From: Sean Christopherson <seanjc@google.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Josh Poimboeuf <jpoimboe@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
x86@kernel.org, kys@microsoft.com, haiyangz@microsoft.com,
wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de,
mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com,
pbonzini@redhat.com, ardb@kernel.org, kees@kernel.org,
Arnd Bergmann <arnd@arndb.de>,
gregkh@linuxfoundation.org, linux-hyperv@vger.kernel.org,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
linux-efi@vger.kernel.org, samitolvanen@google.com,
ojeda@kernel.org, xin@zytor.com
Subject: Re: [PATCH v2 00/13] objtool: Detect and warn about indirect calls in __nocfi functions
Date: Fri, 6 Jun 2025 06:15:19 -0700 [thread overview]
Message-ID: <aELptV62mbTC3YA9@google.com> (raw)
In-Reply-To: <20250606104945.GY39944@noisy.programming.kicks-ass.net>
On Fri, Jun 06, 2025, Peter Zijlstra wrote:
> On Thu, Jun 05, 2025 at 10:19:41AM -0700, Josh Poimboeuf wrote:
> > diff --git a/arch/x86/entry/entry_64_fred.S b/arch/x86/entry/entry_64_fred.S
> > index 29c5c32c16c3..5d1eef193b79 100644
> > --- a/arch/x86/entry/entry_64_fred.S
> > +++ b/arch/x86/entry/entry_64_fred.S
> > @@ -112,11 +112,12 @@ SYM_FUNC_START(asm_fred_entry_from_kvm)
> > push %rax /* Return RIP */
> > push $0 /* Error code, 0 for IRQ/NMI */
> >
> > - PUSH_AND_CLEAR_REGS clear_bp=0 unwind_hint=0
> > + PUSH_AND_CLEAR_REGS clear_callee=0 unwind_hint=0
> > movq %rsp, %rdi /* %rdi -> pt_regs */
> > call __fred_entry_from_kvm /* Call the C entry point */
> > - POP_REGS
> > - ERETS
> > + addq $C_PTREGS_SIZE, %rsp
> > +
> > + ALTERNATIVE "mov %rbp, %rsp", __stringify(ERETS), X86_FEATURE_FRED
>
> So... I was wondering.. do we actually ever need the ERETS?
Yes, to unblock NMIs, because NMIs are blocked on VM-Exit due to NMI.
The !X86_FEATURE_FRED path can use RET (instead of IRET) because NMIs are routed
through vmx_do_nmi_irqoff(), as proposed in this version[*], after you pointed out
that the FRED entry doesn't have the legacy NMI madness.
[*] https://lore.kernel.org/all/aBUiwLV4ZY2HdRbz@google.com
next prev parent reply other threads:[~2025-06-06 13:15 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-30 11:07 [PATCH v2 00/13] objtool: Detect and warn about indirect calls in __nocfi functions Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 01/13] x86/kvm/emulate: Implement test_cc() in C Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 02/13] x86/kvm/emulate: Introduce COP1 Peter Zijlstra
2025-04-30 16:19 ` Josh Poimboeuf
2025-04-30 19:05 ` Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 03/13] x86/kvm/emulate: Introduce COP2 Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 04/13] x86/kvm/emulate: Introduce COP2R Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 05/13] x86/kvm/emulate: Introduce COP2W Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 06/13] x86/kvm/emulate: Introduce COP2CL Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 07/13] x86/kvm/emulate: Introduce COP1SRC2 Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 08/13] x86/kvm/emulate: Introduce COP3WCL Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 09/13] x86/kvm/emulate: Convert em_salc() to C Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 10/13] x86/kvm/emulate: Remove fastops Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 11/13] x86,hyperv: Clean up hv_do_hypercall() Peter Zijlstra
2025-05-01 2:36 ` Michael Kelley
2025-04-30 11:07 ` [PATCH v2 12/13] x86_64,hyperv: Use direct call to hypercall-page Peter Zijlstra
2025-05-01 2:36 ` Michael Kelley
2025-05-01 8:59 ` Peter Zijlstra
2025-04-30 11:07 ` [PATCH v2 13/13] objtool: Validate kCFI calls Peter Zijlstra
2025-04-30 15:59 ` Josh Poimboeuf
2025-04-30 19:03 ` Peter Zijlstra
2025-05-01 15:56 ` Peter Zijlstra
2025-04-30 14:24 ` [PATCH v2 00/13] objtool: Detect and warn about indirect calls in __nocfi functions H. Peter Anvin
2025-04-30 19:06 ` Peter Zijlstra
2025-05-01 10:30 ` Peter Zijlstra
2025-05-01 15:38 ` Peter Zijlstra
2025-05-01 18:30 ` Sean Christopherson
2025-05-01 18:42 ` H. Peter Anvin
2025-05-01 18:59 ` Sean Christopherson
2025-05-02 6:12 ` Xin Li
2025-05-02 5:46 ` Xin Li
2025-05-02 5:48 ` Xin Li
2025-05-02 19:43 ` H. Peter Anvin
2025-05-02 8:40 ` Peter Zijlstra
2025-05-02 19:53 ` Sean Christopherson
2025-05-03 9:50 ` Peter Zijlstra
2025-05-03 18:28 ` Josh Poimboeuf
2025-05-06 7:31 ` Peter Zijlstra
2025-05-06 13:32 ` Peter Zijlstra
2025-05-06 19:18 ` Josh Poimboeuf
2025-05-28 7:44 ` Peter Zijlstra
2025-05-28 16:30 ` Peter Zijlstra
2025-05-28 16:35 ` Peter Zijlstra
2025-05-29 9:30 ` Peter Zijlstra
2025-06-03 5:43 ` Josh Poimboeuf
2025-06-03 16:29 ` Josh Poimboeuf
2025-06-05 17:19 ` Josh Poimboeuf
2025-06-06 10:49 ` Peter Zijlstra
2025-06-06 13:15 ` Sean Christopherson [this message]
2025-06-06 13:20 ` Peter Zijlstra
2025-05-01 18:33 ` Paolo Bonzini
2025-05-02 11:08 ` Peter Zijlstra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aELptV62mbTC3YA9@google.com \
--to=seanjc@google.com \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=decui@microsoft.com \
--cc=gregkh@linuxfoundation.org \
--cc=haiyangz@microsoft.com \
--cc=hpa@zytor.com \
--cc=jpoimboe@kernel.org \
--cc=kees@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=kys@microsoft.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=ojeda@kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=samitolvanen@google.com \
--cc=tglx@linutronix.de \
--cc=wei.liu@kernel.org \
--cc=x86@kernel.org \
--cc=xin@zytor.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.