This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [committed, PATCH 1/3] x86: CET v2.0: Update NOTRACK prefix

From: "Jan Beulich" <JBeulich at suse dot com>
To: "H.J. Lu" <hjl dot tools at gmail dot com>
Cc: "Binutils" <binutils at sourceware dot org>
Date: Tue, 04 Jul 2017 09:50:47 -0600
Subject: Re: [committed, PATCH 1/3] x86: CET v2.0: Update NOTRACK prefix
Authentication-results: sourceware.org; auth=none
References: <20170621153503.GA6542@gmail.com> <595A0BFB0200007800167A2F@prv-mh.provo.novell.com> <CAMe9rOqbwC-mhyjLOTR+CQpRT9nKvUb6QsDv39pCCVFmMwm4_w@mail.gmail.com>

>>> On 04.07.17 at 17:42, <hjl.tools@gmail.com> wrote:
> On Mon, Jul 3, 2017 at 12:18 AM, Jan Beulich <JBeulich@suse.com> wrote:
>>>>> On 21.06.17 at 17:35, <hongjiu.lu@intel.com> wrote:
>>> Update NOTRACK prefix handling to support memory indirect branch for
>>> CET v2.0:
>>>
>>> 
> https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enf 
> o
>>> rcement-technology-preview.pdf
>>
>> It is pretty hard to judge whether the changes here are correct
>> without the doc being really precise on the obvious corner case:
>> How does one correctly use a segment override and a notrack
>> prefix on an indirect call/jmp with a memory operand? Most
>> importantly, how does one use %ds: but not notrack, notrack
>> but not %ds:, or %ds and notrack?
>>
> 
> The spec has
> 
> 3.1
> No-track Prefix for Near Indirect Call/Jmp
> Near indirect call and jmp instructions when prefixed with 3EH are
> termed “non-tracked indirect control
> transfer instructions” and do not modify the CET indirect branch
> tracker. Far call and jmp are always tracked
> and ignore the 3EH prefix. The NO_TRACK_EN control in the
> IA32_U_CET/IA32_S_CET MSR enables this
> no-track prefix treatment. When this control is 0, the near indirect
> call and jmp are always tracked irrespec-
> tive of the presence of the 3EH prefix.
> In 64-bit mode, the 3EH prefix on an indirect call or jmp is
> recognized as a no-track prefix when the following
> conditions are satisfied.
> ·
> 3EH must be the last legacy prefix of any group (except any REX).
> ·
> There must not be a 64H/65H prefix on the instruction.
> In legacy/compatibility mode, the 3EH prefix on an indirect call or
> jmp is recognized as a no-track prefix
> when it is the last group 2 prefix on the instruction.
> 
> That means you can't use the notrack pefix with a segment override
> and you can't use %ds segment override on indirect branch.

Well, what you derive from it is one possible meaning, but I don't
think the only one. I continue to think that the text is ambiguous,
and I also continue to think that disallowing segment overrides
here is a bad idea.

Jan

Follow-Ups:
- Re: [committed, PATCH 1/3] x86: CET v2.0: Update NOTRACK prefix
  - From: H.J. Lu

References:
- Re: [committed, PATCH 1/3] x86: CET v2.0: Update NOTRACK prefix
  - From: Jan Beulich
- Re: [committed, PATCH 1/3] x86: CET v2.0: Update NOTRACK prefix
  - From: H.J. Lu

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]