Skip to content

Commit 3ac6d8c

Browse files
djbwIngo Molnar
djbw
authored and
Ingo Molnar
committed
x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface
Clear the 'extra' registers on entering the 64-bit kernel for exceptions and interrupts. The common registers are not cleared since they are likely clobbered well before they can be exploited in a speculative execution attack. Originally-From: Andi Kleen <[email protected]> Signed-off-by: Dan Williams <[email protected]> Cc: <[email protected]> Cc: Andy Lutomirski <[email protected]> Cc: Borislav Petkov <[email protected]> Cc: Brian Gerst <[email protected]> Cc: Denys Vlasenko <[email protected]> Cc: H. Peter Anvin <[email protected]> Cc: Josh Poimboeuf <[email protected]> Cc: Linus Torvalds <[email protected]> Cc: Peter Zijlstra <[email protected]> Cc: Thomas Gleixner <[email protected]> Link: http://lkml.kernel.org/r/151787989146.7847.15749181712358213254.stgit@dwillia2-desk3.amr.corp.intel.com [ Made small improvements to the changelog and the code comments. ] Signed-off-by: Ingo Molnar <[email protected]>
1 parent 8e1eb3f commit 3ac6d8c

File tree

2 files changed

+24
-1
lines changed

2 files changed

+24
-1
lines changed

arch/x86/entry/calling.h

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -147,6 +147,25 @@ For 32-bit we have the following conventions - kernel is built with
147147
UNWIND_HINT_REGS offset=\offset
148148
.endm
149149

150+
/*
151+
* Sanitize registers of values that a speculation attack
152+
* might otherwise want to exploit. The lower registers are
153+
* likely clobbered well before they could be put to use in
154+
* a speculative execution gadget:
155+
*/
156+
.macro CLEAR_REGS_NOSPEC
157+
xorl %ebp, %ebp
158+
xorl %ebx, %ebx
159+
xorq %r8, %r8
160+
xorq %r9, %r9
161+
xorq %r10, %r10
162+
xorq %r11, %r11
163+
xorq %r12, %r12
164+
xorq %r13, %r13
165+
xorq %r14, %r14
166+
xorq %r15, %r15
167+
.endm
168+
150169
.macro POP_EXTRA_REGS
151170
popq %r15
152171
popq %r14

arch/x86/entry/entry_64.S

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -575,6 +575,7 @@ END(irq_entries_start)
575575
ALLOC_PT_GPREGS_ON_STACK
576576
SAVE_C_REGS
577577
SAVE_EXTRA_REGS
578+
CLEAR_REGS_NOSPEC
578579
ENCODE_FRAME_POINTER
579580

580581
testb $3, CS(%rsp)
@@ -1133,6 +1134,7 @@ ENTRY(xen_failsafe_callback)
11331134
ALLOC_PT_GPREGS_ON_STACK
11341135
SAVE_C_REGS
11351136
SAVE_EXTRA_REGS
1137+
CLEAR_REGS_NOSPEC
11361138
ENCODE_FRAME_POINTER
11371139
jmp error_exit
11381140
END(xen_failsafe_callback)
@@ -1178,6 +1180,7 @@ ENTRY(paranoid_entry)
11781180
cld
11791181
SAVE_C_REGS 8
11801182
SAVE_EXTRA_REGS 8
1183+
CLEAR_REGS_NOSPEC
11811184
ENCODE_FRAME_POINTER 8
11821185
movl $1, %ebx
11831186
movl $MSR_GS_BASE, %ecx
@@ -1230,8 +1233,8 @@ ENTRY(error_entry)
12301233
cld
12311234
SAVE_C_REGS 8
12321235
SAVE_EXTRA_REGS 8
1236+
CLEAR_REGS_NOSPEC
12331237
ENCODE_FRAME_POINTER 8
1234-
xorl %ebx, %ebx
12351238
testb $3, CS+8(%rsp)
12361239
jz .Lerror_kernelspace
12371240

@@ -1428,6 +1431,7 @@ ENTRY(nmi)
14281431
pushq %r14 /* pt_regs->r14 */
14291432
pushq %r15 /* pt_regs->r15 */
14301433
UNWIND_HINT_REGS
1434+
CLEAR_REGS_NOSPEC
14311435
ENCODE_FRAME_POINTER
14321436

14331437
/*

0 commit comments

Comments
 (0)