From patchwork Wed Jul 5 08:15:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Pavlu X-Patchwork-Id: 13301832 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BE050EB64DA for ; Wed, 5 Jul 2023 08:16:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232468AbjGEIQW (ORCPT ); Wed, 5 Jul 2023 04:16:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42420 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232462AbjGEIQV (ORCPT ); Wed, 5 Jul 2023 04:16:21 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8ABD71713; Wed, 5 Jul 2023 01:16:20 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id E347A1F889; Wed, 5 Jul 2023 08:16:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1688544978; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0hOZkiaa9JnI0suGAuM3VsHzueMi03hVGM0FgOVv79Y=; b=nM+FWWBATWfL2hWk4s7nl9bgt0kePDEsoiGbUXhKk9CFM/eYKnBdKBrs8aSKPQ9Xyo5pG5 YZ/zhzhVo7AHSK8+LgsO1KivA2aD2aoGDx1nExx8RhdsqnXNmiX0qmEfXxLCqUywVQrQYc 9/mzjKLIWsGmO6ITFENaPw/5Kou4Pbo= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id AF7BC13460; Wed, 5 Jul 2023 08:16:18 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id 2CIcKtImpWRkRwAAMHmgww (envelope-from ); Wed, 05 Jul 2023 08:16:18 +0000 From: Petr Pavlu To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, hpa@zytor.com, mhiramat@kernel.org Cc: peterz@infradead.org, samitolvanen@google.com, x86@kernel.org, linux-trace-kernel@vger.kernel.org, linux-kernel@vger.kernel.org, Petr Pavlu Subject: [PATCH 2/2] x86/retpoline,kprobes: Avoid treating rethunk as an indirect jump Date: Wed, 5 Jul 2023 10:15:47 +0200 Message-Id: <20230705081547.25130-3-petr.pavlu@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20230705081547.25130-1-petr.pavlu@suse.com> References: <20230705081547.25130-1-petr.pavlu@suse.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-trace-kernel@vger.kernel.org Functions can_optimize() and insn_is_indirect_jump() consider jumps to the range [__indirect_thunk_start, __indirect_thunk_end] as indirect jumps and prevent use of optprobes in functions containing them. Linker script arch/x86/kernel/vmlinux.lds.S places into this range also the special section .text.__x86.return_thunk which contains the return thunk. It causes that machines which use the return thunk as a mitigation and don't have it patched by any alternative then end up not being able to use optprobes in any regular function. The return thunk doesn't need to be treated as an indirect jump from the perspective of insn_is_indirect_jump(). It returns to a caller and cannot land into an optprobe jump operand which is the purpose of the insn_is_indirect_jump() check. Fix the problem by defining the symbols __indirect_thunk_start and __indirect_thunk_end directly in arch/x86/lib/retpoline.S. This is possible because commit 9bc0bb50727c ("objtool/x86: Rewrite retpoline thunk calls") made all indirect thunks present in a single section. Fixes: 0b53c374b9ef ("x86/retpoline: Use -mfunction-return") Signed-off-by: Petr Pavlu --- arch/x86/kernel/vmlinux.lds.S | 2 -- arch/x86/lib/retpoline.S | 4 ++++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index a4cd04c458df..dd5b0a68cf84 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -133,9 +133,7 @@ SECTIONS KPROBES_TEXT SOFTIRQENTRY_TEXT #ifdef CONFIG_RETPOLINE - __indirect_thunk_start = .; *(.text..__x86.*) - __indirect_thunk_end = .; #endif STATIC_CALL_TEXT diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 3bea96341d00..f45a3e7f776f 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -14,6 +14,7 @@ .section .text..__x86.indirect_thunk +SYM_ENTRY(__indirect_thunk_start, SYM_L_GLOBAL, SYM_A_NONE) .macro POLINE reg ANNOTATE_INTRA_FUNCTION_CALL @@ -125,6 +126,9 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array) #include #undef GEN #endif + +SYM_ENTRY(__indirect_thunk_end, SYM_L_GLOBAL, SYM_A_NONE) + /* * This function name is magical and is used by -mfunction-return=thunk-extern * for the compiler to generate JMPs to it.