Re: [PATCH 1/2] stackleak: allow to specify arch specific stackleak poison function

[Mark Rutland]

On Wed, Apr 12, 2023 at 11:58:07AM +0200, Heiko Carstens wrote:
> On Wed, Apr 12, 2023 at 10:03:46AM +0100, Mark Rutland wrote:
> > On Wed, Apr 05, 2023 at 03:08:40PM +0200, Heiko Carstens wrote:
> > > Factor out the code that fills the stack with the stackleak poison value
> > > in order to allow architectures to provide a faster implementation.
> > > 
> > > Acked-by: Vasily Gorbik <gor@xxxxxxxxxxxxx>
> > > Signed-off-by: Heiko Carstens <hca@xxxxxxxxxxxxx>
> > 
> > As on patch 2, it might be nicer to have a noinstr-safe memset64() and use that
> > directly, but I don't have strong feelings either way, and I'll defer to Kees's
> > judgement:
> 
> Wouldn't that enforce that memset64() wouldn't be allowed to have an own
> stackframe, since otherwise it would write poison values to it, since we
> have
> 
> 	if (on_task_stack)
> 		erase_high = current_stack_pointer;
> 
> in __stackleak_erase()?

Yes, sorry -- I was implicitly assuming that a noinstr-safe version would be
__always_inline.

> That was actually my motiviation to make this s390 optimization an always
> inline asm.
> 
> Besides that this wouldn't be a problem for at least s390, since memset64()
> is an asm function which comes whithout the need for a stackframe, but on
> the other hand this would add a quite subtle requirement to memset64(), if
> I'm not mistaken.

That's a fair enough justification, I think. Thanks for the details!

Thanks,
Mark.