Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp1395090imm;
        Wed, 10 Oct 2018 13:57:59 -0700 (PDT)
X-Google-Smtp-Source: ACcGV624VOqVjv5Nz8ooTzYtGKcRXEDyD75GfZCKKrWm2AwAST9SY8M23UrCK3QQfggphY2Z0PHU
X-Received: by 2002:a62:5547:: with SMTP id j68-v6mr13291528pfb.166.1539205079496;
        Wed, 10 Oct 2018 13:57:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1539205079; cv=none;
        d=google.com; s=arc-20160816;
        b=lGJyR2S7w01IaE2Rhv+wZYGFsTLIcaIBYUbdZ+WTswbZgx07EpfpeUnQRLFcg25XZL
         8MA6AmmAEbVV2He/wBnu6wGAnG/7UVJlR9FKk79W3RGIsMVH7OZeUXLvaOXr8Q3zTxsB
         1aafFio/JVfVl8EFcmf0EUf2jDn+e2C2Iuq8ZwHHi/WgabFkZ+hwQ2Ax0QLmPdaN6uM8
         j1pqZJULPSSHmLJYQ43oS4BfZat4o/YxIDW0mVza9BWL8qKgBSR6GoR/byO5pbjX0yTC
         EN8qBtj7ZZ7QmXrgM3yBxtiszdbn5QKSVBx4tAmmjPD2bz7cKnXhsOAFrPfr1y00evbk
         pKHQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=hkhyl+2r2NL8TyD3Y1w4o8560Blkeu002Iey2TqQo0E=;
        b=Kua1Oj7Rqgb1Ccrj/O2NA9tDsWQAgvwJ3wKRRaPewEC/DBVv5zpJq+/lfNiuj+umqs
         NXJ1/bVhWmod5hhUmzx20KZS333LZi96yCCnSjg1e8OEjI3q3hkLFNY7hn+uI1RyODoJ
         0ia3iKlqp1isRLpRPFfL73P8c0oRB3wPaP4x80VmNtaBOAzksG//S2A/xrU4AVaZsH18
         y8487EqejtMl4cZ2S5jUdOnQ82hUniYtfed5Ph47zmvCjJ8D/tkduaAkxqPZWqsjcle8
         mipz75gjnxQxU3rhnKB4aYJXyS6NWTX+KmS23Gi9YM8HQpzAll/iBtoc15sqHKZV8tzb
         Tq/A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b="WyYBHI/I";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id i3-v6si294212pld.273.2018.10.10.13.57.43;
        Wed, 10 Oct 2018 13:57:59 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b="WyYBHI/I";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1725984AbeJKEVN (ORCPT <rfc822;ivid.suvarna@gmail.com>
        + 99 others); Thu, 11 Oct 2018 00:21:13 -0400
Received: from mail-wr1-f66.google.com ([209.85.221.66]:37748 "EHLO
        mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725822AbeJKEVM (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 11 Oct 2018 00:21:12 -0400
Received: by mail-wr1-f66.google.com with SMTP id y11-v6so7235443wrd.4
        for <linux-kernel@vger.kernel.org>; Wed, 10 Oct 2018 13:57:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=amacapital-net.20150623.gappssmtp.com; s=20150623;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=hkhyl+2r2NL8TyD3Y1w4o8560Blkeu002Iey2TqQo0E=;
        b=WyYBHI/I7EPSksdzZnPySC1hCW6jj/1f0YfSq/lSX7kAYkqv2bMrZcyGhu7OM74Cd6
         QVacQqZUJ3msEuuZLuhbGllf0gFjP7Y7Ecq9P7Ag8K71sz3OmVCgQMoMUTvV3oTkYAWh
         b8sG06TlkG67nfl/EWze7h4aiH/nSE9eZHzVqNdqG7H25F8Kl+YrgbA4pwK4hIhpxs97
         ehQSLrvqQ5cyl7qempE6EOZq/NrKhP3+J1w2/m/BNmCDnCGLQBPNUAZUaD2UeozefI5z
         2s5q0raHMc3xLulW8FKH7qPugEFzNa4h4on2n58kXVJlBvUqBLPgXAo2pr3QS4jRClgl
         0cxw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=hkhyl+2r2NL8TyD3Y1w4o8560Blkeu002Iey2TqQo0E=;
        b=FQ1dBaKOPP99wV8VDVPKXbgECo4MzJZcol94f0e9c3lUq4/Mg89Px1M55ntrprSQqQ
         JSxXJVAs6dl6HAaCvqzGD4Ee9lAprJ6dMSS4PSnYbXiZfi6eDwE90vM9d0URQp2eqONH
         EYdw2+5t2Wj7vL/m9qsG+TVefqRjUSBUFFiONaYZ8/zrhSxSRuoNrrLN+6mA7fbbWR2I
         r1a+berjIPOF7gCJ8BgvEhBc4YCWgA+Si7GAS06WEIXweK67cGIDfk6FbVaoFrEmRiog
         MG4XNGw7Qw5cif8KYr9B8myPMktHYd/6aYQLb5fgllpj9z+/Pmwcg8KzELuk2cezfPX7
         QI/w==
X-Gm-Message-State: ABuFfoiqd5q2c6hnwPDVtx7b3cAyz84j8P7VAjdCSjciciCHnAGJ78Zx
        fBxIz1MYGGsHmxssceApUJkLaJk4ldQ2x+CnM4Z37w==
X-Received: by 2002:adf:82e3:: with SMTP id 90-v6mr23820193wrc.131.1539205037516;
 Wed, 10 Oct 2018 13:57:17 -0700 (PDT)
MIME-Version: 1.0
References: <A9379DDB-3210-407C-8157-8DA980944F8C@amacapital.net>
 <20181008155757.GC5663@hirez.programming.kicks-ass.net> <F36C6419-7D92-4357-BDB1-D8B90DE09889@amacapital.net>
 <20181009021710.qwt5hpntyeps44h3@treble> <20181008235750.59da83ae@gandalf.local.home>
 <20181010175237.e7m3sldcu2maoqcq@treble> <CALCETrUOaJ1dAsuX9bQO_+B4G6y5-FAb0=ZYA8QbtAEBZ6MxKg@mail.gmail.com>
 <20181010181605.arsyjxwdztztrjih@treble> <20181010183330.ootwmz6deazg2k2n@treble>
 <20181010145608.2094d254@gandalf.local.home> <20181010201609.3zwvzpr3ulredpek@treble>
In-Reply-To: <20181010201609.3zwvzpr3ulredpek@treble>
From:   Andy Lutomirski <luto@amacapital.net>
Date:   Wed, 10 Oct 2018 13:57:05 -0700
Message-ID: <CALCETrXGP_m+Ak8JyWS0aG47tVo7X8+eXMht8JNwQ6V8fvTR1Q@mail.gmail.com>
Subject: Re: [POC][RFC][PATCH 1/2] jump_function: Addition of new feature "jump_function"
To:     Josh Poimboeuf <jpoimboe@redhat.com>
Cc:     Steven Rostedt <rostedt@goodmis.org>,
        Peter Zijlstra <peterz@infradead.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Ingo Molnar <mingo@kernel.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
        Matthew Helsley <mhelsley@vmware.com>,
        "Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
        David Woodhouse <dwmw2@infradead.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Jason Baron <jbaron@akamai.com>, Jiri Kosina <jkosina@suse.cz>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        Andrew Lutomirski <luto@kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Oct 10, 2018 at 1:16 PM Josh Poimboeuf <jpoimboe@redhat.com> wrote:
>
> On Wed, Oct 10, 2018 at 02:56:08PM -0400, Steven Rostedt wrote:
> > On Wed, 10 Oct 2018 13:33:30 -0500
> > Josh Poimboeuf <jpoimboe@redhat.com> wrote:
> >
> > > Re-reading your suggestion, I may have misunderstood what you're
> > > suggesting here, but I'm thinking about doing something like what you
> > > proposed earlier:
> > >
> > >     GLOBAL(tramp)
> > >       jmp *current_func(%rip)
> > >     ENDPROC(tramp)
> > >
> > > That is, doing an indirect jump instead of the above direct jump, so
> > > that any previous references to the trampoline would still work (and it
> > > would also work during early boot).
> > >
> > > Though it should probably be a retpoline instead of an indirect jump.
> >
> > But do we care, as it only takes place during text_poke_bp() right?
> >
> > I don't think we need to worry about training trampoline branch
> > prediction that can only be hit when something enables the jump.
>
> Yeah, I guess it depends on if we'd expect anybody (or gcc) to get a
> function pointer to the trampoline itself.  I can just create a warning
> for that in objtool.
>

The jmp * in the trampoline itself is harmless even with Spectre
because it won't ever execute -- static_call_init() should just patch
it out even if the actual call target is never updated.  And gcc has
no business generating any unprotected indirect branches to it from
anywhere else, since, as far as gcc is concerned, they're just like
indirect branches to any other function.