Re: [PATCH] x86/cmdline: Disable instrumentation of cmdline unconditionally

From: Borislav Petkov
Date: Thu Sep 17 2020 - 14:09:40 EST


On Thu, Sep 17, 2020 at 12:05:48PM -0400, Arvind Sankar wrote:
> I did have a crash and this patch fixed it, but it seems it was on a
> branch where I was making changes to cmdline.c, which triggered clang to
> use a jump table for cmdline_find_option_bool(). That was the cause of
> the crash, and the reason this patch fixed it was because it enabled
> -fno-jump-tables, rather than because it disabled instrumentation.

I see.

> The instrumentation code does write data to random addresses, but
> apparently that doesn't necessarily crash the system. This patch would
> also be insufficient to fix it, since load_ucode_bsp() itself can have
> instrumentation code in it.

Yeah, it better not have any.

> Eg with GCOV_PROFILE_ALL enabled, the start of the function is:
>
> c2a7706a <load_ucode_bsp>:
> c2a7706a: 55 push %ebp
> c2a7706b: 83 05 c0 4d ba c2 01 addl $0x1,0xc2ba4dc0
> c2a77072: 83 15 c4 4d ba c2 00 adcl $0x0,0xc2ba4dc4
> c2a77079: 89 e5 mov %esp,%ebp
>
> but when it's called from arch/x86/kernel/head_32.S, paging is disabled
> and the code is executing out of physical addresses, so it's going to
> read/write data from garbage addresses.

Right, so I'm sceptical to all this instrumentation nonsense - it is
fine and good if you have it but not everywhere. And certainly not when
the thing is loading microcode.

microcode/core.c contains all the code, early and late so it might make
some little sense to have instrumentation there for whatever reasons,
say KASANing (yah, I made a verb :)) the thing for leaks or whatnot,
but meh, I can't find it in me to care. So at some point, if it starts
getting in the way, we might remove all instrumentation from that thing
altogether.

> Anyway, please ignore this patch and sorry for the noise.

No worries.

Thx.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette