From: Peter Zijlstra <peterz@infradead.org>
To: Josh Poimboeuf <jpoimboe@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>,
David Kaplan <david.kaplan@amd.com>,
x86@kernel.org, luto@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/3] Revert "x86/retpoline: Remove .text..__x86.return_thunk section"
Date: Wed, 11 Oct 2023 09:41:42 +0200 [thread overview]
Message-ID: <20231011074142.GK14330@noisy.programming.kicks-ass.net> (raw)
In-Reply-To: <20231010212254.ypk2wdogno55shit@treble>
On Tue, Oct 10, 2023 at 02:22:54PM -0700, Josh Poimboeuf wrote:
> From: Josh Poimboeuf <jpoimboe@kernel.org>
> Subject: [PATCH] objtool: Fix return thunk patching in retpolines
>
> With CONFIG_RETHUNK enabled, the compiler replaces every RET with a tail
> call to a return thunk ('JMP __x86_return_thunk'). Objtool annotates
> all such return sites so they can be patched during boot by
> apply_returns().
>
> The implementation of __x86_return_thunk() is just a bare RET. It's
> only meant to be used temporarily until apply_returns() patches all
> return sites with either a JMP to another return thunk or an actual RET.
>
> The following commit
>
> e92626af3234 ("x86/retpoline: Remove .text..__x86.return_thunk section") retpolines
>
> broke objtool's detection of return sites in retpolines. Since
> retpolines and return thunks are now in the same section, the compiler
> no longer uses relocations for the intra-section jumps between the
> retpolines and the return thunk, causing objtool to overlook them.
>
> As a result, none of the retpolines' return sites get patched. Each one
> stays at 'JMP __x86_return_thunk', effectively a bare RET.
>
> Fix it by teaching objtool to detect when a non-relocated jump target is
> a return thunk.
>
> Fixes: e92626af3234 ("x86/retpoline: Remove .text..__x86.return_thunk section")
> Reported-by: David Kaplan <david.kaplan@amd.com>
> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
> ---
> tools/objtool/check.c | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/tools/objtool/check.c b/tools/objtool/check.c
> index e308d1ba664e..556469db4239 100644
> --- a/tools/objtool/check.c
> +++ b/tools/objtool/check.c
> @@ -1610,6 +1610,15 @@ static int add_jump_destinations(struct objtool_file *file)
> return -1;
> }
>
> + /*
> + * Since retpolines are in the same section as the return
> + * thunk, they might not use a relocation when branching to it.
> + */
> + if (jump_dest->sym && jump_dest->sym->return_thunk) {
> + add_return_call(file, insn, true);
> + continue;
> + }
*urgh*... I mean, yes, that obviously works, but should we not also have
the retpoline thingy for consistency? That case makes less sense though
:/
Perhaps warn about this instead of fixing it? Forcing people to play the
section game?
I dunno.. no real strong opinions.
next prev parent reply other threads:[~2023-10-11 7:41 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-10 17:10 [PATCH 0/3] Ensure default return thunk isn't used at runtime David Kaplan
2023-10-10 17:10 ` [PATCH 1/3] Revert "x86/retpoline: Remove .text..__x86.return_thunk section" David Kaplan
2023-10-10 17:48 ` Peter Zijlstra
2023-10-10 19:57 ` Josh Poimboeuf
2023-10-10 20:04 ` Borislav Petkov
2023-10-10 20:19 ` Josh Poimboeuf
2023-10-10 20:40 ` Kaplan, David
2023-10-10 21:22 ` Josh Poimboeuf
2023-10-11 7:41 ` Peter Zijlstra [this message]
2023-10-11 9:34 ` Borislav Petkov
2023-10-11 16:28 ` Josh Poimboeuf
2023-10-11 22:35 ` Peter Zijlstra
2023-10-11 22:42 ` Ingo Molnar
2023-10-12 2:27 ` Josh Poimboeuf
2023-10-12 2:47 ` [PATCH v2] objtool: Fix return thunk patching in retpolines Josh Poimboeuf
2023-10-12 6:25 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-10-12 8:16 ` [PATCH v2] " Peter Zijlstra
2023-10-12 17:50 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-10-20 11:37 ` tip-bot2 for Josh Poimboeuf
2023-10-12 8:16 ` [PATCH 1/3] Revert "x86/retpoline: Remove .text..__x86.return_thunk section" Peter Zijlstra
2023-10-10 17:10 ` [PATCH 2/3] x86/vdso: Run objtool on vdso32-setup David Kaplan
2023-10-12 17:50 ` [tip: x86/bugs] x86/vdso: Run objtool on vdso32-setup.o tip-bot2 for David Kaplan
2023-10-20 11:37 ` tip-bot2 for David Kaplan
2023-10-10 17:10 ` [PATCH 3/3] x86/retpoline: Ensure default return thunk isn't used at runtime David Kaplan
2023-10-10 19:36 ` Josh Poimboeuf
2023-10-10 20:14 ` Kaplan, David
2023-10-10 20:41 ` Josh Poimboeuf
2023-10-12 14:10 ` [PATCH -v2] " Borislav Petkov
2023-10-12 17:11 ` Josh Poimboeuf
2023-10-12 17:50 ` [tip: x86/bugs] " tip-bot2 for David Kaplan
2023-10-16 21:10 ` Nathan Chancellor
2023-10-16 21:29 ` Borislav Petkov
2023-10-16 21:48 ` Nathan Chancellor
2023-10-17 4:31 ` Kaplan, David
2023-10-17 5:28 ` Josh Poimboeuf
2023-10-17 13:54 ` Kaplan, David
2023-10-17 15:24 ` Nick Desaulniers
2023-10-17 15:26 ` Marco Elver
2023-10-17 15:32 ` Nathan Chancellor
2023-10-17 16:59 ` [PATCH] x86/srso: Fix panic in return thunk during boot Josh Poimboeuf
2023-10-17 17:52 ` [tip: x86/bugs] x86/retpoline: Make sure there are no unconverted return thunks due to KCSAN tip-bot2 for Josh Poimboeuf
2023-10-20 11:37 ` tip-bot2 for Josh Poimboeuf
2023-10-18 13:23 ` [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime Borislav Petkov
2023-10-18 13:38 ` Ingo Molnar
2023-10-18 15:12 ` Borislav Petkov
2023-10-18 15:54 ` Josh Poimboeuf
2023-10-18 17:55 ` Borislav Petkov
2023-10-18 18:14 ` Josh Poimboeuf
2023-10-18 18:22 ` Borislav Petkov
2023-10-18 18:39 ` Josh Poimboeuf
2023-10-18 18:44 ` Borislav Petkov
2023-10-18 19:14 ` Josh Poimboeuf
2023-10-18 20:04 ` Borislav Petkov
2023-10-18 20:37 ` Borislav Petkov
2023-10-19 6:35 ` Josh Poimboeuf
2023-10-19 6:59 ` Josh Poimboeuf
2023-10-19 14:15 ` Borislav Petkov
2023-10-19 14:21 ` Kaplan, David
2023-10-19 14:39 ` Borislav Petkov
2023-10-19 15:20 ` Josh Poimboeuf
2023-10-24 20:19 ` Borislav Petkov
2024-01-03 18:46 ` Borislav Petkov
2024-01-04 13:12 ` Borislav Petkov
2024-01-04 13:24 ` [PATCH -v2] " Borislav Petkov
2024-01-04 13:26 ` Borislav Petkov
2024-02-07 17:50 ` Josh Poimboeuf
2024-02-07 18:53 ` Borislav Petkov
2024-02-07 19:49 ` Josh Poimboeuf
2024-02-12 10:43 ` Borislav Petkov
2024-04-03 17:10 ` Klara Modin
2024-04-03 17:30 ` Borislav Petkov
2024-04-03 20:26 ` Klara Modin
2024-04-03 20:41 ` Borislav Petkov
2024-04-03 22:25 ` Klara Modin
2024-04-04 14:44 ` Borislav Petkov
2024-04-16 9:27 ` Borislav Petkov
2024-04-17 3:59 ` Klara Modin
2024-04-17 16:20 ` [tip: x86/urgent] x86/retpolines: Enable the default thunk warning only on relevant configs tip-bot2 for Borislav Petkov (AMD)
2023-10-19 7:43 ` [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime Peter Zijlstra
2023-10-19 9:40 ` [tip: x86/bugs] Revert "x86/retpoline: Remove .text..__x86.return_thunk section" tip-bot2 for Borislav Petkov (AMD)
2023-10-19 9:40 ` [tip: x86/bugs] Revert "x86/retpoline: Ensure default return thunk isn't used at runtime" tip-bot2 for Borislav Petkov (AMD)
2024-10-04 19:37 ` Peter Zijlstra
2024-02-12 14:13 ` [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime tip-bot2 for Josh Poimboeuf
2024-02-15 3:20 ` Nathan Chancellor
2024-02-15 8:30 ` Nikolay Borisov
2024-02-15 15:53 ` Borislav Petkov
2024-02-16 5:42 ` Josh Poimboeuf
2024-02-16 21:27 ` Borislav Petkov
2024-02-20 5:57 ` [PATCH] x86/vdso: Fix rethunk patching for vdso-image-{32,64}.o Josh Poimboeuf
2024-02-20 12:31 ` [tip: x86/core] " tip-bot2 for Josh Poimboeuf
2023-10-10 17:52 ` [PATCH 0/3] Ensure default return thunk isn't used at runtime Peter Zijlstra
2023-10-20 11:28 ` Subject: [PATCH] x86/retpoline: Document some thunk handling aspects (was: Re: [PATCH 0/3] Ensure default return thunk isn't used at runtime) Borislav Petkov
2023-10-20 11:37 ` [tip: x86/bugs] x86/retpoline: Document some thunk handling aspects tip-bot2 for Borislav Petkov (AMD)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231011074142.GK14330@noisy.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=bp@alien8.de \
--cc=david.kaplan@amd.com \
--cc=jpoimboe@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.