This is a note to let you know that I've just added the patch titled
x86/speculation: Support intra-function call validation
to the 5.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
x86-speculation-support-intra-function-call-validation.patch
and it can be found in the queue-5.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From qirui.001@xxxxxxxxxxxxx Fri Mar 29 11:16:07 2024
From: Rui Qi <qirui.001@xxxxxxxxxxxxx>
Date: Wed, 27 Mar 2024 17:44:47 +0800
Subject: x86/speculation: Support intra-function call validation
To: bp@xxxxxxxxx, mingo@xxxxxxxxxx, tglx@xxxxxxxxxxxxx, hpa@xxxxxxxxx, jpoimboe@xxxxxxxxxx, peterz@xxxxxxxxxxxxx, mbenes@xxxxxxx, gregkh@xxxxxxxxxxxxxxxxxxx, stable@xxxxxxxxxxxxxxx, alexandre.chartre@xxxxxxxxxx
Cc: x86@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, sashal@xxxxxxxxxx, Rui Qi <qirui.001@xxxxxxxxxxxxx>
Message-ID: <20240327094447.47375-4-qirui.001@xxxxxxxxxxxxx>
From: Rui Qi <qirui.001@xxxxxxxxxxxxx>
commit 8afd1c7da2b0 ("x86/speculation: Change FILL_RETURN_BUFFER
to work with objtool") does not support intra-function call
stack validation, which causes kernel live patching to fail.
This commit adds support for this, and after testing, the kernel
live patching feature is restored to normal.
Fixes: 8afd1c7da2b0 ("x86/speculation: Change FILL_RETURN_BUFFER to work with objtool")
Cc: <stable@xxxxxxxxxxxxxxx> # v5.4.250+
Signed-off-by: Rui Qi <qirui.001@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
arch/x86/include/asm/nospec-branch.h | 7 +++++++
arch/x86/include/asm/unwind_hints.h | 2 +-
2 files changed, 8 insertions(+), 1 deletion(-)
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -13,6 +13,8 @@
#include <asm/unwind_hints.h>
#include <asm/percpu.h>
+#include <linux/frame.h>
+#include <asm/unwind_hints.h>
/*
* This should be used immediately before a retpoline alternative. It tells
* objtool where the retpolines are so that it can make sense of the control
@@ -51,14 +53,18 @@
#define __FILL_RETURN_BUFFER(reg, nr, sp) \
mov $(nr/2), reg; \
771: \
+ ANNOTATE_INTRA_FUNCTION_CALL; \
call 772f; \
773: /* speculation trap */ \
+ UNWIND_HINT_EMPTY; \
pause; \
lfence; \
jmp 773b; \
772: \
+ ANNOTATE_INTRA_FUNCTION_CALL; \
call 774f; \
775: /* speculation trap */ \
+ UNWIND_HINT_EMPTY; \
pause; \
lfence; \
jmp 775b; \
@@ -152,6 +158,7 @@
.endm
.macro ISSUE_UNBALANCED_RET_GUARD
+ ANNOTATE_INTRA_FUNCTION_CALL;
call .Lunbalanced_ret_guard_\@
int3
.Lunbalanced_ret_guard_\@:
--- a/arch/x86/include/asm/unwind_hints.h
+++ b/arch/x86/include/asm/unwind_hints.h
@@ -101,7 +101,7 @@
".popsection\n\t"
#define UNWIND_HINT_SAVE UNWIND_HINT(0, 0, UNWIND_HINT_TYPE_SAVE, 0)
-
+#define UNWIND_HINT_EMPTY
#define UNWIND_HINT_RESTORE UNWIND_HINT(0, 0, UNWIND_HINT_TYPE_RESTORE, 0)
#endif /* __ASSEMBLY__ */
Patches currently in stable-queue which might be from qirui.001@xxxxxxxxxxxxx are
queue-5.4/x86-speculation-support-intra-function-call-validation.patch
queue-5.4/objtool-add-support-for-intra-function-calls.patch
queue-5.4/objtool-is_fentry_call-crashes-if-call-has-no-destination.patch
