From: Peter Zijlstra <peterz@infradead.org>
To: x86@kernel.org, joao@overdrivepizza.com, hjl.tools@gmail.com,
jpoimboe@redhat.com, andrew.cooper3@citrix.com
Cc: linux-kernel@vger.kernel.org, peterz@infradead.org,
ndesaulniers@google.com, keescook@chromium.org,
samitolvanen@google.com, mark.rutland@arm.com,
alyssa.milburn@intel.com, mbenes@suse.cz, rostedt@goodmis.org,
mhiramat@kernel.org, alexei.starovoitov@gmail.com
Subject: [PATCH v3 37/39] objtool: Optionally WARN about unused ANNOTATE_NOENDBR
Date: Thu, 03 Mar 2022 12:23:58 +0100 [thread overview]
Message-ID: <20220303112827.210703687@infradead.org> (raw)
In-Reply-To: 20220303112321.422525803@infradead.org
Separate option because this option is somewhat prone to false
positives since a bunch of symbols/annotations are not correctly
#ifdef'ed, presumably to avoid clutter.
Can be manually ran on allmodconfig builds using OBJTOOL_ARGS.
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
---
tools/objtool/builtin-check.c | 3 +-
tools/objtool/check.c | 45 +++++++++++++++++++++++++++++---
tools/objtool/include/objtool/builtin.h | 2 -
tools/objtool/include/objtool/check.h | 3 +-
4 files changed, 46 insertions(+), 7 deletions(-)
--- a/tools/objtool/builtin-check.c
+++ b/tools/objtool/builtin-check.c
@@ -21,7 +21,7 @@
bool no_fp, no_unreachable, retpoline, module, backtrace, uaccess, stats,
lto, vmlinux, mcount, noinstr, backup, sls, dryrun,
- ibt;
+ ibt, ibt_warn;
static const char * const check_usage[] = {
"objtool check [<options>] file.o",
@@ -49,6 +49,7 @@ const struct option check_options[] = {
OPT_BOOLEAN('S', "sls", &sls, "validate straight-line-speculation"),
OPT_BOOLEAN(0, "dry-run", &dryrun, "don't write the modifications"),
OPT_BOOLEAN(0, "ibt", &ibt, "validate ENDBR placement"),
+ OPT_BOOLEAN(0, "ibt-warn", &ibt_warn, "warn about unused ANNOTATE_ENDBR"),
OPT_END(),
};
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -1814,6 +1814,19 @@ static void set_func_state(struct cfi_st
state->stack_size = initial_func_cfi.cfa.offset;
}
+static bool insn_is_endbr(struct instruction *insn)
+{
+ if (insn->type == INSN_ENDBR)
+ return true;
+
+ if (insn->noendbr) {
+ insn->noendbr_hit = 1;
+ return true;
+ }
+
+ return false;
+}
+
static int read_unwind_hints(struct objtool_file *file)
{
struct cfi_state cfi = init_cfi;
@@ -1860,8 +1873,7 @@ static int read_unwind_hints(struct objt
if (ibt && hint->type == UNWIND_HINT_TYPE_REGS_PARTIAL) {
struct symbol *sym = find_symbol_by_offset(insn->sec, insn->offset);
- if (sym && sym->bind == STB_GLOBAL &&
- insn->type != INSN_ENDBR && !insn->noendbr) {
+ if (sym && sym->bind == STB_GLOBAL && !insn_is_endbr(insn)) {
WARN_FUNC("UNWIND_HINT_IRET_REGS without ENDBR",
insn->sec, insn->offset);
}
@@ -3146,7 +3158,7 @@ static void validate_ibt_dest(struct obj
return;
}
- if (dest->noendbr)
+ if (insn_is_endbr(dest))
return;
warn_noendbr("", insn->sec, insn->offset, dest);
@@ -3687,7 +3699,7 @@ static int validate_ibt(struct objtool_f
struct instruction *dest;
dest = validate_ibt_reloc(file, reloc);
- if (is_data && dest && !dest->noendbr) {
+ if (is_data && dest && !insn_is_endbr(dest)) {
warn_noendbr("data ", reloc->sym->sec,
reloc->sym->offset + reloc->addend,
dest);
@@ -3695,6 +3707,31 @@ static int validate_ibt(struct objtool_f
}
}
+ if (ibt_warn) {
+ struct symbol *hypercall_page = find_symbol_by_name(file->elf, "hypercall_page");
+ struct instruction *insn;
+
+ for_each_insn(file, insn) {
+ if (!insn->noendbr || insn->noendbr_hit)
+ continue;
+
+ if (hypercall_page) {
+ /*
+ * The Xen hypercall page contains many
+ * hypercalls (and unused slots) that are never
+ * indirectly called. Still every slot has an
+ * annotation. Suppress complaints.
+ */
+ if (insn->sec == hypercall_page->sec &&
+ insn->offset >= hypercall_page->offset &&
+ insn->offset < hypercall_page->offset + hypercall_page->len)
+ continue;
+ }
+
+ WARN_FUNC("unused ANNOTATE_NOENDBR", insn->sec, insn->offset);
+ }
+ }
+
return 0;
}
--- a/tools/objtool/include/objtool/builtin.h
+++ b/tools/objtool/include/objtool/builtin.h
@@ -10,7 +10,7 @@
extern const struct option check_options[];
extern bool no_fp, no_unreachable, retpoline, module, backtrace, uaccess, stats,
lto, vmlinux, mcount, noinstr, backup, sls, dryrun,
- ibt;
+ ibt, ibt_warn;
extern int cmd_parse_options(int argc, const char **argv, const char * const usage[]);
--- a/tools/objtool/include/objtool/check.h
+++ b/tools/objtool/include/objtool/check.h
@@ -51,7 +51,8 @@ struct instruction {
ignore_alts : 1,
hint : 1,
retpoline_safe : 1,
- noendbr : 1;
+ noendbr : 1,
+ noendbr_hit : 1;
/* 2 bit hole */
s8 instr;
u8 visited;
next prev parent reply other threads:[~2022-03-03 11:33 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-03 11:23 [PATCH v3 00/39] x86: Kernel IBT Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 01/39] static_call: Avoid building empty .static_call_sites Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 02/39] x86/module: Fix the paravirt vs alternative order Peter Zijlstra
2022-03-08 13:58 ` [tip: x86/urgent] " tip-bot2 for Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 03/39] objtool: Add --dry-run Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 04/39] x86/ibt: Base IBT bits Peter Zijlstra
2022-03-07 11:17 ` Peter Zijlstra
2022-03-07 12:25 ` Joao Moreira
2022-03-07 18:19 ` Nick Desaulniers
2022-03-03 11:23 ` [PATCH v3 05/39] x86/ibt: Add ANNOTATE_NOENDBR Peter Zijlstra
2022-03-04 18:59 ` Josh Poimboeuf
2022-03-04 20:22 ` Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 06/39] x86/text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 07/39] x86/ibt,paravirt: Use text_gen_insn() for paravirt_patch() Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 08/39] x86/entry: Cleanup PARAVIRT Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 09/39] x86/entry,xen: Early rewrite of restore_regs_and_return_to_kernel() Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 10/39] x86/ibt,xen: Sprinkle the ENDBR Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 11/39] x86/ibt,entry: Sprinkle ENDBR dust Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 12/39] x86/linkage: Add ENDBR to SYM_FUNC_START*() Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 13/39] x86/ibt,paravirt: Sprinkle ENDBR Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 14/39] x86/ibt,crypto: Add ENDBR for the jump-table entries Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 15/39] x86/ibt,kvm: Add ENDBR to fastops Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 16/39] x86/ibt,ftrace: Search for __fentry__ location Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 17/39] x86/livepatch: Validate " Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 18/39] x86/ibt,ftrace: Make function-graph play nice Peter Zijlstra
2022-03-04 17:51 ` Josh Poimboeuf
2022-03-04 19:48 ` Peter Zijlstra
2022-03-04 21:03 ` Josh Poimboeuf
2022-03-04 21:44 ` Peter Zijlstra
2022-03-04 22:05 ` Josh Poimboeuf
2022-03-04 23:08 ` David Laight
2022-03-03 11:23 ` [PATCH v3 19/39] x86/ibt,kprobes: Cure sym+0 equals fentry woes Peter Zijlstra
2022-03-07 9:44 ` Masami Hiramatsu
2022-03-03 11:23 ` [PATCH v3 20/39] x86/ibt,bpf: Add ENDBR instructions to prologue and trampoline Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 21/39] x86/ibt,ftrace: Add ENDBR to samples/ftrace Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 22/39] x86/ibt: Add IBT feature, MSR and #CP handling Peter Zijlstra
2022-03-04 17:57 ` Josh Poimboeuf
2022-03-04 20:38 ` Peter Zijlstra
2022-03-04 18:07 ` Josh Poimboeuf
2022-03-04 20:39 ` Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 23/39] x86/alternative: Simplify int3_selftest_ip Peter Zijlstra
2022-03-04 18:02 ` Josh Poimboeuf
2022-03-04 18:09 ` Josh Poimboeuf
2022-03-03 11:23 ` [PATCH v3 24/39] x86/ibt: Disable IBT around firmware Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 25/39] x86/bugs: Disable Retpoline when IBT Peter Zijlstra
2022-03-04 17:39 ` Josh Poimboeuf
2022-03-03 11:23 ` [PATCH v3 26/39] x86/ibt: Annotate text references Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 27/39] x86/ibt,ftrace: Annotate ftrace code patching Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 28/39] x86/ibt,sev: Annotations Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 29/39] x86/ibt: Dont generate ENDBR in .discard.text Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 30/39] x86/ibt: Ensure module init/exit points have references Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 31/39] objtool: Rename --duplicate to --lto Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 32/39] Kbuild: Allow whole module objtool runs Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 33/39] objtool: Read the NOENDBR annotation Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 34/39] objtool: Have WARN_FUNC fall back to sym+off Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 35/39] objtool: Add IBT/ENDBR decoding Peter Zijlstra
2022-03-03 11:23 ` [PATCH v3 36/39] objtool: Validate IBT assumptions Peter Zijlstra
2022-03-03 11:23 ` Peter Zijlstra [this message]
2022-03-04 18:27 ` [PATCH v3 37/39] objtool: Optionally WARN about unused ANNOTATE_NOENDBR Josh Poimboeuf
2022-03-03 11:23 ` [PATCH v3 38/39] objtool: Find unused ENDBR instructions Peter Zijlstra
2022-03-03 11:24 ` [PATCH v3 39/39] x86/alternative: Use .ibt_endbr_seal to seal indirect calls Peter Zijlstra
2022-03-04 19:09 ` [PATCH v3 00/39] x86: Kernel IBT Josh Poimboeuf
2022-03-04 20:22 ` Peter Zijlstra
2022-03-04 21:39 ` Peter Zijlstra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220303112827.210703687@infradead.org \
--to=peterz@infradead.org \
--cc=alexei.starovoitov@gmail.com \
--cc=alyssa.milburn@intel.com \
--cc=andrew.cooper3@citrix.com \
--cc=hjl.tools@gmail.com \
--cc=joao@overdrivepizza.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=mbenes@suse.cz \
--cc=mhiramat@kernel.org \
--cc=ndesaulniers@google.com \
--cc=rostedt@goodmis.org \
--cc=samitolvanen@google.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.