On Mon, Apr 29, 2019 at 03:06:30PM -0700, Linus Torvalds wrote: > On Mon, Apr 29, 2019 at 11:57 AM Andy Lutomirski <luto@xxxxxxxxxx> wrote: > > > > > > Otherwise you could never trust the whole sti shadow thing - and it very much is part of the architecture. > > > > Is this documented somewhere? > > Btw, if you really don't trust the sti shadow despite it going all the > way back to the 8086, then you could instead make the irqoff code do > > push %gs:bp_call_return > push %gs:bp_call_target > sti > ret This variant cures the RETPOLINE complaint; due to there not actually being an indirect jump anymore. And it cures the sibling call complaint, but trades it for "return with modified stack frame". Something like so is clean: +extern asmlinkage void emulate_call_irqon(void); +extern asmlinkage void emulate_call_irqoff(void); + +asm( + ".text\n" + ".global emulate_call_irqoff\n" + ".type emulate_call_irqoff, @function\n" + "emulate_call_irqoff:\n\t" + "push %gs:bp_call_return\n\t" + "push %gs:bp_call_target\n\t" + "sti\n\t" + "ret\n" + ".size emulate_call_irqoff, .-emulate_call_irqoff\n" + + ".global emulate_call_irqon\n" + ".type emulate_call_irqon, @function\n" + "emulate_call_irqon:\n\t" + "push %gs:bp_call_return\n\t" + "push %gs:bp_call_target\n\t" + "ret\n" + ".size emulate_call_irqon, .-emulate_call_irqon\n" + ".previous\n"); + +STACK_FRAME_NON_STANDARD(emulate_call_irqoff); +STACK_FRAME_NON_STANDARD(emulate_call_irqon);
