[PATCH v2 00/12] x86/kvm/emulate: Avoid RET for FASTOPs

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Peter Zijlstra <peterz@infradead.org>
To: seanjc@google.com, pbonzini@redhat.com, jpoimboe@redhat.com,
	tglx@linutronix.de
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
	kvm@vger.kernel.org, jthoughton@google.com
Subject: [PATCH v2 00/12] x86/kvm/emulate: Avoid RET for FASTOPs
Date: Mon, 11 Nov 2024 12:59:35 +0100	[thread overview]
Message-ID: <20241111115935.796797988@infradead.org> (raw)

Hi!

At long last, a respin of these patches.

The FASTOPs are special because they rely on RET to preserve CFLAGS, which is a
problem with all the mitigation stuff. Also see things like: ba5ca5e5e6a1
("x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()").

Rework FASTOPs to no longer use RET and side-step the problem of trying to make
the various return thunks preserve CFLAGS for just this one case.

There are two separate instances, test_cc() and fastop(). The first is
basically a SETCC wrapper, which seems like a very complicated (and somewhat
expensive) way to read FLAGS. Instead use the code we already have to emulate
JCC to fully emulate the instruction.

That then leaves fastop(), which when marked noinline is guaranteed to exist
only once. As such, CALL+RET isn't needed, because we'll always be RETurning to
the same location, as such replace with JMP+JMP.

My plan is to take the objtool patches through tip/objtool/core, the nospec
patches through tip/x86/core and either stick the fastop patches in that latter
tree if the KVM folks agree, or they can merge the aforementioned two branches
and then stick the patches on top, whatever works for people.

next             reply	other threads:[~2024-11-11 12:54 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-11-11 11:59 Peter Zijlstra [this message]
2024-11-11 11:59 ` [PATCH v2 01/12] objtool: Generic annotation infrastructure Peter Zijlstra
2024-11-15 18:38   ` Josh Poimboeuf
2024-11-16  9:33     ` Peter Zijlstra
2024-11-20  0:31       ` Josh Poimboeuf
2024-11-20  1:04         ` Josh Poimboeuf
2024-11-20  8:52           ` Peter Zijlstra
2024-11-20 16:03             ` Josh Poimboeuf
2024-11-20 16:03               ` Josh Poimboeuf
2024-11-21 11:46                 ` Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 02/12] objtool: Convert ANNOTATE_NOENDBR to ANNOTATE Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 03/12] objtool: Convert ANNOTATE_RETPOLINE_SAFE " Peter Zijlstra
2024-11-15 18:39   ` Josh Poimboeuf
2024-11-16  9:34     ` Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 04/12] objtool: Convert instrumentation_{begin,end}() " Peter Zijlstra
2024-11-15 18:40   ` Josh Poimboeuf
2024-11-16  9:36     ` Peter Zijlstra
2024-11-16  9:51       ` Peter Zijlstra
2024-11-16 10:06     ` Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 05/12] objtool: Convert VALIDATE_UNRET_BEGIN " Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 06/12] objtool: Convert ANNOTATE_IGNORE_ALTERNATIVE " Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 07/12] objtool: Convert ANNOTATE_INTRA_FUNCTION_CALLS " Peter Zijlstra
2024-11-15 18:40   ` Josh Poimboeuf
2024-11-16  9:37     ` Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 08/12] objtool: Collapse annotate sequences Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 09/12] x86/nospec: JMP_NOSPEC Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 10/12] x86,nospec: Simplify {JMP,CALL}_NOSPEC (part 2) Peter Zijlstra
2024-11-15 18:40   ` Josh Poimboeuf
2024-11-16  9:39     ` Peter Zijlstra
2024-11-11 11:59 ` [PATCH v2 11/12] x86/kvm/emulate: Implement test_cc() in C Peter Zijlstra
2024-11-11 17:13   ` Sean Christopherson
2024-11-11 11:59 ` [PATCH v2 12/12] x86/kvm/emulate: Avoid RET for fastops Peter Zijlstra
2024-11-11 16:27   ` Peter Zijlstra
2024-11-11 17:26   ` Sean Christopherson
2024-11-11 18:28     ` Peter Zijlstra
2024-11-15 18:41   ` Josh Poimboeuf
2024-11-16  9:39     ` Peter Zijlstra
2024-11-11 17:27 ` [PATCH v2 00/12] x86/kvm/emulate: Avoid RET for FASTOPs Sean Christopherson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20241111115935.796797988@infradead.org \
    --to=peterz@infradead.org \
    --cc=jpoimboe@redhat.com \
    --cc=jthoughton@google.com \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=seanjc@google.com \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox