From: Peter Zijlstra <peterz@infradead.org>
To: Andrew Cooper <amc96@srcf.net>
Cc: Andrew Cooper <Andrew.Cooper3@citrix.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
"x86@kernel.org" <x86@kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Miroslav Benes <mbenes@suse.cz>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Juergen Gross <jgross@suse.com>,
Stefano Stabellini <sstabellini@kernel.org>,
"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Subject: Re: [PATCH v2 06/25] x86/xen: Add ANNOTATE_ENDBR to startup_xen()
Date: Tue, 19 Apr 2022 15:10:29 +0200 [thread overview]
Message-ID: <20220419131029.GV2731@worktop.programming.kicks-ass.net> (raw)
In-Reply-To: <8fbbd4ca-54b1-8c1c-19bc-3d0e6044ff5d@srcf.net>
On Tue, Apr 19, 2022 at 01:12:14PM +0100, Andrew Cooper wrote:
> > Subject: x86/xen: Add ANNOTATE_ENDBR to startup_xen()
> > From: Josh Poimboeuf <jpoimboe@redhat.com>
> > Date: Mon, 18 Apr 2022 09:50:25 -0700
> >
> > From: Josh Poimboeuf <jpoimboe@redhat.com>
> >
> > The startup_xen() kernel entry point is referenced by the ".note.Xen"
> > section, and is the real entry point of the VM. It *will* be
> > indirectly branched to, *however* currently Xen doesn't support PV VM
> > with CET active.
>
> Technically it's always IRET'd to, but the point is that it's never
> "branched to" by the execution context of the VM.
>
> So it would be better to say that it's never indirectly branched to.
> That's what the IBT checks care about.
Right, so I was thinking the IRET could set the NEED_ENDBR bit, but
yeah, that might be stretching the definition of an indirect-branch a
wee bit.
How about so then?
---
Subject: x86/xen: Add ANNOTATE_NOENDBR to startup_xen()
From: Josh Poimboeuf <jpoimboe@redhat.com>
Date: Mon, 18 Apr 2022 09:50:25 -0700
From: Josh Poimboeuf <jpoimboe@redhat.com>
The startup_xen() kernel entry point is referenced by the ".note.Xen"
section, and is the real entry point of the VM. Control transfer is
through IRET, which *could* set NEED_ENDBR, however Xen currently does
no such thing.
Add ANNOTATE_NOENDBR to silence future objtool warnings.
Fixes: ed53a0d97192 ("x86/alternative: Use .ibt_endbr_seal to seal indirect calls")
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Link: https://lkml.kernel.org/r/a87bd48b06d11ec4b98122a429e71e489b4e48c3.1650300597.git.jpoimboe@redhat.com
next prev parent reply other threads:[~2022-04-19 13:10 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-18 16:50 [PATCH v2 00/25] objtool: Interface overhaul Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 01/25] objtool: Enable unreachable warnings for CLANG LTO Josh Poimboeuf
2022-04-19 20:08 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 02/25] libsubcmd: Fix OPTION_GROUP sorting Josh Poimboeuf
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 03/25] x86/static_call: Add ANNOTATE_NOENDBR to static call trampoline Josh Poimboeuf
2022-04-19 20:08 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 04/25] x86/retpoline: Add ANNOTATE_ENDBR for retpolines Josh Poimboeuf
2022-04-19 20:08 ` [tip: x86/urgent] x86/retpoline: Add ANNOTATE_NOENDBR " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 05/25] x86/uaccess: Add ENDBR to __put_user_nocheck*() Josh Poimboeuf
2022-04-19 20:08 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 06/25] x86/xen: Add ANNOTATE_ENDBR to startup_xen() Josh Poimboeuf
2022-04-19 11:42 ` Andrew Cooper
2022-04-19 11:57 ` Peter Zijlstra
2022-04-19 12:06 ` Juergen Gross
2022-04-19 12:12 ` Andrew Cooper
2022-04-19 13:10 ` Peter Zijlstra [this message]
2022-04-19 14:25 ` Andrew Cooper
2022-04-19 20:08 ` [tip: x86/urgent] x86/xen: Add ANNOTATE_NOENDBR " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 07/25] objtool: Reorganize cmdline options Josh Poimboeuf
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 08/25] objtool: Ditch subcommands Josh Poimboeuf
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 09/25] objtool: Don't print parentheses in function addresses Josh Poimboeuf
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 10/25] objtool: Print data address for "!ENDBR" data warnings Josh Poimboeuf
2022-04-19 20:08 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 11/25] objtool: Use offstr() to print address of missing ENDBR Josh Poimboeuf
2022-04-19 20:08 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 12/25] objtool: Add option to print section addresses Josh Poimboeuf
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 13/25] scripts: Create objdump-func helper script Josh Poimboeuf
2022-04-19 11:15 ` Peter Zijlstra
2022-04-19 16:09 ` Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 14/25] objtool: Make stack validation optional Josh Poimboeuf
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 15/25] objtool: Rework ibt and extricate from stack validation Josh Poimboeuf
2022-04-20 17:25 ` Miroslav Benes
2022-04-22 10:50 ` Peter Zijlstra
2022-04-22 15:17 ` Josh Poimboeuf
2022-04-25 6:27 ` Miroslav Benes
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 16/25] objtool: Extricate sls " Josh Poimboeuf
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 17/25] objtool: Add CONFIG_OBJTOOL Josh Poimboeuf
2022-04-19 11:22 ` Peter Zijlstra
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 18/25] objtool: Make stack validation frame-pointer-specific Josh Poimboeuf
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 19/25] objtool: Make static call annotation optional Josh Poimboeuf
2022-04-22 10:35 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 20/25] objtool: Make jump label hack optional Josh Poimboeuf
2022-04-22 10:34 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 21/25] objtool: Make noinstr hacks optional Josh Poimboeuf
2022-04-22 10:34 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 22/25] objtool: Rename "VMLINUX_VALIDATION" -> "NOINSTR_VALIDATION" Josh Poimboeuf
2022-04-22 10:34 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 23/25] objtool: Add HAVE_NOINSTR_VALIDATION Josh Poimboeuf
2022-04-22 10:34 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 24/25] objtool: Remove --lto and --vmlinux in favor of --link Josh Poimboeuf
2022-04-20 17:25 ` Miroslav Benes
2022-04-22 10:34 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-18 16:50 ` [PATCH v2 25/25] objtool: Update documentation Josh Poimboeuf
2022-04-22 10:34 ` [tip: objtool/core] " tip-bot2 for Josh Poimboeuf
2022-04-19 11:51 ` [PATCH v2 00/25] objtool: Interface overhaul Peter Zijlstra
2022-04-19 15:36 ` Josh Poimboeuf
2022-04-19 16:43 ` Peter Zijlstra
2022-04-20 17:27 ` Miroslav Benes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220419131029.GV2731@worktop.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=Andrew.Cooper3@citrix.com \
--cc=amc96@srcf.net \
--cc=boris.ostrovsky@oracle.com \
--cc=jgross@suse.com \
--cc=jpoimboe@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mbenes@suse.cz \
--cc=sstabellini@kernel.org \
--cc=x86@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox