Hi!
Alyssa reported a FineIBT issue (patch 6) which led to the discovery of
a kCFI issue (patch 5) and a bunch of cleanups and enhancements (the
rest).
Backports can probably suffice with just the last two.
Much thanks to Brian for the better ret_from_fork() cleanup.
Tested using llvm-16 on an Alderlake with both FineIBT and kCFI.
Also available at:
git://git.kernel.org/pub/scm/linux/kernel/git/peterz/queue.git x86/urgent
(I'm aiming for the merge window, not this cycle)
v1: https://lkml.kernel.org/r/[email protected]
---
arch/um/kernel/um_arch.c | 2 +-
arch/x86/entry/entry_32.S | 54 +++++++---------------------
arch/x86/entry/entry_64.S | 35 ++++++------------
arch/x86/include/asm/alternative.h | 2 +-
arch/x86/include/asm/ibt.h | 2 +-
arch/x86/include/asm/nospec-branch.h | 4 +++
arch/x86/include/asm/switch_to.h | 4 ++-
arch/x86/kernel/alternative.c | 69 +++++++++++++++++++++++++++++++++---
arch/x86/kernel/module.c | 2 +-
arch/x86/kernel/process.c | 22 +++++++++++-
10 files changed, 120 insertions(+), 76 deletions(-)
On Thu, Jun 22, 2023 at 04:42:18PM +0200, Peter Zijlstra wrote:
> Alyssa reported a FineIBT issue (patch 6) which led to the discovery of
> a kCFI issue (patch 5) and a bunch of cleanups and enhancements (the
> rest).
>
> Backports can probably suffice with just the last two.
>
> Much thanks to Brian for the better ret_from_fork() cleanup.
>
> Tested using llvm-16 on an Alderlake with both FineIBT and kCFI.
Thanks! This looks really nice. For the series:
Reviewed-by: Kees Cook <[email protected]>
--
Kees Cook
On Thu, Jun 22, 2023 at 7:50 AM Peter Zijlstra <[email protected]> wrote:
>
> Hi!
>
> Alyssa reported a FineIBT issue (patch 6) which led to the discovery of
> a kCFI issue (patch 5) and a bunch of cleanups and enhancements (the
> rest).
>
> Backports can probably suffice with just the last two.
>
> Much thanks to Brian for the better ret_from_fork() cleanup.
This version looks even better, thanks!
Reviewed-by: Sami Tolvanen <[email protected]>
Sami