* [PATCH] arm64: Unconditionally select CONFIG_JUMP_LABEL
@ 2025-06-13 14:19 Marc Zyngier
2025-06-13 14:47 ` Mark Rutland
2025-07-04 17:44 ` Will Deacon
0 siblings, 2 replies; 4+ messages in thread
From: Marc Zyngier @ 2025-06-13 14:19 UTC (permalink / raw)
To: linux-arm-kernel
Cc: Aneesh Kumar K.V, Mostafa Saleh, Will Deacon, Catalin marinas,
Mark Rutland, Ard Biesheuvel
Aneesh reports that his kernel fails to boot in nVHE mode with
KVM's protected mode enabled. Further investigation by Mostafa
reveals that this fails because CONFIG_JUMP_LABEL=n and that
we have static keys shared between EL1 and EL2.
While this can be worked around, it is obvious that we have long
relied on having CONFIG_JUMP_LABEL enabled at all times, as all
supported compilers now have 'asm goto' (which is the basic block
for jump labels).
Let's simplify our lives once and for all by mandating jump labels.
It's not like anyone else is testing anything without them, and
we already rely on them for other things (kfence, xfs, preempt).
Link: https://lore.kernel.org/r/yq5ah60pkq03.fsf@kernel.org
Reported-by: "Aneesh Kumar K.V" <aneesh.kumar@kernel.org>
Reported-by: Mostafa Saleh <smostafa@google.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Cc: Will Deacon <will@kernel.org>
Cc: Catalin marinas <catalin.marinas@arm.com>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
---
arch/arm64/Kconfig | 1 +
arch/arm64/kernel/Makefile | 3 +--
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 55fc331af3371..393d71124f5d2 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -256,6 +256,7 @@ config ARM64
select HOTPLUG_SMT if HOTPLUG_CPU
select IRQ_DOMAIN
select IRQ_FORCED_THREADING
+ select JUMP_LABEL
select KASAN_VMALLOC if KASAN
select LOCK_MM_AND_FIND_VMA
select MODULES_USE_ELF_RELA
diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile
index 2920b0a514037..a2faf0049dab1 100644
--- a/arch/arm64/kernel/Makefile
+++ b/arch/arm64/kernel/Makefile
@@ -34,7 +34,7 @@ obj-y := debug-monitors.o entry.o irq.o fpsimd.o \
cpufeature.o alternative.o cacheinfo.o \
smp.o smp_spin_table.o topology.o smccc-call.o \
syscall.o proton-pack.o idle.o patching.o pi/ \
- rsi.o
+ rsi.o jump_label.o
obj-$(CONFIG_COMPAT) += sys32.o signal32.o \
sys_compat.o
@@ -47,7 +47,6 @@ obj-$(CONFIG_PERF_EVENTS) += perf_regs.o perf_callchain.o
obj-$(CONFIG_HARDLOCKUP_DETECTOR_PERF) += watchdog_hld.o
obj-$(CONFIG_HAVE_HW_BREAKPOINT) += hw_breakpoint.o
obj-$(CONFIG_CPU_PM) += sleep.o suspend.o
-obj-$(CONFIG_JUMP_LABEL) += jump_label.o
obj-$(CONFIG_KGDB) += kgdb.o
obj-$(CONFIG_EFI) += efi.o efi-rt-wrapper.o
obj-$(CONFIG_PCI) += pci.o
--
2.39.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: Unconditionally select CONFIG_JUMP_LABEL
2025-06-13 14:19 [PATCH] arm64: Unconditionally select CONFIG_JUMP_LABEL Marc Zyngier
@ 2025-06-13 14:47 ` Mark Rutland
2025-06-16 11:30 ` Will Deacon
2025-07-04 17:44 ` Will Deacon
1 sibling, 1 reply; 4+ messages in thread
From: Mark Rutland @ 2025-06-13 14:47 UTC (permalink / raw)
To: Marc Zyngier
Cc: linux-arm-kernel, Aneesh Kumar K.V, Mostafa Saleh, Will Deacon,
Catalin marinas, Ard Biesheuvel
On Fri, Jun 13, 2025 at 03:19:36PM +0100, Marc Zyngier wrote:
> Aneesh reports that his kernel fails to boot in nVHE mode with
> KVM's protected mode enabled. Further investigation by Mostafa
> reveals that this fails because CONFIG_JUMP_LABEL=n and that
> we have static keys shared between EL1 and EL2.
>
> While this can be worked around, it is obvious that we have long
> relied on having CONFIG_JUMP_LABEL enabled at all times, as all
> supported compilers now have 'asm goto' (which is the basic block
> for jump labels).
>
> Let's simplify our lives once and for all by mandating jump labels.
> It's not like anyone else is testing anything without them, and
> we already rely on them for other things (kfence, xfs, preempt).
>
> Link: https://lore.kernel.org/r/yq5ah60pkq03.fsf@kernel.org
> Reported-by: "Aneesh Kumar K.V" <aneesh.kumar@kernel.org>
> Reported-by: Mostafa Saleh <smostafa@google.com>
> Signed-off-by: Marc Zyngier <maz@kernel.org>
> Cc: Will Deacon <will@kernel.org>
> Cc: Catalin marinas <catalin.marinas@arm.com>
> Cc: Mark Rutland <mark.rutland@arm.com>
> Cc: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Mark Rutland <mark.rutland@arm.com>
It might be worth noting that even with this, we still need to take care
to not use arbitrary static keys in hyp code (since we don't to consume
anything that can legitimately be flipped after hyp initialization), but
that aspect should be dealt with by reviewing additions to image-vars.h.
Mark.
> ---
> arch/arm64/Kconfig | 1 +
> arch/arm64/kernel/Makefile | 3 +--
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 55fc331af3371..393d71124f5d2 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -256,6 +256,7 @@ config ARM64
> select HOTPLUG_SMT if HOTPLUG_CPU
> select IRQ_DOMAIN
> select IRQ_FORCED_THREADING
> + select JUMP_LABEL
> select KASAN_VMALLOC if KASAN
> select LOCK_MM_AND_FIND_VMA
> select MODULES_USE_ELF_RELA
> diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile
> index 2920b0a514037..a2faf0049dab1 100644
> --- a/arch/arm64/kernel/Makefile
> +++ b/arch/arm64/kernel/Makefile
> @@ -34,7 +34,7 @@ obj-y := debug-monitors.o entry.o irq.o fpsimd.o \
> cpufeature.o alternative.o cacheinfo.o \
> smp.o smp_spin_table.o topology.o smccc-call.o \
> syscall.o proton-pack.o idle.o patching.o pi/ \
> - rsi.o
> + rsi.o jump_label.o
>
> obj-$(CONFIG_COMPAT) += sys32.o signal32.o \
> sys_compat.o
> @@ -47,7 +47,6 @@ obj-$(CONFIG_PERF_EVENTS) += perf_regs.o perf_callchain.o
> obj-$(CONFIG_HARDLOCKUP_DETECTOR_PERF) += watchdog_hld.o
> obj-$(CONFIG_HAVE_HW_BREAKPOINT) += hw_breakpoint.o
> obj-$(CONFIG_CPU_PM) += sleep.o suspend.o
> -obj-$(CONFIG_JUMP_LABEL) += jump_label.o
> obj-$(CONFIG_KGDB) += kgdb.o
> obj-$(CONFIG_EFI) += efi.o efi-rt-wrapper.o
> obj-$(CONFIG_PCI) += pci.o
> --
> 2.39.2
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: Unconditionally select CONFIG_JUMP_LABEL
2025-06-13 14:47 ` Mark Rutland
@ 2025-06-16 11:30 ` Will Deacon
0 siblings, 0 replies; 4+ messages in thread
From: Will Deacon @ 2025-06-16 11:30 UTC (permalink / raw)
To: Mark Rutland
Cc: Marc Zyngier, linux-arm-kernel, Aneesh Kumar K.V, Mostafa Saleh,
Catalin marinas, Ard Biesheuvel
On Fri, Jun 13, 2025 at 03:47:31PM +0100, Mark Rutland wrote:
> On Fri, Jun 13, 2025 at 03:19:36PM +0100, Marc Zyngier wrote:
> > Aneesh reports that his kernel fails to boot in nVHE mode with
> > KVM's protected mode enabled. Further investigation by Mostafa
> > reveals that this fails because CONFIG_JUMP_LABEL=n and that
> > we have static keys shared between EL1 and EL2.
> >
> > While this can be worked around, it is obvious that we have long
> > relied on having CONFIG_JUMP_LABEL enabled at all times, as all
> > supported compilers now have 'asm goto' (which is the basic block
> > for jump labels).
> >
> > Let's simplify our lives once and for all by mandating jump labels.
> > It's not like anyone else is testing anything without them, and
> > we already rely on them for other things (kfence, xfs, preempt).
> >
> > Link: https://lore.kernel.org/r/yq5ah60pkq03.fsf@kernel.org
> > Reported-by: "Aneesh Kumar K.V" <aneesh.kumar@kernel.org>
> > Reported-by: Mostafa Saleh <smostafa@google.com>
> > Signed-off-by: Marc Zyngier <maz@kernel.org>
> > Cc: Will Deacon <will@kernel.org>
> > Cc: Catalin marinas <catalin.marinas@arm.com>
> > Cc: Mark Rutland <mark.rutland@arm.com>
> > Cc: Ard Biesheuvel <ardb@kernel.org>
>
> Acked-by: Mark Rutland <mark.rutland@arm.com>
>
> It might be worth noting that even with this, we still need to take care
> to not use arbitrary static keys in hyp code (since we don't to consume
> anything that can legitimately be flipped after hyp initialization), but
> that aspect should be dealt with by reviewing additions to image-vars.h.
Right, we should probably try to re-use the static key sealing mechanism
used for the handling of __ro_after_init keys so that the host doesn't
try to patch the hyp text after de-privilege (which will result in a
panic).
Will
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: Unconditionally select CONFIG_JUMP_LABEL
2025-06-13 14:19 [PATCH] arm64: Unconditionally select CONFIG_JUMP_LABEL Marc Zyngier
2025-06-13 14:47 ` Mark Rutland
@ 2025-07-04 17:44 ` Will Deacon
1 sibling, 0 replies; 4+ messages in thread
From: Will Deacon @ 2025-07-04 17:44 UTC (permalink / raw)
To: linux-arm-kernel, Marc Zyngier
Cc: catalin.marinas, kernel-team, Will Deacon, Aneesh Kumar K.V,
Mostafa Saleh, Mark Rutland, Ard Biesheuvel
On Fri, 13 Jun 2025 15:19:36 +0100, Marc Zyngier wrote:
> Aneesh reports that his kernel fails to boot in nVHE mode with
> KVM's protected mode enabled. Further investigation by Mostafa
> reveals that this fails because CONFIG_JUMP_LABEL=n and that
> we have static keys shared between EL1 and EL2.
>
> While this can be worked around, it is obvious that we have long
> relied on having CONFIG_JUMP_LABEL enabled at all times, as all
> supported compilers now have 'asm goto' (which is the basic block
> for jump labels).
>
> [...]
Applied to arm64 (for-next/fixes), thanks!
[1/1] arm64: Unconditionally select CONFIG_JUMP_LABEL
https://git.kernel.org/arm64/c/727c2a53cf95
Cheers,
--
Will
https://fixes.arm64.dev
https://next.arm64.dev
https://will.arm64.dev
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2025-07-04 18:13 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-06-13 14:19 [PATCH] arm64: Unconditionally select CONFIG_JUMP_LABEL Marc Zyngier
2025-06-13 14:47 ` Mark Rutland
2025-06-16 11:30 ` Will Deacon
2025-07-04 17:44 ` Will Deacon
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox