Re: [RFC PATCH 06/11] x86: make sure _etext includes function sections

From: Peter Zijlstra
Date: Fri Feb 07 2020 - 04:24:37 EST

Next message: Vitaly Kuznetsov: "Re: [PATCH] KVM: x86/mmu: Avoid retpoline on ->page_fault() with TDP"
Previous message: Macpaul Lin: "[PATCH v7 3/7] clk: mediatek: add mt6765 clock IDs"
In reply to: Andy Lutomirski: "Re: [RFC PATCH 06/11] x86: make sure _etext includes function sections"
Next in thread: Kristen Carlson Accardi: "[RFC PATCH 07/11] x86/tools: Adding relative relocs for randomized functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Feb 06, 2020 at 12:02:36PM -0800, Andy Lutomirski wrote:
> Also, in the shiny new era of
> Intel-CPUs-canât-handle-Jcc-spanning-a-cacheline, function alignment
> may actually matter.

*groan*, indeed. I just went and looked that up. I missed this one in
all the other fuss :/

So per:

https://www.intel.com/content/dam/support/us/en/documents/processors/mitigations-jump-conditional-code-erratum.pdf

the toolchain mitigations only work if the offset in the ifetch window
(32 bytes) is preserved. Which seems to suggest we ought to align all
functions to 32byte before randomizing it, otherwise we're almost
guaranteed to change this offset by the act of randomizing.

Next message: Vitaly Kuznetsov: "Re: [PATCH] KVM: x86/mmu: Avoid retpoline on ->page_fault() with TDP"
Previous message: Macpaul Lin: "[PATCH v7 3/7] clk: mediatek: add mt6765 clock IDs"
In reply to: Andy Lutomirski: "Re: [RFC PATCH 06/11] x86: make sure _etext includes function sections"
Next in thread: Kristen Carlson Accardi: "[RFC PATCH 07/11] x86/tools: Adding relative relocs for randomized functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]