Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp3550643pxb; Wed, 13 Oct 2021 08:13:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxLEn0b65HwqkL33Kf15VcaRFSTwiJDhggbd7wnuyA1ULjhMMcr2VHHjKX/9X20T7ZQuPyW X-Received: by 2002:a17:902:e353:b0:13f:354a:1151 with SMTP id p19-20020a170902e35300b0013f354a1151mr18612486plc.16.1634138029905; Wed, 13 Oct 2021 08:13:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634138029; cv=none; d=google.com; s=arc-20160816; b=Coskc3OujDYIEL7aC/9mkC0ntUv8BWuG/wuLAc7FlE6eh71+xljYJ3amZ1Jpoei1Du Qomc9nMTE+qsJltqykayPOfu/x48gs6KbVY/fXKHIkr4uw6VRnMm8LtUCAb9ZA/ARUO+ 2COPjy7iPCiarw3pK2GBjJ04PoZB3WzRfKnnhRqFdRFcs6CySZUnQ7FRH1JWAO3RaaKv quV5/aqRnuWt8gc3zhrOz3iTfuqxjlX/6Rl++PYQ7P5nI1nNja/avAl4g/z9ZZb1Jldu 4yeokK2p83xuCEchBFXOyNNsk7gcTaBLAPQvEwwRjqTwXkOtTUXycgRUpcDYCRZih//n F1EQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=rrv5JZn1uLPYidbThlkuK/7xoe7HZCMyhAzWQgfjz1c=; b=i6H3+1l6ddn0mtnrraJ5kDy9waM5dlDpp55cF/phKboINXFX5VwjWN77MCAsrssFh0 LiXkOQacmdKRZYAFGO23MNF/lmCHc0YE3Kcoy4adFyUDvKkHfL8+PkwPqPwCuH/hSvsX keB7psl5teMvv58bBgFFbX7u6n924+Co9+SndFnaJF97FVq957DPU4whLY+OStr9PZsf PUIGRfazWV4eMQOMvN97CBLHnn3n1fWF2YhcolveuB0yVgNOr394H+TF6uqojnsc8Y4y kR9b4SiWfYwre6N6TlmpeDGiLt1phAsWrvhaBuqKu0RQzAIvlLYpiUvv9hvF5hTPIQym 90cw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=Mnu0SSiC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 9si7540318pjw.184.2021.10.13.08.13.36; Wed, 13 Oct 2021 08:13:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=Mnu0SSiC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231820AbhJMPOZ (ORCPT + 99 others); Wed, 13 Oct 2021 11:14:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60336 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229514AbhJMPOZ (ORCPT ); Wed, 13 Oct 2021 11:14:25 -0400 Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 28042C061746 for ; Wed, 13 Oct 2021 08:12:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=rrv5JZn1uLPYidbThlkuK/7xoe7HZCMyhAzWQgfjz1c=; b=Mnu0SSiCXmIgDP94Mi2O/A3dNm NKCPXU+y0EbZQFaeQGbos6zteTNVz9VMow0keOHMeNZljVgRCeSzvknLjfYMhc35YCb034VDoLAhv lM5iP3HzK0ThQ69Pb6hmR3+BaAtmxcOEDspzRwryNTMMoesw8ON1lFJ2zMh9SA07n4hkcboe2NG1a ZiEdw1Z3JfcWjN9JN7wB11ebGq2vyFCDapdtns+uFqNVqidxKuv1fmR509vXNNJG7wMLGb42Bb8M5 bPR1scsyxtUuFC+rERwqbVYAEaFe62bymxqxL+uEck3R8ljXx7zAe9Fo+XNOKu03QZa0T905TOHH8 pCSutb6A==; Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=noisy.programming.kicks-ass.net) by desiato.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1mafvS-009d7o-3k; Wed, 13 Oct 2021 15:12:14 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id 5612730026A; Wed, 13 Oct 2021 17:12:13 +0200 (CEST) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 43586207EF0DE; Wed, 13 Oct 2021 17:12:13 +0200 (CEST) Date: Wed, 13 Oct 2021 17:12:13 +0200 From: Peter Zijlstra To: Andrew Cooper Cc: x86@kernel.org, jpoimboe@redhat.com, linux-kernel@vger.kernel.org, alexei.starovoitov@gmail.com, ndesaulniers@google.com Subject: Re: [PATCH 4/9] x86/alternative: Implement .retpoline_sites support Message-ID: References: <20211013122217.304265366@infradead.org> <20211013123645.002402102@infradead.org> <98fdd068-d1c3-1f8c-18b7-13c3909ed9ca@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <98fdd068-d1c3-1f8c-18b7-13c3909ed9ca@citrix.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 13, 2021 at 03:38:27PM +0100, Andrew Cooper wrote: > On 13/10/2021 13:22, Peter Zijlstra wrote: > > +/* > > + * Rewrite the compiler generated retpoline thunk calls. > > + * > > + * For spectre_v2=off (!X86_FEATURE_RETPOLINE), rewrite them into immediate > > + * indirect instructions, avoiding the extra indirection. > > + * > > + * For example, convert: > > + * > > + * CALL __x86_indirect_thunk_\reg > > + * > > + * into: > > + * > > + * CALL *%\reg > > + * > > + */ > > +static int patch_retpoline(void *addr, struct insn *insn, u8 *bytes) > > +{ > > + void (*target)(void); > > + int reg, i = 0; > > + > > + if (cpu_feature_enabled(X86_FEATURE_RETPOLINE)) > > + return -1; > > + > > + target = addr + insn->length + insn->immediate.value; > > + reg = (target - &__x86_indirect_thunk_rax) / > > + (&__x86_indirect_thunk_rcx - &__x86_indirect_thunk_rax); > > This is equal measures beautiful and terrifying. Thanks! :-) > Something around here really wants to BUG_ON(reg == 4), because > literally nothing good can come from selecting %rsp. Ack, I had to add rsp to get the offsets right, but indeed, if anything ever selects that we're in trouble. > Also, it might be a good idea (previous patch perhaps) to have some > linker assertions to confirm that the symbols are laid out safely to do > this calculation. I was hoping that since all this is in .S it would be immune from crazy things like a compiler and do as told. But I suppose carzy stuff like LTO (or worse BOLT) can totaly wreck this still (then BOLT won't care about linker script assertions either). I'll see if I can come up with something.