From 40ce500b7f41916ab432eedd939dc54c61e7e49d Mon Sep 17 00:00:00 2001 From: guenther Date: Fri, 28 Jul 2023 06:18:35 +0000 Subject: [PATCH] Add CODEPATCH_CODE() macro to simplify defining a symbol for a chunk of code to use in codepatching. Use that for all the existing codepatching snippets. Similarly, add CODEPATCH_CODE_LEN() which is CODEPATCH_CODE() but also provides a short variable holding the length of the codepatch snippet. Use that for some snippets that will be used for retpoline replacement. ok kettenis@ deraadt@ --- sys/arch/amd64/amd64/copy.S | 12 +++------- sys/arch/amd64/amd64/locore.S | 36 +++++++++--------------------- sys/arch/amd64/include/codepatch.h | 18 ++++++++++++++- 3 files changed, 31 insertions(+), 35 deletions(-) diff --git a/sys/arch/amd64/amd64/copy.S b/sys/arch/amd64/amd64/copy.S index ae254bf1587..f09ebf929b2 100644 --- a/sys/arch/amd64/amd64/copy.S +++ b/sys/arch/amd64/amd64/copy.S @@ -1,4 +1,4 @@ -/* $OpenBSD: copy.S,v 1.18 2023/01/31 15:18:54 deraadt Exp $ */ +/* $OpenBSD: copy.S,v 1.19 2023/07/28 06:18:35 guenther Exp $ */ /* $NetBSD: copy.S,v 1.1 2003/04/26 18:39:26 fvdl Exp $ */ /* @@ -299,11 +299,5 @@ copystr_return: ret lfence - .section .rodata - .globl _stac -_stac: - stac - - .globl _clac -_clac: - clac +CODEPATCH_CODE(_stac, stac) +CODEPATCH_CODE(_clac, clac) diff --git a/sys/arch/amd64/amd64/locore.S b/sys/arch/amd64/amd64/locore.S index 2046f0997c8..9024948b899 100644 --- a/sys/arch/amd64/amd64/locore.S +++ b/sys/arch/amd64/amd64/locore.S @@ -1,4 +1,4 @@ -/* $OpenBSD: locore.S,v 1.138 2023/07/27 00:28:24 guenther Exp $ */ +/* $OpenBSD: locore.S,v 1.139 2023/07/28 06:18:35 guenther Exp $ */ /* $NetBSD: locore.S,v 1.13 2004/03/25 18:33:17 drochner Exp $ */ /* @@ -1084,30 +1084,16 @@ NENTRY(xsetbv_resume) lfence END(xsetbv_user) - .section .rodata - .globl _xrstor -_xrstor: - xrstor64 (%rdi) - - .globl _xrstors -_xrstors: - xrstors64 (%rdi) - - .globl _xsave -_xsave: - xsave64 (%rdi) - - .globl _xsaves -_xsaves: - xsaves64 (%rdi) - - .globl _xsaveopt -_xsaveopt: - xsaveopt64 (%rdi) - - .globl _pcid_set_reuse -_pcid_set_reuse: - orl $(CR3_REUSE_PCID >> 32),CPUVAR(USER_CR3 + 4) +CODEPATCH_CODE(_xrstor, xrstor64 (%rdi)) +CODEPATCH_CODE(_xrstors, xrstors64 (%rdi)) +CODEPATCH_CODE(_xsave, xsave64 (%rdi)) +CODEPATCH_CODE(_xsaves, xsaves64 (%rdi)) +CODEPATCH_CODE(_xsaveopt, xsaveopt64 (%rdi)) +CODEPATCH_CODE(_pcid_set_reuse, + orl $(CR3_REUSE_PCID >> 32),CPUVAR(USER_CR3 + 4)) +CODEPATCH_CODE_LEN(_jmprax, jmp *%rax; int3) +CODEPATCH_CODE_LEN(_jmpr11, jmp *%r11; int3) +CODEPATCH_CODE_LEN(_jmpr13, jmp *%r13; int3) ENTRY(pagezero) RETGUARD_SETUP(pagezero, r11) diff --git a/sys/arch/amd64/include/codepatch.h b/sys/arch/amd64/include/codepatch.h index 50618bddad0..71fe9475710 100644 --- a/sys/arch/amd64/include/codepatch.h +++ b/sys/arch/amd64/include/codepatch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: codepatch.h,v 1.15 2023/07/10 03:32:10 guenther Exp $ */ +/* $OpenBSD: codepatch.h,v 1.16 2023/07/28 06:18:35 guenther Exp $ */ /* * Copyright (c) 2014-2015 Stefan Fritsch * @@ -97,4 +97,20 @@ void codepatch_disable(void); .byte 0x0f, 0x1f, 0x40, 0x00 ;\ CODEPATCH_END2(997, CPTAG_PCID_SET_REUSE) +/* Would be neat if these could be in something like .cptext */ +#define CODEPATCH_CODE(symbol, instructions...) \ + .section .rodata; \ + .globl symbol; \ +symbol: instructions; \ + .size symbol, . - symbol + +/* provide a (short) variable with the length of the patch */ +#define CODEPATCH_CODE_LEN(symbol, instructions...) \ + CODEPATCH_CODE(symbol, instructions); \ +996: .globl symbol##_len; \ + .align 2; \ +symbol##_len: \ + .short 996b - symbol; \ + .size symbol##_len, 2 + #endif /* _MACHINE_CODEPATCH_H_ */ -- 2.20.1