Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp910062pxm; Thu, 3 Mar 2022 07:00:38 -0800 (PST) X-Google-Smtp-Source: ABdhPJwz7A2Im/G/KGg6hwEdivgvtNfli6p9l/y06JFfxFhbiKdFholBj7sysXhwIZwObCAf7cWw X-Received: by 2002:a05:6402:70d:b0:410:ba4d:736f with SMTP id w13-20020a056402070d00b00410ba4d736fmr34829344edx.0.1646319638622; Thu, 03 Mar 2022 07:00:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646319638; cv=none; d=google.com; s=arc-20160816; b=fPvIXBOFA25lkEebOtWsWS0KfAJEmudmSMbTpvHV7o9QBYAILm4KYfnmuY/dTMqYFf n+v6dk+IU3tfd/6hOGN9Ixl2Rik6fwdfD1Z2+PYr88N7aMTqF5cR/qnmiQadUD3HUuGP G+QlZ1QuKPGM+P9ju/XYJsg0AyPA/jcUKNN7qHK6jhE67fNAkTgblMVpCHrUCaJbQev4 JJ6JRrTcewNZGfDMjfymQNV/uzJVceGUnWkqrmStnUM4MOb5mM/hsgnlbnlZtjih6IDX 3ST4ID9LwjekIEUua7qQqSWqE5wLysbjIUMdQaH2gnZC1kMZlAcJboleQoB9oRAbZw8M nnCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=qWQNOthXTquOrhHmzl9lJmVcX4KkTKg2fea12CYh7ts=; b=JXdUIpEiTk4GU2PYcxr1e0tHFJuHfd7bBHaOSNXPDJBzHA41E+3RIeiTztIuGRWFZn IbW3RbHUKEglId60q/h8DkMrHKufllkkvjCGpUZCrn+G4z4JfigZ0ljInqHykWjR944O 4uAAtxv4OXiYDkUA8yFlLVSYkHhQlEpLKGjmuHCKppEI4YV7ckPzXawCCHPRvFVHlIev BmK3EV6/Su7pPKE4+HH36aBDFDu5QxVgVBB29d1L3YLa3RTUA7euMmTXwDn9zKQ1P9Ka XKJDbiaBqczhT1Io2/fq+Ba+V6q7SGZkSm/sU3lVWY0PhP5ss2GbAvovVRJVzlF49cHR cprQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=daTg9H0L; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c88-20020a509fe1000000b00415a39103cesi1475566edf.239.2022.03.03.07.00.12; Thu, 03 Mar 2022 07:00:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=daTg9H0L; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233450AbiCCOPo (ORCPT + 99 others); Thu, 3 Mar 2022 09:15:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33738 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231147AbiCCOPn (ORCPT ); Thu, 3 Mar 2022 09:15:43 -0500 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6ACE818CC5C for ; Thu, 3 Mar 2022 06:14:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Transfer-Encoding: Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date: Sender:Reply-To:Content-ID:Content-Description; bh=qWQNOthXTquOrhHmzl9lJmVcX4KkTKg2fea12CYh7ts=; b=daTg9H0LzTWywP8J4AOyFF8HBx f3yQ2gydD0pRWTogso66lz7wlkNfGX+hIr4GZQ+x1jV2I0H3fhDPG05ZLgUeKNZ7ZqikymyEs+0Ws 3QLhR5ztDhesX8o9sqhYfFdze331xoS20sPdUwWfdMT8+etPMjyVsEKbJWnPERtb4r0HLcIlhfWz2 SHghMLQ6umhJYfr7WIWAj5wnqeVAr1kpZxl65C3cSFdrL+ww3vbEBs4ojkVrat5L9a1ECFX5653nk xSNjP/ktZsyH5EnZkAEj3oa996Z6sKNQ07AtRiVRHSGAZollARMXttGOcECfioTWAB3jd5RIZsVcy TfwdcfQA==; Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=noisy.programming.kicks-ass.net) by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1nPmCg-00Bhis-Oe; Thu, 03 Mar 2022 14:13:14 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id C83E6300230; Thu, 3 Mar 2022 15:13:12 +0100 (CET) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id A6EA230268E82; Thu, 3 Mar 2022 15:13:12 +0100 (CET) Date: Thu, 3 Mar 2022 15:13:12 +0100 From: Peter Zijlstra To: Miroslav Benes Cc: Andrew Cooper , "x86@kernel.org" , "joao@overdrivepizza.com" , "hjl.tools@gmail.com" , "jpoimboe@redhat.com" , "linux-kernel@vger.kernel.org" , "ndesaulniers@google.com" , "keescook@chromium.org" , "samitolvanen@google.com" , "mark.rutland@arm.com" , "alyssa.milburn@intel.com" , "rostedt@goodmis.org" , "mhiramat@kernel.org" , "alexei.starovoitov@gmail.com" Subject: Re: [PATCH v2 33/39] objtool: Add IBT/ENDBR decoding Message-ID: References: <20220224145138.952963315@infradead.org> <20220224151323.959862564@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 03, 2022 at 01:33:06PM +0100, Miroslav Benes wrote: > On Thu, 3 Mar 2022, Andrew Cooper wrote: > > > On 03/03/2022 10:53, Miroslav Benes wrote: > > > Hi, > > > > > > On Thu, 24 Feb 2022, Peter Zijlstra wrote: > > > > > >> Decode ENDBR instructions and WARN about NOTRACK prefixes. > > > I guess it has been already mentioned somewhere, but could you explain > > > NOTRACK prefix here, please? If I understand it right, it disables IBT for > > > the indirect branch instruction meaning that its target does not have to > > > start with ENDBR? > > > > CET-IBT has loads of get-out clauses.? The NOTRACK prefix is one; the > > legacy code bitmap (implicit NOTRACK for whole libraries) is another. > > > > And yes - the purpose of NOTRACK is to exempt a specific indirect branch > > from checks. > > > > GCC can emit NOTRACK'd calls in some cases when e.g. the programmer > > launders a function pointer through (void *), or when > > __attribute__((no_cf_check)) is used explicitly. > > > > > > Each of the get-out clauses has separate enable bits, as each of them > > reduces security.? In this series, Linux sets MSR_S_CET.ENDBR_EN but > > specifically does not set NOTRACK_EN, so NOTRACK prefixes will be > > ignored and suffer #CP if encountered. > > Thanks for the explanation. I would be nice to include it somewhere so > that it is not lost. I'll add something to the Changelog. Thanks!