This is a note to let you know that I've just added the patch titled
objtool: Keep track of retpoline call sites
to the 5.10-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
objtool-keep-track-of-retpoline-call-sites.patch
and it can be found in the queue-5.10 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From foo@baz Tue Jul 12 05:07:35 PM CEST 2022
From: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Date: Fri, 26 Mar 2021 16:12:12 +0100
Subject: objtool: Keep track of retpoline call sites
From: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
commit 43d5430ad74ef5156353af7aec352426ec7a8e57 upstream.
Provide infrastructure for architectures to rewrite/augment compiler
generated retpoline calls. Similar to what we do for static_call()s,
keep track of the instructions that are retpoline calls.
Use the same list_head, since a retpoline call cannot also be a
static_call.
Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
Signed-off-by: Borislav Petkov <bp@xxxxxxx>
Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx>
Reviewed-by: Miroslav Benes <mbenes@xxxxxxx>
Link: https://lkml.kernel.org/r/20210326151300.130805730@xxxxxxxxxxxxx
[bwh: Backported to 5.10: adjust context]
Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
tools/objtool/arch.h | 2 ++
tools/objtool/check.c | 34 +++++++++++++++++++++++++++++-----
tools/objtool/check.h | 2 +-
tools/objtool/objtool.c | 1 +
tools/objtool/objtool.h | 1 +
5 files changed, 34 insertions(+), 6 deletions(-)
--- a/tools/objtool/arch.h
+++ b/tools/objtool/arch.h
@@ -88,4 +88,6 @@ int arch_decode_hint_reg(struct instruct
bool arch_is_retpoline(struct symbol *sym);
+int arch_rewrite_retpolines(struct objtool_file *file);
+
#endif /* _ARCH_H */
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -451,7 +451,7 @@ static int create_static_call_sections(s
return 0;
idx = 0;
- list_for_each_entry(insn, &file->static_call_list, static_call_node)
+ list_for_each_entry(insn, &file->static_call_list, call_node)
idx++;
sec = elf_create_section(file->elf, ".static_call_sites", SHF_WRITE,
@@ -460,7 +460,7 @@ static int create_static_call_sections(s
return -1;
idx = 0;
- list_for_each_entry(insn, &file->static_call_list, static_call_node) {
+ list_for_each_entry(insn, &file->static_call_list, call_node) {
site = (struct static_call_site *)sec->data->d_buf + idx;
memset(site, 0, sizeof(struct static_call_site));
@@ -786,13 +786,16 @@ static int add_jump_destinations(struct
else
insn->type = INSN_JUMP_DYNAMIC_CONDITIONAL;
+ list_add_tail(&insn->call_node,
+ &file->retpoline_call_list);
+
insn->retpoline_safe = true;
continue;
} else if (insn->func) {
/* internal or external sibling call (with reloc) */
insn->call_dest = reloc->sym;
if (insn->call_dest->static_call_tramp) {
- list_add_tail(&insn->static_call_node,
+ list_add_tail(&insn->call_node,
&file->static_call_list);
}
continue;
@@ -854,7 +857,7 @@ static int add_jump_destinations(struct
/* internal sibling call (without reloc) */
insn->call_dest = insn->jump_dest->func;
if (insn->call_dest->static_call_tramp) {
- list_add_tail(&insn->static_call_node,
+ list_add_tail(&insn->call_node,
&file->static_call_list);
}
}
@@ -938,6 +941,9 @@ static int add_call_destinations(struct
insn->type = INSN_CALL_DYNAMIC;
insn->retpoline_safe = true;
+ list_add_tail(&insn->call_node,
+ &file->retpoline_call_list);
+
remove_insn_ops(insn);
continue;
@@ -945,7 +951,7 @@ static int add_call_destinations(struct
insn->call_dest = reloc->sym;
if (insn->call_dest && insn->call_dest->static_call_tramp) {
- list_add_tail(&insn->static_call_node,
+ list_add_tail(&insn->call_node,
&file->static_call_list);
}
@@ -1655,6 +1661,11 @@ static void mark_rodata(struct objtool_f
file->rodata = found;
}
+__weak int arch_rewrite_retpolines(struct objtool_file *file)
+{
+ return 0;
+}
+
static int decode_sections(struct objtool_file *file)
{
int ret;
@@ -1683,6 +1694,10 @@ static int decode_sections(struct objtoo
if (ret)
return ret;
+ /*
+ * Must be before add_special_section_alts() as that depends on
+ * jump_dest being set.
+ */
ret = add_jump_destinations(file);
if (ret)
return ret;
@@ -1719,6 +1734,15 @@ static int decode_sections(struct objtoo
if (ret)
return ret;
+ /*
+ * Must be after add_special_section_alts(), since this will emit
+ * alternatives. Must be after add_{jump,call}_destination(), since
+ * those create the call insn lists.
+ */
+ ret = arch_rewrite_retpolines(file);
+ if (ret)
+ return ret;
+
return 0;
}
--- a/tools/objtool/check.h
+++ b/tools/objtool/check.h
@@ -39,7 +39,7 @@ struct alt_group {
struct instruction {
struct list_head list;
struct hlist_node hash;
- struct list_head static_call_node;
+ struct list_head call_node;
struct section *sec;
unsigned long offset;
unsigned int len;
--- a/tools/objtool/objtool.c
+++ b/tools/objtool/objtool.c
@@ -61,6 +61,7 @@ struct objtool_file *objtool_open_read(c
INIT_LIST_HEAD(&file.insn_list);
hash_init(file.insn_hash);
+ INIT_LIST_HEAD(&file.retpoline_call_list);
INIT_LIST_HEAD(&file.static_call_list);
file.c_file = !vmlinux && find_section_by_name(file.elf, ".comment");
file.ignore_unreachables = no_unreachable;
--- a/tools/objtool/objtool.h
+++ b/tools/objtool/objtool.h
@@ -18,6 +18,7 @@ struct objtool_file {
struct elf *elf;
struct list_head insn_list;
DECLARE_HASHTABLE(insn_hash, 20);
+ struct list_head retpoline_call_list;
struct list_head static_call_list;
bool ignore_unreachables, c_file, hints, rodata;
};
Patches currently in stable-queue which might be from peterz@xxxxxxxxxxxxx are
queue-5.10/objtool-cache-instruction-relocs.patch
queue-5.10/x86-sev-avoid-using-__x86_return_thunk.patch
queue-5.10/objtool-add-elf_create_undef_symbol.patch
queue-5.10/x86-ftrace-use-alternative-ret-encoding.patch
queue-5.10/objtool-re-add-unwind_hint_-save_restore.patch
queue-5.10/x86-bugs-add-retbleed-ibpb.patch
queue-5.10/x86-bugs-enable-stibp-for-jmp2ret.patch
queue-5.10/x86-retpoline-cleanup-some-ifdefery.patch
queue-5.10/objtool-handle-__sanitize_cov-tail-calls.patch
queue-5.10/x86-prepare-asm-files-for-straight-line-speculation.patch
queue-5.10/kvm-vmx-flatten-__vmx_vcpu_run.patch
queue-5.10/x86-kvm-vmx-make-noinstr-clean.patch
queue-5.10/objtool-x86-replace-alternatives-with-.retpoline_sites.patch
queue-5.10/objtool-skip-magical-retpoline-.altinstr_replacement.patch
queue-5.10/x86-retbleed-add-fine-grained-kconfig-knobs.patch
queue-5.10/x86-cpu-amd-add-spectral-chicken.patch
queue-5.10/objtool-add-straight-line-speculation-validation.patch
queue-5.10/kvm-vmx-fix-ibrs-handling-after-vmexit.patch
queue-5.10/kvm-vmx-prevent-guest-rsb-poisoning-attacks-with-eibrs.patch
queue-5.10/x86-vsyscall_emu-64-don-t-use-ret-in-vsyscall-emulation.patch
queue-5.10/tools-arch-update-arch-x86-lib-mem-cpy-set-_64.s-copies-used-in-perf-bench-mem-memcpy.patch
queue-5.10/x86-add-straight-line-speculation-mitigation.patch
queue-5.10/x86-add-magic-amd-return-thunk.patch
queue-5.10/x86-bugs-keep-a-per-cpu-ia32_spec_ctrl-value.patch
queue-5.10/x86-alternatives-optimize-optimize_nops.patch
queue-5.10/x86-objtool-create-.return_sites.patch
queue-5.10/crypto-x86-poly1305-fixup-sls.patch
queue-5.10/x86-alternative-handle-jcc-__x86_indirect_thunk_-reg.patch
queue-5.10/x86-kvm-fix-setcc-emulation-for-return-thunks.patch
queue-5.10/objtool-fix-objtool-regression-on-x32-systems.patch
queue-5.10/x86-alternative-relax-text_poke_bp-constraint.patch
queue-5.10/x86-retpoline-swizzle-retpoline-thunk.patch
queue-5.10/objtool-rework-the-elf_rebuild_reloc_section-logic.patch
queue-5.10/x86-speculation-fix-firmware-entry-spec_ctrl-handling.patch
queue-5.10/x86-retpoline-remove-unused-replacement-symbols.patch
queue-5.10/objtool-fix-symbol-creation.patch
queue-5.10/x86-speculation-add-spectre_v2-ibrs-option-to-support-kernel-ibrs.patch
queue-5.10/bpf-x86-respect-x86_feature_retpoline.patch
queue-5.10/objtool-fix-type-of-reloc-addend.patch
queue-5.10/objtool-x86-rewrite-retpoline-thunk-calls.patch
queue-5.10/x86-undo-return-thunk-damage.patch
queue-5.10/x86-prepare-inline-asm-for-straight-line-speculation.patch
queue-5.10/x86-alternative-support-alternative_ternary.patch
queue-5.10/kvm-emulate-fix-setcc-emulation-function-offsets-with-sls.patch
queue-5.10/objtool-handle-per-arch-retpoline-naming.patch
queue-5.10/x86-retpoline-create-a-retpoline-thunk-array.patch
queue-5.10/x86-retpoline-simplify-retpolines.patch
queue-5.10/x86-asm-fix-register-order.patch
queue-5.10/x86-speculation-fill-rsb-on-vmexit-for-ibrs.patch
queue-5.10/objtool-add-entry-unret-validation.patch
queue-5.10/objtool-keep-track-of-retpoline-call-sites.patch
queue-5.10/kvm-vmx-convert-launched-argument-to-flags.patch
queue-5.10/objtool-add-elf_create_reloc-helper.patch
queue-5.10/objtool-make-.altinstructions-section-entry-size-consistent.patch
queue-5.10/x86-bpf-use-alternative-ret-encoding.patch
queue-5.10/x86-common-stamp-out-the-stepping-madness.patch
queue-5.10/x86-bugs-split-spectre_v2_select_mitigation-and-spectre_v2_user_select_mitigation.patch
queue-5.10/x86-bugs-report-intel-retbleed-vulnerability.patch
queue-5.10/bpf-x86-simplify-computing-label-offsets.patch
queue-5.10/x86-cpufeatures-move-retpoline-flags-to-word-11.patch
queue-5.10/x86-speculation-fix-spec_ctrl-write-on-smt-state-change.patch
queue-5.10/x86-retpoline-use-mfunction-return.patch
queue-5.10/x86-xen-rename-sys-entry-points.patch
queue-5.10/objtool-only-rewrite-unconditional-retpoline-thunk-calls.patch
queue-5.10/x86-bugs-optimize-spec_ctrl-msr-writes.patch
queue-5.10/x86-alternative-optimize-single-byte-nops-at-an-arbitrary-position.patch
queue-5.10/objtool-fix-code-relocs-vs-weak-symbols.patch
queue-5.10/x86-bugs-report-amd-retbleed-vulnerability.patch
queue-5.10/x86-static_call-use-alternative-ret-encoding.patch
queue-5.10/x86-speculation-fix-rsb-filling-with-config_retpoline-n.patch
queue-5.10/x86-asm-fixup-odd-gen-for-each-reg.h-usage.patch
queue-5.10/x86-alternative-add-debug-prints-to-apply_retpolines.patch
queue-5.10/objtool-extract-elf_symbol_add.patch
queue-5.10/x86-use-return-thunk-in-asm-code.patch
queue-5.10/objtool-remove-reloc-symbol-type-checks-in-get_alt_entry.patch
queue-5.10/objtool-classify-symbols.patch
queue-5.10/intel_idle-disable-ibrs-during-long-idle.patch
queue-5.10/objtool-correctly-handle-retpoline-thunk-calls.patch
queue-5.10/objtool-fix-.symtab_shndx-handling-for-elf_create_undef_symbol.patch
queue-5.10/x86-retpoline-move-the-retpoline-thunk-declarations-to-nospec-branch.h.patch
queue-5.10/objtool-support-asm-jump-tables.patch
queue-5.10/x86-alternative-implement-.retpoline_sites-support.patch
queue-5.10/objtool-x86-ignore-__x86_indirect_alt_-symbols.patch
queue-5.10/objtool-fix-sls-validation-for-kcov-tail-call-replacement.patch
queue-5.10/x86-alternative-try-inline-spectre_v2-retpoline-amd.patch
queue-5.10/x86-entry-remove-skip_r11rcx.patch
queue-5.10/objtool-explicitly-avoid-self-modifying-code-in-.altinstr_replacement.patch
queue-5.10/x86-speculation-use-cached-host-spec_ctrl-value-for-guest-entry-exit.patch
queue-5.10/x86-bugs-add-amd-retbleed-boot-parameter.patch
queue-5.10/objtool-create-reloc-sections-implicitly.patch
queue-5.10/x86-entry-add-kernel-ibrs-implementation.patch
queue-5.10/objtool-treat-.text.__x86.-as-noinstr.patch
queue-5.10/x86-lib-atomic64_386_32-rename-things.patch
queue-5.10/objtool-introduce-cfi-hash.patch
queue-5.10/objtool-default-ignore-int3-for-unreachable.patch
queue-5.10/objtool-extract-elf_strtab_concat.patch
queue-5.10/objtool-teach-get_alt_entry-about-more-relocation-types.patch
queue-5.10/objtool-update-retpoline-validation.patch
