x86/entry: Use PUSH_AND_CLEAR_REGS for compat

Since the upper regs don't exist for ia32 code, preserving them
doesn't hurt and it simplifies the code.

This doesn't add any attack surface that would not already be
available through INT80.

Notably:

 - 32bit SYSENTER: didn't clear si, dx, cx.

 - 32bit SYSCALL, INT80: *do* clear si since the C functions don't
   take a second argument.

 - 64bit: didn't clear si since the C functions take a second
   argument; except the error_entry path might have only one argument,
   so clearing si was missing here.

32b SYSENTER should be clearing all those 3 registers, nothing uses them
and selftests pass.

Unconditionally clear rsi since it simplifies code.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Link: https://lore.kernel.org/r/20220506121631.293889636@infradead.org

diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h
index a4c061fb7c6ea0c3a15201ef369e61014315907c..debbe94aa3dbe1fe2ee499fd016b3d0735aefe91 100644 (file)
--- a/arch/x86/entry/calling.h
+++ b/arch/x86/entry/calling.h
@@ -99,6 +99,7 @@ For 32-bit we have the following conventions - kernel is built with
         * well before they could be put to use in a speculative execution
         * gadget.
         */
+       xorl    %esi,  %esi     /* nospec si  */
        xorl    %edx,  %edx     /* nospec dx  */
        xorl    %ecx,  %ecx     /* nospec cx  */
        xorl    %r8d,  %r8d     /* nospec r8  */

diff --git a/arch/x86/entry/entry_64_compat.S b/arch/x86/entry/entry_64_compat.S
index d743eaa19d9b3a42c3c71370931d7f0d2274e39b..ed2be3615b50e424708cd5c4d9e6f5f570a159cd 100644 (file)
--- a/arch/x86/entry/entry_64_compat.S
+++ b/arch/x86/entry/entry_64_compat.S
@@ -83,32 +83,7 @@ SYM_INNER_LABEL(entry_SYSENTER_compat_after_hwframe, SYM_L_GLOBAL)
        movl    %eax, %eax
 
        pushq   %rax                    /* pt_regs->orig_ax */
-       pushq   %rdi                    /* pt_regs->di */
-       pushq   %rsi                    /* pt_regs->si */
-       pushq   %rdx                    /* pt_regs->dx */
-       pushq   %rcx                    /* pt_regs->cx */
-       pushq   $-ENOSYS                /* pt_regs->ax */
-       pushq   $0                      /* pt_regs->r8  = 0 */
-       xorl    %r8d, %r8d              /* nospec   r8 */
-       pushq   $0                      /* pt_regs->r9  = 0 */
-       xorl    %r9d, %r9d              /* nospec   r9 */
-       pushq   $0                      /* pt_regs->r10 = 0 */
-       xorl    %r10d, %r10d            /* nospec   r10 */
-       pushq   $0                      /* pt_regs->r11 = 0 */
-       xorl    %r11d, %r11d            /* nospec   r11 */
-       pushq   %rbx                    /* pt_regs->rbx */
-       xorl    %ebx, %ebx              /* nospec   rbx */
-       pushq   %rbp                    /* pt_regs->rbp (will be overwritten) */
-       xorl    %ebp, %ebp              /* nospec   rbp */
-       pushq   $0                      /* pt_regs->r12 = 0 */
-       xorl    %r12d, %r12d            /* nospec   r12 */
-       pushq   $0                      /* pt_regs->r13 = 0 */
-       xorl    %r13d, %r13d            /* nospec   r13 */
-       pushq   $0                      /* pt_regs->r14 = 0 */
-       xorl    %r14d, %r14d            /* nospec   r14 */
-       pushq   $0                      /* pt_regs->r15 = 0 */
-       xorl    %r15d, %r15d            /* nospec   r15 */
-
+       PUSH_AND_CLEAR_REGS rax=$-ENOSYS
        UNWIND_HINT_REGS
 
        cld
@@ -225,35 +200,7 @@ SYM_INNER_LABEL(entry_SYSCALL_compat_safe_stack, SYM_L_GLOBAL)
 SYM_INNER_LABEL(entry_SYSCALL_compat_after_hwframe, SYM_L_GLOBAL)
        movl    %eax, %eax              /* discard orig_ax high bits */
        pushq   %rax                    /* pt_regs->orig_ax */
-       pushq   %rdi                    /* pt_regs->di */
-       pushq   %rsi                    /* pt_regs->si */
-       xorl    %esi, %esi              /* nospec   si */
-       pushq   %rdx                    /* pt_regs->dx */
-       xorl    %edx, %edx              /* nospec   dx */
-       pushq   %rbp                    /* pt_regs->cx (stashed in bp) */
-       xorl    %ecx, %ecx              /* nospec   cx */
-       pushq   $-ENOSYS                /* pt_regs->ax */
-       pushq   $0                      /* pt_regs->r8  = 0 */
-       xorl    %r8d, %r8d              /* nospec   r8 */
-       pushq   $0                      /* pt_regs->r9  = 0 */
-       xorl    %r9d, %r9d              /* nospec   r9 */
-       pushq   $0                      /* pt_regs->r10 = 0 */
-       xorl    %r10d, %r10d            /* nospec   r10 */
-       pushq   $0                      /* pt_regs->r11 = 0 */
-       xorl    %r11d, %r11d            /* nospec   r11 */
-       pushq   %rbx                    /* pt_regs->rbx */
-       xorl    %ebx, %ebx              /* nospec   rbx */
-       pushq   %rbp                    /* pt_regs->rbp (will be overwritten) */
-       xorl    %ebp, %ebp              /* nospec   rbp */
-       pushq   $0                      /* pt_regs->r12 = 0 */
-       xorl    %r12d, %r12d            /* nospec   r12 */
-       pushq   $0                      /* pt_regs->r13 = 0 */
-       xorl    %r13d, %r13d            /* nospec   r13 */
-       pushq   $0                      /* pt_regs->r14 = 0 */
-       xorl    %r14d, %r14d            /* nospec   r14 */
-       pushq   $0                      /* pt_regs->r15 = 0 */
-       xorl    %r15d, %r15d            /* nospec   r15 */
-
+       PUSH_AND_CLEAR_REGS rax=$-ENOSYS
        UNWIND_HINT_REGS
 
        movq    %rsp, %rdi
@@ -380,35 +327,7 @@ SYM_CODE_START(entry_INT80_compat)
        pushq   0*8(%rax)               /* regs->orig_ax */
 .Lint80_keep_stack:
 
-       pushq   %rdi                    /* pt_regs->di */
-       pushq   %rsi                    /* pt_regs->si */
-       xorl    %esi, %esi              /* nospec   si */
-       pushq   %rdx                    /* pt_regs->dx */
-       xorl    %edx, %edx              /* nospec   dx */
-       pushq   %rcx                    /* pt_regs->cx */
-       xorl    %ecx, %ecx              /* nospec   cx */
-       pushq   $-ENOSYS                /* pt_regs->ax */
-       pushq   %r8                     /* pt_regs->r8 */
-       xorl    %r8d, %r8d              /* nospec   r8 */
-       pushq   %r9                     /* pt_regs->r9 */
-       xorl    %r9d, %r9d              /* nospec   r9 */
-       pushq   %r10                    /* pt_regs->r10*/
-       xorl    %r10d, %r10d            /* nospec   r10 */
-       pushq   %r11                    /* pt_regs->r11 */
-       xorl    %r11d, %r11d            /* nospec   r11 */
-       pushq   %rbx                    /* pt_regs->rbx */
-       xorl    %ebx, %ebx              /* nospec   rbx */
-       pushq   %rbp                    /* pt_regs->rbp */
-       xorl    %ebp, %ebp              /* nospec   rbp */
-       pushq   %r12                    /* pt_regs->r12 */
-       xorl    %r12d, %r12d            /* nospec   r12 */
-       pushq   %r13                    /* pt_regs->r13 */
-       xorl    %r13d, %r13d            /* nospec   r13 */
-       pushq   %r14                    /* pt_regs->r14 */
-       xorl    %r14d, %r14d            /* nospec   r14 */
-       pushq   %r15                    /* pt_regs->r15 */
-       xorl    %r15d, %r15d            /* nospec   r15 */
-
+       PUSH_AND_CLEAR_REGS rax=$-ENOSYS
        UNWIND_HINT_REGS
 
        cld