Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp254390pxp; Fri, 11 Mar 2022 03:45:56 -0800 (PST) X-Google-Smtp-Source: ABdhPJyWF/sw4nU7RFCQ+uMkRLpXBN3bRkzlb9LpEMhoowjNwyCdVqGagirvuHo/0j7hTkjM2PlA X-Received: by 2002:a17:906:ce23:b0:6cf:7203:ded6 with SMTP id sd3-20020a170906ce2300b006cf7203ded6mr8171629ejb.170.1646999156454; Fri, 11 Mar 2022 03:45:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646999156; cv=none; d=google.com; s=arc-20160816; b=m4IBduda/T9+oC+yBhRMnyJTKtPSz5GWPOgC9Sn83d6oq/Mkfy5wZ0zkzweTMMieKd OXQfplJDbQVNqH6hcL3aMbXoa14mqyPdD91SC6SxnZPfAKr/lQstmPXeF01Urr2niATG Qxi1IKSmutdLsfQbnjcsJm8i9i8wPKP40w6JRRsHtGlOOGDCZk7G1M3CTq8gdUqchGsj A92ramd52ykxz8fN4NSFWmkYsya49jKvSumR+By+FW+zK4kx8yJkwWtnkV5xoI3drgDH yS8ESltMWcuxJyEnBbxurFeoA88hVyxqFBv8GoGUuO6rkG8uRqDxpHAYrNsartlQz5Wo NoqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=LoJnjb1eTkY6RbpEBPOSq+mDiZAbj8l9xQTfBcxy8oU=; b=OuadAbIOPfUMh5MUMXGbANcrMLVVPN23RpOVtY12TvwUGfgG9l/RW2xHbokbLTDjUS VoZC8KoAZqezRtoTwfcFoJfaTTqOA1iAc2XN3SdA6ic6shmkdFP951RPWbRaxx97ja5G NLeYwNXXAt+OW0Gh65DzxQeMqIpzO/qAF1EpA1XRipbdtYtlflKhLZywMxdwzBQ2m+YF DnyYAvYAG9/v3R9DUtZYewEa/3xUB69DHNKuv2BfAqX62xLK0Wb8liCi8Tbx942Y/hvY dQlw7/tNu/7Egoa1TZQUxKQrAPTbx3l7HG0dJ1oCik6ylhELW1nAGssd+6Mfwj+6cRIk zlQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Y7FvDAJs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t3-20020a056402524300b004166565a589si5597018edd.80.2022.03.11.03.45.31; Fri, 11 Mar 2022 03:45:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Y7FvDAJs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244788AbiCJUuq (ORCPT + 99 others); Thu, 10 Mar 2022 15:50:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35050 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236624AbiCJUup (ORCPT ); Thu, 10 Mar 2022 15:50:45 -0500 Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 347DF187E1A for ; Thu, 10 Mar 2022 12:49:43 -0800 (PST) Received: by mail-lf1-x132.google.com with SMTP id 3so11574178lfr.7 for ; Thu, 10 Mar 2022 12:49:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LoJnjb1eTkY6RbpEBPOSq+mDiZAbj8l9xQTfBcxy8oU=; b=Y7FvDAJsL40Mo2PA9+bZiLPYtKMnLPXzXJ5HLFicNxmCzZdjJYLjv5yqpsyhCi7vOr CD+QPTbXobrKHAuNAA7EVyR6s5AJ2oTb3lHlMncdUyYPQ4ai6e5Om/5yCjw+F2P89/hF lzvVtisopmYw9PsQWFgxf4X1aLVZkcgRXPVxUBeu2A8j9m7lL4/+HuQTMMTU8yAuUPIr /9UskIi+Izx38o1RWUn/mGiOU115InWglwpA0y6MGBMTHlx/0TvsozCBTKVyaBjguFqC U25qw5VYUkLud9lfcYzlxnt+DNX0zT/h2pGf4bXY+rXL37GWa3nX4nAjILfxiBwfELTC y3yg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LoJnjb1eTkY6RbpEBPOSq+mDiZAbj8l9xQTfBcxy8oU=; b=HPOZUAFjeo93Ij+4bA4poGIj1edbsBShVlKHZ82yB2O6Yu1VIwuWso+AUvU8B9Az9+ zG0V3l7xU1sh2p7b/imeA2VMEG5aGIaa7AftEhaU0Ls5qw42pXxZonOrjfKelqLCIFV5 RRl3ovcnLmn8obTXCXiW9LCaqNxG2CCsPn84NGWk2p3FWa1yBFitfeIPNHqWZnUpdBMa Myb7eQ73XeJpm7BTag6bgwmxMymtikOiGyjsiRcaERclezEOdk3CZBQyi9ACGFvniaJ3 nxj39tGK6n24gOUyl4PFiVnN4zdBC7Mvs4jkuV7nPWdjEhH5x4EQ+ZwOSPa6MbB9qSdK GzxA== X-Gm-Message-State: AOAM533lMLot7qwK9whe4DjWIYyg7Grvu1XCAWSyhZWl3HZSrpT5UOoL A+DKlGcIxeAiBkjFUsLlk/PavBXqP6A9IpWiZEUHMg== X-Received: by 2002:a05:6512:31d4:b0:445:e4ef:c0f8 with SMTP id j20-20020a05651231d400b00445e4efc0f8mr4046529lfe.626.1646945381031; Thu, 10 Mar 2022 12:49:41 -0800 (PST) MIME-Version: 1.0 References: <20220308153011.021123062@infradead.org> <20220308200052.rpr4vkxppnxguirg@ast-mbp.dhcp.thefacebook.com> <184d593713ca4e289ddbd7590819eddc@AcuMS.aculab.com> In-Reply-To: From: Nick Desaulniers Date: Thu, 10 Mar 2022 12:49:29 -0800 Message-ID: Subject: Re: [PATCH v4 00/45] x86: Kernel IBT To: Peter Zijlstra Cc: David Laight , Alexei Starovoitov , "x86@kernel.org" , "joao@overdrivepizza.com" , "hjl.tools@gmail.com" , "jpoimboe@redhat.com" , "andrew.cooper3@citrix.com" , "linux-kernel@vger.kernel.org" , "keescook@chromium.org" , "samitolvanen@google.com" , "mark.rutland@arm.com" , "alyssa.milburn@intel.com" , "mbenes@suse.cz" , "rostedt@goodmis.org" , "mhiramat@kernel.org" , "daniel@iogearbox.net" , "andrii@kernel.org" , "bpf@vger.kernel.org" , "llvm@lists.linux.dev" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 10, 2022 at 2:16 AM Peter Zijlstra wrote: > > On Thu, Mar 10, 2022 at 09:22:59AM +0000, David Laight wrote: > > From: Peter Zijlstra > > > Sent: 10 March 2022 09:05 > > > > > > On Wed, Mar 09, 2022 at 04:30:28PM -0800, Nick Desaulniers wrote: > > > > > > > I observed the following error when building with > > > > CONFIG_LTO_CLANG_FULL=y enabled: > > > > > > > > ld.lld: error: ld-temp.o :7:2: symbol 'ibt_selftest_ip' is > > > > already defined > > > > ibt_selftest_ip: > > > > ^ > > > > > > > > Seems to come from > > > > commit a802350ba65a ("x86/ibt: Add IBT feature, MSR and #CP handling") > > > > > > > > Commenting out the label in the inline asm, I then observed: > > > > vmlinux.o: warning: objtool: identify_cpu()+0x6d0: sibling call from > > > > callable instruction with modified stack frame > > > > vmlinux.o: warning: objtool: identify_cpu()+0x6e0: stack state > > > > mismatch: cfa1=4+64 cfa2=4+8 > > > > These seemed to disappear when I kept CONFIG_LTO_CLANG_FULL=y but then > > > > disabled CONFIG_X86_KERNEL_IBT. (perhaps due to the way I hacked out > > > > the ibt_selftest_ip label). > > > > > LTO has probably inlined it twice. > > Indeed, adding noinline to ibt_selftest() makes it work. Yep, that LGTM. If you end up sticking that as a patch on top: Reported-by: Nick Desaulniers Reviewed-by: Nick Desaulniers For the kernel IBT series @ v4 plus this diff: Tested-by: Nick Desaulniers # llvm build, non-IBT boot > > > --- > diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c > index d8bbc705efe5..0c737cc31ee5 100644 > --- a/arch/x86/kernel/alternative.c > +++ b/arch/x86/kernel/alternative.c > @@ -781,7 +781,8 @@ int3_exception_notify(struct notifier_block *self, unsigned long val, void *data > return NOTIFY_STOP; > } > > -static void __init int3_selftest(void) > +/* Must be noinline to ensure uniqueness of int3_selftest_ip. */ > +static noinline void __init int3_selftest(void) > { > static __initdata struct notifier_block int3_exception_nb = { > .notifier_call = int3_exception_notify, > @@ -794,9 +795,8 @@ static void __init int3_selftest(void) > /* > * Basically: int3_magic(&val); but really complicated :-) > * > - * Stick the address of the INT3 instruction into int3_selftest_ip, > - * then trigger the INT3, padded with NOPs to match a CALL instruction > - * length. > + * INT3 padded with NOP to CALL_INSN_SIZE. The int3_exception_nb > + * notifier above will emulate CALL for us. > */ > asm volatile ("int3_selftest_ip:\n\t" > ANNOTATE_NOENDBR > diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c > index 837cc3c7d4f4..fb89a2f1011f 100644 > --- a/arch/x86/kernel/traps.c > +++ b/arch/x86/kernel/traps.c > @@ -214,7 +214,7 @@ DEFINE_IDTENTRY(exc_overflow) > > static __ro_after_init bool ibt_fatal = true; > > -void ibt_selftest_ip(void); /* code label defined in asm below */ > +extern void ibt_selftest_ip(void); /* code label defined in asm below */ > > enum cp_error_code { > CP_EC = (1 << 15) - 1, > @@ -238,7 +238,7 @@ DEFINE_IDTENTRY_ERRORCODE(exc_control_protection) > if (WARN_ON_ONCE(user_mode(regs) || (error_code & CP_EC) != CP_ENDBR)) > return; > > - if (unlikely(regs->ip == (unsigned long)ibt_selftest_ip)) { > + if (unlikely(regs->ip == (unsigned long)&ibt_selftest_ip)) { (Though adding the address of operator & to the function name in the comparisons isn't strictly necessary; functions used in expressions "decay" into function pointers; I guess the standard calls these "function designators." I see that's been added to be consistent between the two...See 6.3.2.1.4 of http://open-std.org/jtc1/sc22/wg14/www/docs/n2731.pdf pdf page 62/printed page 46.) > regs->ax = 0; > return; > } > @@ -252,7 +252,8 @@ DEFINE_IDTENTRY_ERRORCODE(exc_control_protection) > BUG(); > } > > -bool ibt_selftest(void) > +/* Must be noinline to ensure uniqueness of ibt_selftest_ip. */ > +noinline bool ibt_selftest(void) > { > unsigned long ret; > -- Thanks, ~Nick Desaulniers