Commit e463a09a authored by Peter Zijlstra's avatar Peter Zijlstra Committed by Borislav Petkov
Browse files

x86: Add straight-line-speculation mitigation 

Make use of an upcoming GCC feature to mitigate
straight-line-speculation for x86:

  https://gcc.gnu.org/g:53a643f8568067d7700a9f2facc8ba39974973d3
  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
  https://bugs.llvm.org/show_bug.cgi?id=52323



It's built tested on x86_64-allyesconfig using GCC-12 and GCC-11.

Maintenance overhead of this should be fairly low due to objtool
validation.

Size overhead of all these additional int3 instructions comes to:

     text	   data	    bss	    dec	    hex	filename
  22267751	6933356	2011368	31212475	1dc43bb	defconfig-build/vmlinux
  22804126	6933356	1470696	31208178	1dc32f2	defconfig-build/vmlinux.sls

Or roughly 2.4% additional text.

Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
Link: https://lore.kernel.org/r/20211204134908.140103474@infradead.org
parent 26c44b77

arch/x86/Kconfig

+12 −0
Original line number Diff line number Diff line
@@ -472,6 +472,18 @@ config RETPOLINE 
	  branches. Requires a compiler with -mindirect-branch=thunk-extern

	  support for full protection. The kernel may run slower.



config CC_HAS_SLS

	def_bool $(cc-option,-mharden-sls=all)



config SLS

	bool "Mitigate Straight-Line-Speculation"

	depends on CC_HAS_SLS && X86_64

	default n

	help

	  Compile the kernel with straight-line-speculation options to guard

	  against straight line speculation. The kernel image might be slightly

	  larger.



config X86_CPU_RESCTRL

	bool "x86 CPU resource control support"

	depends on X86 && (CPU_SUP_INTEL || CPU_SUP_AMD)

arch/x86/Makefile

+4 −0
Original line number Diff line number Diff line
@@ -191,6 +191,10 @@ ifdef CONFIG_RETPOLINE 
  endif

endif



ifdef CONFIG_SLS

  KBUILD_CFLAGS += -mharden-sls=all

endif



KBUILD_LDFLAGS += -m elf_$(UTS_MACHINE)



ifdef CONFIG_LTO_CLANG

arch/x86/include/asm/linkage.h

+10 −0
Original line number Diff line number Diff line
@@ -18,9 +18,19 @@ 
#define __ALIGN_STR	__stringify(__ALIGN)

#endif



#ifdef CONFIG_SLS

#define RET	ret; int3

#else

#define RET	ret

#endif



#else /* __ASSEMBLY__ */



#ifdef CONFIG_SLS

#define ASM_RET	"ret; int3\n\t"

#else

#define ASM_RET	"ret\n\t"

#endif



#endif /* __ASSEMBLY__ */

arch/x86/include/asm/static_call.h

+1 −1
Original line number Diff line number Diff line
@@ -36,7 +36,7 @@ 
	__ARCH_DEFINE_STATIC_CALL_TRAMP(name, ".byte 0xe9; .long " #func " - (. + 4)")



#define ARCH_DEFINE_STATIC_CALL_NULL_TRAMP(name)			\

	__ARCH_DEFINE_STATIC_CALL_TRAMP(name, "ret; nop; nop; nop; nop")

	__ARCH_DEFINE_STATIC_CALL_TRAMP(name, "ret; int3; nop; nop; nop")





#define ARCH_ADD_TRAMP_KEY(name)					\

arch/x86/kernel/ftrace.c

+1 −1
Original line number Diff line number Diff line
@@ -303,7 +303,7 @@ union ftrace_op_code_union { 
	} __attribute__((packed));

};



#define RET_SIZE		1

#define RET_SIZE		1 + IS_ENABLED(CONFIG_SLS)



static unsigned long

create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size)