMAP NOPs patching Jan Beulich
@ 2016-05-25 16:03 ` Wei Liu
2016-05-26 10:41 ` Andrew Cooper
2016-05-27 8:01 ` Jan Beulich
2 siblings, 0 replies; 4+ messages in thread
From: Wei Liu @ 2016-05-25 16:03 UTC (permalink / raw)
To: Jan Beulich; +Cc: xen-devel, Wei Liu, Andrew Cooper
On Wed, May 25, 2016 at 09:00:49AM -0600, Jan Beulich wrote:
> Correct the number of single byte NOPs we want to be replaced in case
> neither SMEP nor SMAP are available.
>
> Also simplify the expression adding these NOPs - at that location .
> equals .Lcr4_orig, and removing that part of the expression fixes a
> bogus ".space or fill with negative value, ignored" warning by very old
> gas (which actually is what made me look at those constructs again).
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
>
> --- a/xen/arch/x86/x86_64/compat/entry.S
> +++ b/xen/arch/x86/x86_64/compat/entry.S
> @@ -175,7 +175,7 @@ compat_bad_hypercall:
> ENTRY(compat_restore_all_guest)
> ASSERT_INTERRUPTS_DISABLED
> .Lcr4_orig:
> - .skip (.Lcr4_alt_end - .Lcr4_alt) - (. - .Lcr4_orig), 0x90
> + .skip .Lcr4_alt_end - .Lcr4_alt, 0x90
> .Lcr4_orig_end:
> .pushsection .altinstr_replacement, "ax"
> .Lcr4_alt:
> @@ -200,7 +200,8 @@ ENTRY(compat_restore_all_guest)
> jne 1b
> .Lcr4_alt_end:
> .section .altinstructions, "a"
> - altinstruction_entry .Lcr4_orig, .Lcr4_orig, X86_FEATURE_ALWAYS, 12, 0
> + altinstruction_entry .Lcr4_orig, .Lcr4_orig, X86_FEATURE_ALWAYS, \
> + (.Lcr4_orig_end - .Lcr4_orig), 0
> altinstruction_entry .Lcr4_orig, .Lcr4_alt, X86_FEATURE_SMEP, \
> (.Lcr4_orig_end - .Lcr4_orig), \
> (.Lcr4_alt_end - .Lcr4_alt)
>
>
>
FWIW:
Reviewed-by: Wei Liu <wei.liu2@citrix.com>
And subject to review from Andrew:
Release-acked-by: Wei Liu <wei.liu2@citrix.com>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] x86/compat: correct SMEP/SMAP NOPs patching
2016-05-25 15:00 [PATCH] x86/compat: correct SMEP/SMAP NOPs patching Jan Beulich
2016-05-25 16:03 ` Wei Liu
@ 2016-05-26 10:41 ` Andrew Cooper
2016-05-27 8:01 ` Jan Beulich
2 siblings, 0 replies; 4+ messages in thread
From: Andrew Cooper @ 2016-05-26 10:41 UTC (permalink / raw)
To: Jan Beulich, xen-devel; +Cc: Wei Liu
On 25/05/16 16:00, Jan Beulich wrote:
> Correct the number of single byte NOPs we want to be replaced in case
> neither SMEP nor SMAP are available.
>
> Also simplify the expression adding these NOPs - at that location .
> equals .Lcr4_orig, and removing that part of the expression fixes a
> bogus ".space or fill with negative value, ignored" warning by very old
> gas (which actually is what made me look at those constructs again).
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] x86/compat: correct SMEP/SMAP NOPs patching
2016-05-25 15:00 [PATCH] x86/compat: correct SMEP/SMAP NOPs patching Jan Beulich
2016-05-25 16:03 ` Wei Liu
2016-05-26 10:41 ` Andrew Cooper
@ 2016-05-27 8:01 ` Jan Beulich
2 siblings, 0 replies; 4+ messages in thread
From: Jan Beulich @ 2016-05-27 8:01 UTC (permalink / raw)
To: xen-devel; +Cc: Andrew Cooper, Wei Liu
>>> On 25.05.16 at 17:00, <JBeulich@suse.com> wrote:
> Correct the number of single byte NOPs we want to be replaced in case
> neither SMEP nor SMAP are available.
>
> Also simplify the expression adding these NOPs - at that location .
> equals .Lcr4_orig, and removing that part of the expression fixes a
> bogus ".space or fill with negative value, ignored" warning by very old
> gas (which actually is what made me look at those constructs again).
That gas is behaving really strangely: For one, this morning the
warning now also appears with the patch in place. I'm sure it wasn't
there Wednesday night. Further, warning or not, the generated
code is wrong (no NOPs getting inserted at all, obviously resulting
in the BUG_ON(a->replacementlen > a->instrlen) in
apply_alternatives_nocheck() to trigger during boot). And finally,
generated code is right (and the warning gone) when having gas
produce a listing via -a. In that case, however, it errors on the four
.rept in the hypercall (argument) tables, so we also can't easily use
that as a workaround. .list / .nolist don't alter behavior for either of
the two issues.
I've tried to find some other workaround, but I'm now willing to give
up, as there are clearly more useful things to do. We may want /
need to consider raising the bar for which binutils versions we
support building with.
Jan
> --- a/xen/arch/x86/x86_64/compat/entry.S
> +++ b/xen/arch/x86/x86_64/compat/entry.S
> @@ -175,7 +175,7 @@ compat_bad_hypercall:
> ENTRY(compat_restore_all_guest)
> ASSERT_INTERRUPTS_DISABLED
> .Lcr4_orig:
> - .skip (.Lcr4_alt_end - .Lcr4_alt) - (. - .Lcr4_orig), 0x90
> + .skip .Lcr4_alt_end - .Lcr4_alt, 0x90
> .Lcr4_orig_end:
> .pushsection .altinstr_replacement, "ax"
> .Lcr4_alt:
> @@ -200,7 +200,8 @@ ENTRY(compat_restore_all_guest)
> jne 1b
> .Lcr4_alt_end:
> .section .altinstructions, "a"
> - altinstruction_entry .Lcr4_orig, .Lcr4_orig, X86_FEATURE_ALWAYS, 12,
> 0
> + altinstruction_entry .Lcr4_orig, .Lcr4_orig, X86_FEATURE_ALWAYS, \
> + (.Lcr4_orig_end - .Lcr4_orig), 0
> altinstruction_entry .Lcr4_orig, .Lcr4_alt, X86_FEATURE_SMEP, \
> (.Lcr4_orig_end - .Lcr4_orig), \
> (.Lcr4_alt_end - .Lcr4_alt)
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-05-27 8:01 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-05-25 15:00 [PATCH] x86/compat: correct SMEP/SMAP NOPs patching Jan Beulich
2016-05-25 16:03 ` Wei Liu
2016-05-26 10:41 ` Andrew Cooper
2016-05-27 8:01 ` Jan Beulich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).