Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp4699407imw;
        Tue, 12 Jul 2022 12:39:58 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1v65GafV2d6eQxzdbxORAMPBWE4NynxXXhZUy+D+caEiN18QjJp9blUUQuXTNwqKXCBpzKU
X-Received: by 2002:a17:903:249:b0:16b:9cf3:596e with SMTP id j9-20020a170903024900b0016b9cf3596emr24936934plh.60.1657654798225;
        Tue, 12 Jul 2022 12:39:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1657654798; cv=none;
        d=google.com; s=arc-20160816;
        b=zKVObuIzNlIclybL7oaFie849wOfaQfGQGtBhjRhK2N8L9jLJKuqNVtqijy89yKdVv
         +0VZqA5sJPwNOKQGonZPbdCE96DJbF2BEV0HcyTkWZAPfYxX6OVNsR3slymZLyzMID37
         kHtdTdsNmkTTAJNhMekOb6kZBzBxrdZudYsYYiZejyc3GX820ZsKxoQbcCFG3jjKD2zu
         SnCq7K58gk9gietvUCTa7SDQ2jKrI9BRWpu7TP3abSOQELbB0e1wSESSZWghjUXVR1sX
         uRdaNw3VwWyjeHW6k1BTHUcFjpws2AKovtpC03+Ia4IPW8gZ51/RmJRaL07vcfb8BT5z
         /C8Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=tTqykePXbf2CISiaonQR8tM5R7CSa1bsR8Dhb9H4EDY=;
        b=KWgcEsaAcMOwgVcbq5LBsaoeYVEiAzqDT0NdwZ1bWGmdavO0ByVDhQHqiGVnrDHt1T
         /m7PZpx1lrsPeBAjt1qGbJXGc1zBSdm6TTcZGbTE7noLfWq9xEqQp2Rl58F+Shsha2zK
         6nhsBZ5je2uolX/kCuhgY3de5xIpdBHiFR6/WYQvorVfRo8J9SVqIok8iX3AYLfco8X+
         kyF6LnpBtdasVhchVRRU8zZFrj+pDz1yjI1ifQq51wH7cqcOVu6iYvlG8ftrRZtaouQZ
         uI54ioGl+cdWTG4ZHGJ/zc1H9BfVUgcswdcBgdjP7T8+QUB3e36WEo42p6Fw/qnoziel
         ZMhQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=r+t1Yg4t;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id s12-20020a056a00194c00b0052ae5ef0149si4106447pfk.230.2022.07.12.12.39.45;
        Tue, 12 Jul 2022 12:39:58 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=r+t1Yg4t;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235727AbiGLTK6 (ORCPT <rfc822;alexzyp@gmail.com> + 99 others);
        Tue, 12 Jul 2022 15:10:58 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60154 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235672AbiGLTIo (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 12 Jul 2022 15:08:44 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B8987FD52E;
        Tue, 12 Jul 2022 11:51:55 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id BDC43B81BAC;
        Tue, 12 Jul 2022 18:51:54 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id EE66FC3411C;
        Tue, 12 Jul 2022 18:51:52 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1657651913;
        bh=PjLflK8MjhM3rqIEBxMhacaCf2idux+fD9l3qP+1hNk=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=r+t1Yg4t3Ok4ksRVOogHOfQblMBGlcnCEPsww3VYhZ2bvnoEZjnKqhgbb6e7yFgCv
         AIAOcRmJWekCT9lasQTlf/XHqQLwSca/3QMyPZ+icoaXLln8+WuvyTgS2BsgJJ/xML
         GEf3TmmpPaXO6K4bMP0irZ6pCWJCXn1cYkovZHI0=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org,
        "Peter Zijlstra (Intel)" <peterz@infradead.org>,
        Borislav Petkov <bp@suse.de>,
        Josh Poimboeuf <jpoimboe@kernel.org>,
        Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Subject: [PATCH 5.18 21/61] x86/entry: Avoid very early RET
Date:   Tue, 12 Jul 2022 20:39:18 +0200
Message-Id: <20220712183237.794875995@linuxfoundation.org>
X-Mailer: git-send-email 2.37.0
In-Reply-To: <20220712183236.931648980@linuxfoundation.org>
References: <20220712183236.931648980@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-7.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Peter Zijlstra <peterz@infradead.org>

commit 7c81c0c9210c9bfab2bae76aab2999de5bad27db upstream.

Commit

  ee774dac0da1 ("x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()")

manages to introduce a CALL/RET pair that is before SWITCH_TO_KERNEL_CR3,
which means it is before RETBleed can be mitigated.

Revert to an earlier version of the commit in Fixes. Down side is that
this will bloat .text size somewhat. The alternative is fully reverting
it.

The purpose of this patch was to allow migrating error_entry() to C,
including the whole of kPTI. Much care needs to be taken moving that
forward to not re-introduce this problem of early RETs.

Fixes: ee774dac0da1 ("x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()")
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 arch/x86/entry/entry_64.S |   12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

--- a/arch/x86/entry/entry_64.S
+++ b/arch/x86/entry/entry_64.S
@@ -317,14 +317,6 @@ SYM_CODE_END(ret_from_fork)
 #endif
 .endm
 
-/* Save all registers in pt_regs */
-SYM_CODE_START_LOCAL(push_and_clear_regs)
-	UNWIND_HINT_FUNC
-	PUSH_AND_CLEAR_REGS save_ret=1
-	ENCODE_FRAME_POINTER 8
-	RET
-SYM_CODE_END(push_and_clear_regs)
-
 /**
  * idtentry_body - Macro to emit code calling the C function
  * @cfunc:		C function to be called
@@ -332,8 +324,8 @@ SYM_CODE_END(push_and_clear_regs)
  */
 .macro idtentry_body cfunc has_error_code:req
 
-	call push_and_clear_regs
-	UNWIND_HINT_REGS
+	PUSH_AND_CLEAR_REGS
+	ENCODE_FRAME_POINTER
 
 	/*
 	 * Call error_entry() and switch to the task stack if from userspace.