From nobody Sat Feb 7 16:42:29 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 76B92CD8CA9 for ; Tue, 10 Oct 2023 17:10:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233815AbjJJRKr (ORCPT ); Tue, 10 Oct 2023 13:10:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54058 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232908AbjJJRKo (ORCPT ); Tue, 10 Oct 2023 13:10:44 -0400 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2085.outbound.protection.outlook.com [40.107.93.85]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A8D0B7 for ; Tue, 10 Oct 2023 10:10:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DmsKnOT1U73z65cDB835xfc/Z2MCQcreQ3llaqdsVkaBax5yGQDJxKJ4oMDyX84UM0IMh8dyrMUlKSOPMrTf8EpCdAxhyxVuuEi6/iNSloGj+R/tXOC9B9Mzk3iuUJCv3OhYncCdqrQ49Kfvqu0YdcrqNVxi/hA/evJ9QGOMldkUPvawT4Fu43Mpd/hVLGfZZ4495Y0bbQZsXLrzLwA2TTXPOullCAnTYKCde7gl35DDxRNaYgQ4rV1emj+os1RKfAFOs+eSyBoWHQD1CY4EEIopREiAm6oXlvSrMsaB8cGsGLY9OHyePyFMWDso8+wreBgbrHnbp5/DjpWiuzA9Cw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=P68wo6zt5TAxWt+pCXOd683FhgHEfFqkuoHeFXwxk6A=; b=Y+W+YEWNoRyX3fkFFhLcEUi2lXUbJQrBgFeteHs+P9dQFkum0hSLWVbfZhvTqdG2uyhoOdFVF6JwVpEdWLYeOzf/gI8qppKvBI1IiE0KtbiRWk+ItnsAreNinXFJzhi1tnLJr+5bxppAXPoJvoadCbyXXoDNoIKuCJJKugmydOfMDijBmHc9pYtzw2zXVPna5+lkjQrT5wMf/P73YeXzQMfambZvdteoS/y16VevKOr59Lv8qTSvkuQODTF3vvo1dhHmKPLKMU28bHUicZxTcORJMmEMThkFpVT53FrddrmqpeI04qpPG67mc6TwSzacHcd+HjJ/2ZLZoGk7X6vD6Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P68wo6zt5TAxWt+pCXOd683FhgHEfFqkuoHeFXwxk6A=; b=g0Cq0kUFhfb5PjoEruMh/Tl9qu62SSCOM/+3Ryzby7K/MEamfFVjZL/NLCRY7D3xIUl0KI6d/TK1Wih8cIyDrALpfLlFBDbifEpcFE8R18/CViQ0+cA8F6zIzZzsqtiRikBSvxAocDvYeI1Mgn/wp5alFbN+anJ8YwsNNwHZQa0= Received: from MW4P220CA0030.NAMP220.PROD.OUTLOOK.COM (2603:10b6:303:115::35) by IA0PR12MB8352.namprd12.prod.outlook.com (2603:10b6:208:3dd::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.29; Tue, 10 Oct 2023 17:10:38 +0000 Received: from CO1PEPF000044F7.namprd21.prod.outlook.com (2603:10b6:303:115:cafe::75) by MW4P220CA0030.outlook.office365.com (2603:10b6:303:115::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38 via Frontend Transport; Tue, 10 Oct 2023 17:10:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F7.mail.protection.outlook.com (10.167.241.197) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6907.6 via Frontend Transport; Tue, 10 Oct 2023 17:10:38 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Tue, 10 Oct 2023 12:10:37 -0500 From: David Kaplan To: , CC: , Josh Poimboeuf Subject: [PATCH 1/3] Revert "x86/retpoline: Remove .text..__x86.return_thunk section" Date: Tue, 10 Oct 2023 12:10:18 -0500 Message-ID: <20231010171020.462211-2-david.kaplan@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231010171020.462211-1-david.kaplan@amd.com> References: <20231010171020.462211-1-david.kaplan@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F7:EE_|IA0PR12MB8352:EE_ X-MS-Office365-Filtering-Correlation-Id: 15836d23-8365-4fc4-8e0c-08dbc9b3d342 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: PKRQk3PdZv16PM4zdk3dPbXz+FbBoLEDjWH0rI1t7SyiXLn/jOPtwxzgcmvvZUwITpCAwsqWi3Eevo+3ajjR3lwnPRr7OYH3TVQh/Kfw8iAUmzzEhnsXSEBTZy3q57xgMDlxQ6geLdLXbAWqdWHUeSJYllrbhp6zpZSscQKFPk+Q9MaeAgtXeLGdlRgiFDwxCB2SsUNUY8v84aobufANg5rIZAFMwEBb7yeAJm9DdqoLZweRgKtxKZ3rVaSTH2pFZVh/3eK/IO2zGpW/Ujn+lgi1WWViH2Izlvmp+jjX6IxzVFux8eo/M2Auu7aWkwg0ilj/wzQfL7UO5mwcXgUBd1998Loek7BwQTHDtWRx23zjuJ6L7foPpCypPxyzP3kAtgNIgkA+leKV+Ge3RTLA9QSJWTxj74yD2bmI+a2aE1t3t3F6d66zpWIvo3JR2rfjnEbe8pH2rnLLoauOKF9Mx8DRLebFTEjTxI6kTOMm6A5Kxgj17FBj0GMDGtXnr4Jcytcvc6YOrltuhnnnEoslL4FqBLiU/1CbmqYv93Y/KdBcYeEGiNIARfw52vUdS8dz84dJ+uPx5SG1lB+Rnlpc3BAUDAv6V9EIgNUAYtMS1Xb0KKDMo+XrJIsNq6itxqLS1a/efv9HXVgcMdPFN1czgF+PQn6tQO2krWpNwCcS2uMoVXKNNQ00kkxAdNaH0cnxNPXINN0bIbk9f1XxNChIKS9xuqyleKmq0oaJ81flv3Lwh58tyNeLXqQEBhaj6z8ReKc6aY5ImOBW5u/7ML6dxCgaMEdCYOWXp1VWpISKT0Q= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(396003)(346002)(136003)(39860400002)(230922051799003)(451199024)(1800799009)(82310400011)(64100799003)(186009)(36840700001)(46966006)(40470700004)(8936002)(82740400003)(40480700001)(478600001)(4326008)(8676002)(44832011)(7696005)(47076005)(40460700003)(36756003)(36860700001)(316002)(5660300002)(54906003)(110136005)(70206006)(41300700001)(70586007)(356005)(6666004)(1076003)(2616005)(336012)(426003)(2906002)(26005)(83380400001)(81166007)(86362001)(16526019)(142923001)(101420200003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2023 17:10:38.1396 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 15836d23-8365-4fc4-8e0c-08dbc9b3d342 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F7.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8352 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" This reverts commit e92626af3234708fe30f53b269d210d202b95206. This commit broke patching of the return thunk jmp in the retpoline sequence. Before (broken sequence): objdump -d -r arch/x86/lib/retpoline.o: 0000000000000000 <__x86_indirect_thunk_array>: ... a: e9 d1 02 00 00 jmpq 2e0 <__x86_return_thunk> live disassembly at runtime: 0xffffffff81d12a8a <+10>: jmpq 0xffffffff81d12d60 <__x86_return_thunk> This jmp to the default return thunk should not happen after alternatives patching. After reverting this: objdump -d -r arch/x86/lib/retpoline.o: 0000000000000000 <__x86_indirect_thunk_array>: ... a: e9 00 00 00 00 jmpq f <__x86_indirect_thunk_array+0xf> b: R_X86_64_PLT32 __x86_return_thunk-0x4 live disassembly at runtime: 0xffffffff81d12a8a <+10>: jmpq 0xffffffff81f0410b This is correct as the jmp is written to the correct return sequence. objtool (add_jump_destinations()) only recognizes return thunk jmps that ha= ve relocation entries, which will not occur if the return thunk is in the same section as the indirect thunks. Signed-off-by: David Kaplan Cc: Josh Poimboeuf Acked-by: Peter Zijlstra (Intel) Reported-by: David Kaplan --- arch/x86/kernel/vmlinux.lds.S | 3 +++ arch/x86/lib/retpoline.S | 2 ++ 2 files changed, 5 insertions(+) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 9cdb1a7332c4..54a5596adaa6 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -132,7 +132,10 @@ SECTIONS LOCK_TEXT KPROBES_TEXT SOFTIRQENTRY_TEXT +#ifdef CONFIG_RETPOLINE *(.text..__x86.indirect_thunk) + *(.text..__x86.return_thunk) +#endif STATIC_CALL_TEXT =20 ALIGN_ENTRY_TEXT_BEGIN diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index db813113e637..3da768a71cf9 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -129,6 +129,8 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) =20 #ifdef CONFIG_RETHUNK =20 + .section .text..__x86.return_thunk + #ifdef CONFIG_CPU_SRSO =20 /* --=20 2.25.1 From nobody Sat Feb 7 16:42:29 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6293CD8CA9 for ; Tue, 10 Oct 2023 17:11:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233941AbjJJRLB (ORCPT ); Tue, 10 Oct 2023 13:11:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51998 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233846AbjJJRKu (ORCPT ); Tue, 10 Oct 2023 13:10:50 -0400 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2042.outbound.protection.outlook.com [40.107.101.42]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BE346B7 for ; Tue, 10 Oct 2023 10:10:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E6f8VyBADUX+AP+s47y2TaXdu1E5kNFUWrysmT4Mn1bgERG+dab3qeH5rcL21hpx2HDizP/cOBXzGTXwKi37Rs9icpUEW1/npHbK4+Xx4h26eaMKLqV9zMWgJ0c9kf1RzKpUXvoSPreLNMv3ubhVTPhu5d/AEi07II8zzBqyznjfQZkkmgoCNyBmqDVnPTdYffEsxh31Vd4Vsi/CzfGNwwItQiMrgbCamiKNIkYBa829dmb6o2tFRjn6b2pYC7YQfHZG+HiBFCDLcdi6uy+kDWG5K5jPInqgKvbfzPMrBPgk6JUD+ZO6wF+iRnDWG6nUm0idoQPiky4y33UInbIJ5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KwXHSX8fNNQRMALFfp6axk5XS4yv+drNsW2plHNwodE=; b=kXCMhIKcbgnPBKNyloeAucRBVZCNyKdJ3hVE2iOyxznznzAPhyH1sHDzqhJTLSLp5dU/VvNItaGXj1GXcjHqSB4rlcErxR+WF8WCkN1z7ClioSHNB62X4v49E32V2BEsh/tX998P72VPj0PLkcCGleqeJJfg9ebHU1N08zjZ/cWi18ey/uzJdIlePvHRxTUMBam+QBJlXuH6rEzZFFE6b2orpJP9Xto8yfu0Xaiota3gxZ+MayDalIFMjjc0+w+79BThhLYHMKmPOQuJoD5IaoI2BAu0QFNmByiUOWc3baA+egAtWTktsgAKL2NwfYTBEpf2TeiQrYb57fsTkT3jkw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KwXHSX8fNNQRMALFfp6axk5XS4yv+drNsW2plHNwodE=; b=sUar7/IpXEAWe5zD00jlQPLii5dVtEF94xRem8DBsTn55OONmgQd2Pelk8KEle10UDkM3x4V7GvyJVw0Xhm5atd27WrUUTowfk66aRPdJMfZ2IOw6e7K46mZSnVOsbezHDR6HUXGLe/h4ndtFV5Ymnazhzvr5fjf4K5+mS26LjQ= Received: from MW4P220CA0011.NAMP220.PROD.OUTLOOK.COM (2603:10b6:303:115::16) by DS7PR12MB6072.namprd12.prod.outlook.com (2603:10b6:8:9c::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38; Tue, 10 Oct 2023 17:10:39 +0000 Received: from CO1PEPF000044F7.namprd21.prod.outlook.com (2603:10b6:303:115:cafe::87) by MW4P220CA0011.outlook.office365.com (2603:10b6:303:115::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.27 via Frontend Transport; Tue, 10 Oct 2023 17:10:39 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F7.mail.protection.outlook.com (10.167.241.197) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6907.6 via Frontend Transport; Tue, 10 Oct 2023 17:10:39 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Tue, 10 Oct 2023 12:10:37 -0500 From: David Kaplan To: , CC: Subject: [PATCH 2/3] x86/vdso: Run objtool on vdso32-setup Date: Tue, 10 Oct 2023 12:10:19 -0500 Message-ID: <20231010171020.462211-3-david.kaplan@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231010171020.462211-1-david.kaplan@amd.com> References: <20231010171020.462211-1-david.kaplan@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F7:EE_|DS7PR12MB6072:EE_ X-MS-Office365-Filtering-Correlation-Id: e203a7c5-3acf-4f40-70dd-08dbc9b3d408 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: etnfVVsBKWKMY+XNq7chQmFEBk6haDqP/aYei5LzBGCj+wfm07YS/fEmoOcWfp1x3dci1GtRUKEOb5gTMENAEzF9cWJpGqL/8OK6fojSHvMb48XeTI97kEoF70bYayApsI+z1erOa3DBuklQuLJlgeW2hS00UvJrDiPbWkq1OpZn6mFF27ivxFYJAyTgKhDPOPTg0AsZWrLQUMp11+sf9L67cJU6IHgQeLLzRS0CWkUIFGaoJ9cDiqAnGCHUOzy7CES7bPc4dPpru8vKvBlJVF0eOy5eLPf7ansEuhMbXdRvt3cPgZ28dwHdvQwppGmwtfjtFaYK4VPBOnICv93d5coXCtXkp+ThRTOK+v4nsxlzdBvmxXpDbHniWOARNWi3uWp+8wP1SvbZ6b9uxDT4hco9KPDSARrbwm4e25WezXDkhQGdu9EaJt62Nx8xQ+3ZS5EStuPYMd7fLMh5aPpGfjgnfQM5gZis/YrKqWzTkPGaeN/sXi2bhcP3Fct1flHX18MUoK2G3C6k7J8PoHxdAmxMx848tCysVgjnMfq+LQYrHd4rjEfVIOzYV8u92RfAHcl0zFLzdUDh3f/fGoUx1K5iES2zRxhxjE/6PWhliexeLPIpEG050XyvjEJNwExIR5o0ztyYBMXh90EFBQLlbw9T+6/kdTWv1PRH0w8Ld4DKDveespG0XTXV90eSQYgiog25zJeMkNBrF+yDSHwRULZly+v8J2VCqkVTG1X7+Ak= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(396003)(39860400002)(136003)(376002)(230922051799003)(451199024)(186009)(1800799009)(64100799003)(82310400011)(36840700001)(46966006)(40470700004)(1076003)(7696005)(40460700003)(356005)(36756003)(40480700001)(86362001)(82740400003)(81166007)(36860700001)(336012)(16526019)(26005)(47076005)(426003)(44832011)(4744005)(2906002)(83380400001)(2616005)(6666004)(478600001)(8676002)(4326008)(8936002)(41300700001)(5660300002)(70586007)(70206006)(110136005)(316002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2023 17:10:39.4365 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e203a7c5-3acf-4f40-70dd-08dbc9b3d408 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F7.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB6072 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" vdso32-setup.c is part of the main kernel image and should not be excluded from objtool. Objtool is necessary in part for ensuring that returns in this file are correctly patched to the appropriate return thunk at runtime. Signed-off-by: David Kaplan Acked-by: Peter Zijlstra (Intel) --- arch/x86/entry/vdso/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index 6a1821bd7d5e..83c0afb7c741 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -42,7 +42,8 @@ vdso_img-$(VDSO64-y) +=3D 64 vdso_img-$(VDSOX32-y) +=3D x32 vdso_img-$(VDSO32-y) +=3D 32 =20 -obj-$(VDSO32-y) +=3D vdso32-setup.o +obj-$(VDSO32-y) +=3D vdso32-setup.o +OBJECT_FILES_NON_STANDARD_vdso32-setup.o :=3D n =20 vobjs :=3D $(foreach F,$(vobjs-y),$(obj)/$F) vobjs32 :=3D $(foreach F,$(vobjs32-y),$(obj)/$F) --=20 2.25.1 From nobody Sat Feb 7 16:42:29 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 348A7CD8CA9 for ; Tue, 10 Oct 2023 17:10:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233924AbjJJRKv (ORCPT ); Tue, 10 Oct 2023 13:10:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51918 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233629AbjJJRKr (ORCPT ); Tue, 10 Oct 2023 13:10:47 -0400 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2043.outbound.protection.outlook.com [40.107.220.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 989D194 for ; Tue, 10 Oct 2023 10:10:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g72D7d0WCfwGKUAWg3b4rQhoLLFL8qVvwygSAOvomcSIIuwzBXXhL+H1ANkHWvzX/bh6ypqW9A2fg3uA7jxgW+lJY1KAiD4hCO+mqATAgyTibxMWCPOAkeEi8Kbf8U055jCZHEkz5Ljr7AnfOod9uRYyJiqqF/y5I2yIpOtsPn71xItSH12AOs3VafmoVvZusyffzZ95su1KWvAUWtAH/upFLmSQZhOIN/UsIVKVDSfcG3tjyo/+Y1Y9IB/vieXmL5lkqjFaMx2XQJ94JoNjZGbQsauUwBo7O8n0kZZgggOHbHzY6pXnAk31N0lg9sl2TLxIjYocskf3FcFfXF4E8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ShsxksQCBU+sYJtQmS5RnFGE4ATRkKsS1l9HZ71b+WI=; b=nuIpmIWFtpQqssdjRkJpCGYrzlrKuaEC/Os/XcfnJI6iMBL3DQpIxRl9Bx/BGmvj+bsXPKniqZg08GRXBlD6W1Hz9xOSdUlTjJnKCBkmWgIjRXTN3LBW6gzKTTpeIDNKvIteI9thJJ5ekYdyLvRfhmZiV4JOxWTCOOvaVf6h46zPudyBLggapIX2aT927qlKqBMI067p2UEIEwqhkQ6GRbfROXz4NiKaXABrKHt9jbFkTmJQB87XYv8Ix4j5UzOeuNs2W23/9UoozA1YowPLhZPwag4xldzNJZdT8fY9U4pwsrX4YjGfIviAP/EY3i1EXNBGlqNAoj91QfY9fxtvDg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ShsxksQCBU+sYJtQmS5RnFGE4ATRkKsS1l9HZ71b+WI=; b=SNM4fg6l135k1zowTtRq5K+6vSPkZCpD65214wzqEsazJkrgocqUDocvLEUtpCYniWSLQSLMvJZUZeHS0yyz6PSC6l/19h4qzteRa7p72R0Ijr5l+7QGixg8x3zR1lNRCAquxObA5TkLAzv6dovnhcG0FvqPKw9dcJ36TFOZ1ag= Received: from MW4P220CA0013.NAMP220.PROD.OUTLOOK.COM (2603:10b6:303:115::18) by IA0PR12MB8227.namprd12.prod.outlook.com (2603:10b6:208:406::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38; Tue, 10 Oct 2023 17:10:40 +0000 Received: from CO1PEPF000044F7.namprd21.prod.outlook.com (2603:10b6:303:115:cafe::5d) by MW4P220CA0013.outlook.office365.com (2603:10b6:303:115::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38 via Frontend Transport; Tue, 10 Oct 2023 17:10:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F7.mail.protection.outlook.com (10.167.241.197) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6907.6 via Frontend Transport; Tue, 10 Oct 2023 17:10:40 +0000 Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Tue, 10 Oct 2023 12:10:37 -0500 From: David Kaplan To: , CC: Subject: [PATCH 3/3] x86/retpoline: Ensure default return thunk isn't used at runtime Date: Tue, 10 Oct 2023 12:10:20 -0500 Message-ID: <20231010171020.462211-4-david.kaplan@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231010171020.462211-1-david.kaplan@amd.com> References: <20231010171020.462211-1-david.kaplan@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F7:EE_|IA0PR12MB8227:EE_ X-MS-Office365-Filtering-Correlation-Id: ae2c7f24-709c-4f95-0a33-08dbc9b3d463 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 50r1pv1iS8iN6ApKzm7EAU74/GG84G1cpJbP3eTkRS9r3bSmKrgI++C4TCygqzjv6MPPI2+V8USSqosJ3EaK3AT/Cdf+WnyXircevwWPbKZ57gG61HsSBVfM+4AU87yhfNSJFzHXGxhyOsjnW43v0V2JssEfmO6CRW17rnzAqk2VURoS9JtzF+XqVSEsIyT37G82A3TNwtGsKs6MgMeygU/GD6CDyyFup0h3sSloIg4mV3FI/bjIxlx/DFzJ1wEqhkI2B6eCPMS2bYtMMhov0gbrJ9J2+ec02ZpbcUJxkNWbcfG2CX1NOqRmIONW6CMeHbo0kOBoL+2vZURkyPTMiMk7FxVU3sGKcrzpbzO6/6ZRex+krM82txEBkyvEAtB9omPG94Tz+t1/5Nn+V934oGH0yoWz/ysKx/uCagpMNfDdtshncScsCo1Up3yXBOMcqktMNIp12ptv+gSv+/9tb0PS1ZnXHSYlF3NuCfZl/uQS+mevi5dbME+PD32QjIqmyIDXXC8OvxpGftH+HTdTz+pgS1qzcptXqlRikw8reSF0iinfDPPCerZeitSFcmvJAFQzIslrll4PdSz431Ii6Lh9CCMmmXLWRASNGAx3HHpZ6FADKu4eym4AbE+XyC3S8LFBu+iwwzLnEjeUjuAbN5iDiNUSK+14rcmcTPG7sQZ9hvv9HDKoks3DU84ibid1ZlA+HWODSFi57W7q/4OFiLLKZ530jgkxNvoIm6dDkCk= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(136003)(396003)(376002)(346002)(230922051799003)(64100799003)(186009)(1800799009)(82310400011)(451199024)(36840700001)(46966006)(40470700004)(40460700003)(1076003)(7696005)(478600001)(6666004)(47076005)(426003)(336012)(26005)(16526019)(83380400001)(2906002)(5660300002)(70586007)(70206006)(110136005)(8676002)(44832011)(8936002)(4326008)(316002)(41300700001)(356005)(82740400003)(36860700001)(2616005)(81166007)(36756003)(86362001)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2023 17:10:40.0927 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ae2c7f24-709c-4f95-0a33-08dbc9b3d463 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F7.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8227 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" All CPU bugs that require a return thunk define a special return thunk to use (e.g., srso_return_thunk). The default thunk, __x86_return_thunk, should never be used after apply_returns() completes. Otherwise this could lead to potential speculation holes. Enforce this by replacing this thunk with a ud2 when alternatives are applied. Alternative instructions are applied after apply_returns(). The default thunk is only used during kernel boot, it is not used during module init since that occurs after apply_returns(). Signed-off-by: David Kaplan Acked-by: Peter Zijlstra (Intel) --- arch/x86/lib/retpoline.S | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 3da768a71cf9..10212cf4a9af 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -358,15 +358,17 @@ SYM_FUNC_END(call_depth_return_thunk) * This function name is magical and is used by -mfunction-return=3Dthunk-= extern * for the compiler to generate JMPs to it. * - * This code is only used during kernel boot or module init. All + * This code is only used during kernel boot. All * 'JMP __x86_return_thunk' sites are changed to something else by * apply_returns(). + * + * This thunk is turned into a ud2 to ensure it is never used at runtime. + * Alternative instructions are applied after apply_returns(). */ SYM_CODE_START(__x86_return_thunk) UNWIND_HINT_FUNC ANNOTATE_NOENDBR - ANNOTATE_UNRET_SAFE - ret + ALTERNATIVE __stringify(ANNOTATE_UNRET_SAFE;ret),"ud2", X86_FEATURE_RETHU= NK int3 SYM_CODE_END(__x86_return_thunk) EXPORT_SYMBOL(__x86_return_thunk) --=20 2.25.1 From nobody Sat Feb 7 16:42:29 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D9C64CDB47E for ; Fri, 20 Oct 2023 11:37:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377238AbjJTLhe (ORCPT ); Fri, 20 Oct 2023 07:37:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59026 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377166AbjJTLhU (ORCPT ); Fri, 20 Oct 2023 07:37:20 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C6510D4C; Fri, 20 Oct 2023 04:37:18 -0700 (PDT) Date: Fri, 20 Oct 2023 11:37:12 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1697801837; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=tW7YSgvT1sIejWKhmFk87XKju2fsmJGO/qsh36cwBFg=; b=dRNM0VnUet/tRImlmov45zmlUUj76ZIVDZR3f/n1pChP+I7dw32LGM7uCfQj1tIKgkuV0v qTpADEd6yfebor2/2oS/ghuMt+y363GXiIU06StPuSgGs0pzf7EHf9pFJ0NOpZIXLK9+Sa /qtDpE5N7wrfAv1OA47jJS2j/2W4N3uEOtyvL1DPPe8FCtqo3iHAOr2gBqBkSX3GmMsvi+ qnCBfj3kPMd6Y42fwaSmTGRJ5xhO4aSHXfmOU/th5vDcZ/iQ2CCPFApThrhN7Qbou0PcqP eLIz4tgkoeKHJVWl3SHzCyQx2HZ4B49TwOowslie7dI/WtRhk5QvCYt4Q0Gd5A== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1697801837; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=tW7YSgvT1sIejWKhmFk87XKju2fsmJGO/qsh36cwBFg=; b=itJR1fpxYCK3P6ny2rzPYxaBGcwfOzrZqo4rol5pC2czz+8+Xke3BcQTb+53KjAlrDklNn wGL/rVasFM5YSNDA== From: "tip-bot2 for Borislav Petkov (AMD)" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/bugs] x86/retpoline: Document some thunk handling aspects Cc: Ingo Molnar , "Borislav Petkov (AMD)" , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20231010171020.462211-1-david.kaplan@amd.com> References: <20231010171020.462211-1-david.kaplan@amd.com> MIME-Version: 1.0 Message-ID: <169780183267.3135.3911908270721154685.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The following commit has been merged into the x86/bugs branch of tip: Commit-ID: 9d9c22cc444af01ce254872b729af26864c43a3a Gitweb: https://git.kernel.org/tip/9d9c22cc444af01ce254872b729af2686= 4c43a3a Author: Borislav Petkov (AMD) AuthorDate: Fri, 20 Oct 2023 13:17:14 +02:00 Committer: Borislav Petkov (AMD) CommitterDate: Fri, 20 Oct 2023 13:17:14 +02:00 x86/retpoline: Document some thunk handling aspects After a lot of experimenting (see thread Link points to) document for now the issues and requirements for future improvements to the thunk handling and potential issuing of a diagnostic when the default thunk hasn't been patched out. This documentation is only temporary and that close before the merge window it is only a placeholder for those future improvements. Suggested-by: Ingo Molnar Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20231010171020.462211-1-david.kaplan@amd.com Acked-by: Peter Zijlstra (Intel) --- arch/x86/lib/retpoline.S | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index d410aba..a48077c 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -129,6 +129,13 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) =20 #ifdef CONFIG_RETHUNK =20 +/* + * Be careful here: that label cannot really be removed because in + * some configurations and toolchains, the JMP __x86_return_thunk the + * compiler issues is either a short one or the compiler doesn't use + * relocations for same-section JMPs and that breaks the returns + * detection logic in apply_returns() and in objtool. + */ .section .text..__x86.return_thunk =20 #ifdef CONFIG_CPU_SRSO @@ -361,6 +368,14 @@ SYM_FUNC_END(call_depth_return_thunk) * This code is only used during kernel boot or module init. All * 'JMP __x86_return_thunk' sites are changed to something else by * apply_returns(). + * + * This should be converted eventually to call a warning function which + * should scream loudly when the default return thunk is called after + * alternatives have been applied. + * + * That warning function cannot BUG() because the bug splat cannot be + * displayed in all possible configurations, leading to users not really + * knowing why the machine froze. */ SYM_CODE_START(__x86_return_thunk) UNWIND_HINT_FUNC From nobody Sat Feb 7 16:42:29 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6CDB4CDB47E for ; Fri, 20 Oct 2023 11:29:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377101AbjJTL3C (ORCPT ); Fri, 20 Oct 2023 07:29:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34914 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377053AbjJTL3A (ORCPT ); Fri, 20 Oct 2023 07:29:00 -0400 Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 12A6991 for ; Fri, 20 Oct 2023 04:28:58 -0700 (PDT) Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id 602B740E0196; Fri, 20 Oct 2023 11:28:56 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Authentication-Results: mail.alien8.de (amavisd-new); dkim=pass (4096-bit key) header.d=alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id XZblKcWG3bFf; Fri, 20 Oct 2023 11:28:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1697801334; bh=RPwiG2OS9U7D49CvSl48CZBuAaYsCnuLO0DjiNynFZY=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=h/1/QSn6XWM2sglklNiPvziowHcbXGdDj7TZt6AMJN3uMWtHKknKgQ+Zj1vscQYgK BuguGdOJ9GwBSBRzYOhzK5NLIg+N0h/80GrPEhDFYRK4QCsKjWqJB9j4Of4eDrlF/O 3QisHlsSjvu3ti0g7p11c6IfXZmcW/bi7rZZ1LagwJ0rLJhyJbqJcWMgFJmk/qL/EB TgfGidKGx7KZHdT9Ia7PvlxWHtXWqv4g4G+DtoaaTssA3gOZZ86JV9kg4j2KQ/NWO3 22aC7nYne3QBr26gCAknAy9V+fkFIQ0L/XKGVTiTHoHFNVW3CvHhHq8DxLZNYTZS+V hYaJU1Q62NM+W91/1IEnjM0cgvLWxXQMNk6ofw+U8gtGMoL/rmvURih+tBM3j18jrb WqsdB/ZDDLrlTepMSP+xM1BKJNPC4pnXZSAFhKqlZORiJCfvEwkeoFn57Y6/gjY12P uZThvfVqBCGWCkHYXV0WotFksmn8Gym9RKnRPFOViBF4PoVAb93siLl92UBGyX/Adv FIDzuq0j3OL2E97kWrb/94DHay6p8DnTBIlLDp8kU9AAd/7LdtHLwedjXZPFcNAdTm 8Fyr9Cz1d6MMX6DTgP9/QQAcThnaUd5ktxwVrTdp+qyP6yHmob1NOZ865X57Bj/6lB Q8dLxhKlbJD6m1zwgC3K2xuk= Received: from zn.tnic (pd95304da.dip0.t-ipconnect.de [217.83.4.218]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 0431940E0187; Fri, 20 Oct 2023 11:28:48 +0000 (UTC) Date: Fri, 20 Oct 2023 13:28:43 +0200 From: Borislav Petkov To: David Kaplan , Josh Poimboeuf Cc: x86@kernel.org, luto@kernel.org, linux-kernel@vger.kernel.org Subject: Subject: [PATCH] x86/retpoline: Document some thunk handling aspects (was: Re: [PATCH 0/3] Ensure default return thunk isn't used at runtime) Message-ID: <20231020112843.GEZTJkax6LRw+x8qZj@fat_crate.local> References: <20231010171020.462211-1-david.kaplan@amd.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20231010171020.462211-1-david.kaplan@amd.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" On Tue, Oct 10, 2023 at 12:10:17PM -0500, David Kaplan wrote: > Several CPU side-channel mitigations require the use of a special return = thunk. > The necessary return thunk is installed at runtime via apply_returns(), a= fter > which point the default return thunk (__x86_return_thunk) should never be= used. Ok, mingo was right when suggesting that reverting those commits is not really the right thing to do because it would break bisection if the bisection point lands before the reverts. Yeah, yeah, it is unlikely but better safe than sorry. So I went and rebased the whole tip:x86/bugs branch into a clean state. I've left, I hope enough, breadcrumbs in there for future improvements in the form of the following patch: Acked-by: Peter Zijlstra (Intel) Suggested-by: Ingo Molnar --- From: "Borislav Petkov (AMD)" Date: Fri, 20 Oct 2023 13:17:14 +0200 Subject: [PATCH] x86/retpoline: Document some thunk handling aspects After a lot of experimenting (see thread Link points to) document for now the issues and requirements for future improvements to the thunk handling and potential issuing of a diagnostic when the default thunk hasn't been patched out. This documentation is only temporary and that close before the merge window it is only a placeholder for those future improvements. Suggested-by: Ingo Molnar Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20231010171020.462211-1-david.kaplan@amd.com --- arch/x86/lib/retpoline.S | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index d410abacbf88..a48077c5ca61 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -129,6 +129,13 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) =20 #ifdef CONFIG_RETHUNK =20 +/* + * Be careful here: that label cannot really be removed because in + * some configurations and toolchains, the JMP __x86_return_thunk the + * compiler issues is either a short one or the compiler doesn't use + * relocations for same-section JMPs and that breaks the returns + * detection logic in apply_returns() and in objtool. + */ .section .text..__x86.return_thunk =20 #ifdef CONFIG_CPU_SRSO @@ -361,6 +368,14 @@ SYM_FUNC_END(call_depth_return_thunk) * This code is only used during kernel boot or module init. All * 'JMP __x86_return_thunk' sites are changed to something else by * apply_returns(). + * + * This should be converted eventually to call a warning function which + * should scream loudly when the default return thunk is called after + * alternatives have been applied. + * + * That warning function cannot BUG() because the bug splat cannot be + * displayed in all possible configurations, leading to users not really + * knowing why the machine froze. */ SYM_CODE_START(__x86_return_thunk) UNWIND_HINT_FUNC --=20 2.42.0.rc0.25.ga82fb66fed25 --=20 Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette