[10/11] x86/nospec: JMP_NOSPEC

Message ID	20231204093732.436930429@infradead.org (mailing list archive)
State	New, archived
Headers	show Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="GI9fusMq" Message-Id: <20231204093732.436930429@infradead.org> User-Agent: quilt/0.65 Date: Mon, 04 Dec 2023 10:37:12 +0100 From: Peter Zijlstra <peterz@infradead.org> To: Sean Christopherson <seanjc@google.com>, Paolo Bonzini <pbonzini@redhat.com>, Josh Poimboeuf <jpoimboe@redhat.com>, Thomas Gleixner <tglx@linutronix.de> Cc: linux-kernel@vger.kernel.org, peterz@infradead.org, x86@kernel.org, kvm@vger.kernel.org Subject: [PATCH 10/11] x86/nospec: JMP_NOSPEC References: <20231204093702.989848513@infradead.org> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8
Series	x86/kvm/emulate: Avoid RET for FASTOPs \| expand [00/11] x86/kvm/emulate: Avoid RET for FASTOPs [01/11] objtool: Generic annotation infrastructure [02/11] objtool: Convert ANNOTATE_NOENDBR to ANNOTATE [03/11] objtool: Convert ANNOTATE_RETPOLINE_SAFE to ANNOTATE [04/11] objtool: Convert instrumentation_{begin,end}() to ANNOTATE [05/11] objtool: Convert VALIDATE_UNRET_BEGIN to ANNOTATE [06/11] objtool: Convert ANNOTATE_IGNORE_ALTERNATIVE to ANNOTATE [07/11] objtool: Convert ANNOTATE_INTRA_FUNCTION_CALLS to ANNOTATE [08/11] objtool: Collapse annotate sequences [09/11] x86/kvm/emulate: Implement test_cc() in C [10/11] x86/nospec: JMP_NOSPEC [11/11] x86/kvm/emulate: Avoid RET for fastops

Message ID

20231204093732.436930429@infradead.org (mailing list archive)

State

New, archived

Headers

Message-Id: <20231204093732.436930429@infradead.org>
User-Agent: quilt/0.65
Date: Mon, 04 Dec 2023 10:37:12 +0100
From: Peter Zijlstra <peterz@infradead.org>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>,
 Josh Poimboeuf <jpoimboe@redhat.com>,
 Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org,
 peterz@infradead.org,
 x86@kernel.org,
 kvm@vger.kernel.org
Subject: [PATCH 10/11] x86/nospec: JMP_NOSPEC
References: <20231204093702.989848513@infradead.org>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8

Series

x86/kvm/emulate: Avoid RET for FASTOPs | expand

Commit Message

Peter Zijlstra Dec. 4, 2023, 9:37 a.m. UTC

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
---
 arch/x86/include/asm/nospec-branch.h |   32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -403,6 +403,17 @@  static inline void call_depth_return_thu
 	"call *%[thunk_target]\n",				\
 	X86_FEATURE_RETPOLINE_LFENCE)
 
+# define JMP_NOSPEC						\
+	ALTERNATIVE_2(						\
+	ANNOTATE_RETPOLINE_SAFE					\
+	"jmp *%[thunk_target]\n",				\
+	"jmp __x86_indirect_thunk_%V[thunk_target]\n",		\
+	X86_FEATURE_RETPOLINE,					\
+	"lfence;\n"						\
+	ANNOTATE_RETPOLINE_SAFE					\
+	"jmp *%[thunk_target]\n",				\
+	X86_FEATURE_RETPOLINE_LFENCE)
+
 # define THUNK_TARGET(addr) [thunk_target] "r" (addr)
 
 #else /* CONFIG_X86_32 */
@@ -433,10 +444,31 @@  static inline void call_depth_return_thu
 	"call *%[thunk_target]\n",				\
 	X86_FEATURE_RETPOLINE_LFENCE)
 
+# define JMP_NOSPEC						\
+	ALTERNATIVE_2(						\
+	ANNOTATE_RETPOLINE_SAFE					\
+	"jmp *%[thunk_target]\n",				\
+	"       jmp    901f;\n"					\
+	"       .align 16\n"					\
+	"901:	call   903f;\n"					\
+	"902:	pause;\n"					\
+	"    	lfence;\n"					\
+	"       jmp    902b;\n"					\
+	"       .align 16\n"					\
+	"903:	lea    4(%%esp), %%esp;\n"			\
+	"       pushl  %[thunk_target];\n"			\
+	"       ret;\n"						\
+	X86_FEATURE_RETPOLINE,					\
+	"lfence;\n"						\
+	ANNOTATE_RETPOLINE_SAFE					\
+	"jmp *%[thunk_target]\n",				\
+	X86_FEATURE_RETPOLINE_LFENCE)
+
 # define THUNK_TARGET(addr) [thunk_target] "rm" (addr)
 #endif
 #else /* No retpoline for C / inline asm */
 # define CALL_NOSPEC "call *%[thunk_target]\n"
+# define JMP_NOSPEC "jmp *%[thunk_target]\n"
 # define THUNK_TARGET(addr) [thunk_target] "rm" (addr)
 #endif

[10/11] x86/nospec: JMP_NOSPEC

Commit Message

Patch