[PATCH 5.10 1/4] x86,nospec: Simplify {JMP,CALL}_NOSPEC

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

From: Suraj Jitindar Singh <surajjs@amazon.com>
To: <stable@vger.kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>,
	Suraj Jitindar Singh <surajjs@amazon.com>
Subject: [PATCH 5.10 1/4] x86,nospec: Simplify {JMP,CALL}_NOSPEC
Date: Wed, 3 Sep 2025 15:50:00 -0700	[thread overview]
Message-ID: <20250903225003.50346-2-surajjs@amazon.com> (raw)
In-Reply-To: <20250903225003.50346-1-surajjs@amazon.com>

From: Peter Zijlstra <peterz@infradead.org>

commit 09d09531a51a24635bc3331f56d92ee7092f5516 upstream.

Have {JMP,CALL}_NOSPEC generate the same code GCC does for indirect
calls and rely on the objtool retpoline patching infrastructure.

There's no reason these should be alternatives while the vast bulk of
compiler generated retpolines are not.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Suraj Jitindar Singh <surajjs@amazon.com>
Cc: <stable@vger.kernel.org> # 5.10.x
---
 arch/x86/include/asm/nospec-branch.h | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
index ce5e6e70d2a4..3434e5ebd3c7 100644
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -118,6 +118,19 @@
 #endif
 .endm
 
+/*
+ * Equivalent to -mindirect-branch-cs-prefix; emit the 5 byte jmp/call
+ * to the retpoline thunk with a CS prefix when the register requires
+ * a RAX prefix byte to encode. Also see apply_retpolines().
+ */
+.macro __CS_PREFIX reg:req
+	.irp rs,r8,r9,r10,r11,r12,r13,r14,r15
+	.ifc \reg,\rs
+	.byte 0x2e
+	.endif
+	.endr
+.endm
+
 /*
  * JMP_NOSPEC and CALL_NOSPEC macros can be used instead of a simple
  * indirect jmp/call which may be susceptible to the Spectre variant 2
@@ -125,19 +138,18 @@
  */
 .macro JMP_NOSPEC reg:req
 #ifdef CONFIG_RETPOLINE
-	ALTERNATIVE_2 __stringify(ANNOTATE_RETPOLINE_SAFE; jmp *%\reg), \
-		      __stringify(jmp __x86_indirect_thunk_\reg), X86_FEATURE_RETPOLINE, \
-		      __stringify(lfence; ANNOTATE_RETPOLINE_SAFE; jmp *%\reg), X86_FEATURE_RETPOLINE_LFENCE
+	__CS_PREFIX \reg
+	jmp	__x86_indirect_thunk_\reg
 #else
 	jmp	*%\reg
+	int3
 #endif
 .endm
 
 .macro CALL_NOSPEC reg:req
 #ifdef CONFIG_RETPOLINE
-	ALTERNATIVE_2 __stringify(ANNOTATE_RETPOLINE_SAFE; call *%\reg), \
-		      __stringify(call __x86_indirect_thunk_\reg), X86_FEATURE_RETPOLINE, \
-		      __stringify(lfence; ANNOTATE_RETPOLINE_SAFE; call *%\reg), X86_FEATURE_RETPOLINE_LFENCE
+	__CS_PREFIX \reg
+	call	__x86_indirect_thunk_\reg
 #else
 	call	*%\reg
 #endif
-- 
2.34.1

next prev parent reply	other threads:[~2025-09-03 22:52 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-09-03 22:49 [PATCH 5.10 0/4] x86/speculation: Make {JMP,CALL}_NOSPEC Consistent Suraj Jitindar Singh
2025-09-03 22:50 ` Suraj Jitindar Singh [this message]
2025-09-03 22:50 ` [PATCH 5.10 2/4] x86/speculation: Simplify and make CALL_NOSPEC consistent Suraj Jitindar Singh
2025-09-03 22:50 ` [PATCH 5.10 3/4] x86/speculation: Add a conditional CS prefix to CALL_NOSPEC Suraj Jitindar Singh
2025-09-03 22:50 ` [PATCH 5.10 4/4] x86/speculation: Remove the extra #ifdef around CALL_NOSPEC Suraj Jitindar Singh
2025-09-04 12:00 ` [PATCH 5.10 0/4] x86/speculation: Make {JMP,CALL}_NOSPEC Consistent Greg KH
2025-09-16 20:41   ` [PATCH 5.10 0/4] x86/speculation: Make {JMP, CALL}_NOSPEC Consistent Jitindar Singh, Suraj
2025-09-17  7:40     ` gregkh
2025-09-04 12:01 ` [PATCH 5.10 0/4] x86/speculation: Make {JMP,CALL}_NOSPEC Consistent Greg KH
2025-09-16 20:44   ` [PATCH 5.10 0/4] x86/speculation: Make {JMP, CALL}_NOSPEC Consistent Jitindar Singh, Suraj
2025-09-17  7:52     ` gregkh

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:ce5e6e70d2a dfblob:3434e5ebd3c )
 OR (
bs:"[PATCH 5.10 1/4] x86,nospec: Simplify {JMP,CALL}_NOSPEC" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250903225003.50346-2-surajjs@amazon.com \
    --to=surajjs@amazon.com \
    --cc=peterz@infradead.org \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox