From: Peter Zijlstra <peterz@infradead.org>
To: Josh Poimboeuf <jpoimboe@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>,
David Kaplan <david.kaplan@amd.com>,
x86@kernel.org, luto@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/3] Revert "x86/retpoline: Remove .text..__x86.return_thunk section"
Date: Wed, 11 Oct 2023 09:41:42 +0200 [thread overview]
Message-ID: <20231011074142.GK14330@noisy.programming.kicks-ass.net> (raw)
In-Reply-To: <20231010212254.ypk2wdogno55shit@treble>
On Tue, Oct 10, 2023 at 02:22:54PM -0700, Josh Poimboeuf wrote:
> From: Josh Poimboeuf <jpoimboe@kernel.org>
> Subject: [PATCH] objtool: Fix return thunk patching in retpolines
>
> With CONFIG_RETHUNK enabled, the compiler replaces every RET with a tail
> call to a return thunk ('JMP __x86_return_thunk'). Objtool annotates
> all such return sites so they can be patched during boot by
> apply_returns().
>
> The implementation of __x86_return_thunk() is just a bare RET. It's
> only meant to be used temporarily until apply_returns() patches all
> return sites with either a JMP to another return thunk or an actual RET.
>
> The following commit
>
> e92626af3234 ("x86/retpoline: Remove .text..__x86.return_thunk section") retpolines
>
> broke objtool's detection of return sites in retpolines. Since
> retpolines and return thunks are now in the same section, the compiler
> no longer uses relocations for the intra-section jumps between the
> retpolines and the return thunk, causing objtool to overlook them.
>
> As a result, none of the retpolines' return sites get patched. Each one
> stays at 'JMP __x86_return_thunk', effectively a bare RET.
>
> Fix it by teaching objtool to detect when a non-relocated jump target is
> a return thunk.
>
> Fixes: e92626af3234 ("x86/retpoline: Remove .text..__x86.return_thunk section")
> Reported-by: David Kaplan <david.kaplan@amd.com>
> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
> ---
> tools/objtool/check.c | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/tools/objtool/check.c b/tools/objtool/check.c
> index e308d1ba664e..556469db4239 100644
> --- a/tools/objtool/check.c
> +++ b/tools/objtool/check.c
> @@ -1610,6 +1610,15 @@ static int add_jump_destinations(struct objtool_file *file)
> return -1;
> }
>
> + /*
> + * Since retpolines are in the same section as the return
> + * thunk, they might not use a relocation when branching to it.
> + */
> + if (jump_dest->sym && jump_dest->sym->return_thunk) {
> + add_return_call(file, insn, true);
> + continue;
> + }
*urgh*... I mean, yes, that obviously works, but should we not also have
the retpoline thingy for consistency? That case makes less sense though
:/
Perhaps warn about this instead of fixing it? Forcing people to play the
section game?
I dunno.. no real strong opinions.
next prev parent reply other threads:[~2023-10-11 7:41 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-10 17:10 [PATCH 0/3] Ensure default return thunk isn't used at runtime David Kaplan
2023-10-10 17:10 ` [PATCH 1/3] Revert "x86/retpoline: Remove .text..__x86.return_thunk section" David Kaplan
2023-10-10 17:48 ` Peter Zijlstra
2023-10-10 19:57 ` Josh Poimboeuf
2023-10-10 20:04 ` Borislav Petkov
2023-10-10 20:19 ` Josh Poimboeuf
2023-10-10 20:40 ` Kaplan, David
2023-10-10 21:22 ` Josh Poimboeuf
2023-10-11 7:41 ` Peter Zijlstra [this message]
2023-10-11 9:34 ` Borislav Petkov
2023-10-11 16:28 ` Josh Poimboeuf
2023-10-11 22:35 ` Peter Zijlstra
2023-10-11 22:42 ` Ingo Molnar
2023-10-12 2:27 ` Josh Poimboeuf
2023-10-12 2:47 ` [PATCH v2] objtool: Fix return thunk patching in retpolines Josh Poimboeuf
2023-10-12 6:25 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-10-12 8:16 ` [PATCH v2] " Peter Zijlstra
2023-10-12 17:50 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-10-20 11:37 ` tip-bot2 for Josh Poimboeuf
2023-10-12 8:16 ` [PATCH 1/3] Revert "x86/retpoline: Remove .text..__x86.return_thunk section" Peter Zijlstra
2023-10-10 17:10 ` [PATCH 2/3] x86/vdso: Run objtool on vdso32-setup David Kaplan
2023-10-12 17:50 ` [tip: x86/bugs] x86/vdso: Run objtool on vdso32-setup.o tip-bot2 for David Kaplan
2023-10-20 11:37 ` tip-bot2 for David Kaplan
2023-10-10 17:10 ` [PATCH 3/3] x86/retpoline: Ensure default return thunk isn't used at runtime David Kaplan
2023-10-10 19:36 ` Josh Poimboeuf
2023-10-10 20:14 ` Kaplan, David
2023-10-10 20:41 ` Josh Poimboeuf
2023-10-12 14:10 ` [PATCH -v2] " Borislav Petkov
2023-10-12 17:11 ` Josh Poimboeuf
2023-10-12 17:50 ` [tip: x86/bugs] " tip-bot2 for David Kaplan
2023-10-16 21:10 ` Nathan Chancellor
2023-10-16 21:29 ` Borislav Petkov
2023-10-16 21:48 ` Nathan Chancellor
2023-10-17 4:31 ` Kaplan, David
2023-10-17 5:28 ` Josh Poimboeuf
2023-10-17 13:54 ` Kaplan, David
2023-10-17 15:24 ` Nick Desaulniers
2023-10-17 15:26 ` Marco Elver
2023-10-17 15:32 ` Nathan Chancellor
2023-10-17 16:59 ` [PATCH] x86/srso: Fix panic in return thunk during boot Josh Poimboeuf
2023-10-17 17:52 ` [tip: x86/bugs] x86/retpoline: Make sure there are no unconverted return thunks due to KCSAN tip-bot2 for Josh Poimboeuf
2023-10-20 11:37 ` tip-bot2 for Josh Poimboeuf
2023-10-18 13:23 ` [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime Borislav Petkov
2023-10-18 13:38 ` Ingo Molnar
2023-10-18 15:12 ` Borislav Petkov
2023-10-18 15:54 ` Josh Poimboeuf
2023-10-18 17:55 ` Borislav Petkov
2023-10-18 18:14 ` Josh Poimboeuf
2023-10-18 18:22 ` Borislav Petkov
2023-10-18 18:39 ` Josh Poimboeuf
2023-10-18 18:44 ` Borislav Petkov
2023-10-18 19:14 ` Josh Poimboeuf
2023-10-18 20:04 ` Borislav Petkov
2023-10-18 20:37 ` Borislav Petkov
2023-10-19 6:35 ` Josh Poimboeuf
2023-10-19 6:59 ` Josh Poimboeuf
2023-10-19 14:15 ` Borislav Petkov
2023-10-19 14:21 ` Kaplan, David
2023-10-19 14:39 ` Borislav Petkov
2023-10-19 15:20 ` Josh Poimboeuf
2023-10-24 20:19 ` Borislav Petkov
2024-01-03 18:46 ` Borislav Petkov
2024-01-04 13:12 ` Borislav Petkov
2024-01-04 13:24 ` [PATCH -v2] " Borislav Petkov
2024-01-04 13:26 ` Borislav Petkov
2024-02-07 17:50 ` Josh Poimboeuf
2024-02-07 18:53 ` Borislav Petkov
2024-02-07 19:49 ` Josh Poimboeuf
2024-02-12 10:43 ` Borislav Petkov
2024-04-03 17:10 ` Klara Modin
2024-04-03 17:30 ` Borislav Petkov
2024-04-03 20:26 ` Klara Modin
2024-04-03 20:41 ` Borislav Petkov
2024-04-03 22:25 ` Klara Modin
2024-04-04 14:44 ` Borislav Petkov
2024-04-16 9:27 ` Borislav Petkov
2024-04-17 3:59 ` Klara Modin
2024-04-17 16:20 ` [tip: x86/urgent] x86/retpolines: Enable the default thunk warning only on relevant configs tip-bot2 for Borislav Petkov (AMD)
2023-10-19 7:43 ` [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime Peter Zijlstra
2023-10-19 9:40 ` [tip: x86/bugs] Revert "x86/retpoline: Remove .text..__x86.return_thunk section" tip-bot2 for Borislav Petkov (AMD)
2023-10-19 9:40 ` [tip: x86/bugs] Revert "x86/retpoline: Ensure default return thunk isn't used at runtime" tip-bot2 for Borislav Petkov (AMD)
2024-10-04 19:37 ` Peter Zijlstra
2024-02-12 14:13 ` [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime tip-bot2 for Josh Poimboeuf
2024-02-15 3:20 ` Nathan Chancellor
2024-02-15 8:30 ` Nikolay Borisov
2024-02-15 15:53 ` Borislav Petkov
2024-02-16 5:42 ` Josh Poimboeuf
2024-02-16 21:27 ` Borislav Petkov
2024-02-20 5:57 ` [PATCH] x86/vdso: Fix rethunk patching for vdso-image-{32,64}.o Josh Poimboeuf
2024-02-20 12:31 ` [tip: x86/core] " tip-bot2 for Josh Poimboeuf
2023-10-10 17:52 ` [PATCH 0/3] Ensure default return thunk isn't used at runtime Peter Zijlstra
2023-10-20 11:28 ` Subject: [PATCH] x86/retpoline: Document some thunk handling aspects (was: Re: [PATCH 0/3] Ensure default return thunk isn't used at runtime) Borislav Petkov
2023-10-20 11:37 ` [tip: x86/bugs] x86/retpoline: Document some thunk handling aspects tip-bot2 for Borislav Petkov (AMD)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231011074142.GK14330@noisy.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=bp@alien8.de \
--cc=david.kaplan@amd.com \
--cc=jpoimboe@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox