Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp5798635imw;
        Wed, 20 Jul 2022 12:47:48 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1tagrnWzuUZLVYwh4gjTykmYtetSinKL/4ClvfqZKQEWXCA/nHNXxRnKM5F8wlEhmtnzTOd
X-Received: by 2002:a17:902:7203:b0:16d:2e40:a074 with SMTP id ba3-20020a170902720300b0016d2e40a074mr1066809plb.91.1658346467752;
        Wed, 20 Jul 2022 12:47:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1658346467; cv=none;
        d=google.com; s=arc-20160816;
        b=0oh6bRieisvdAea2xKBN5pF+rx5Er+E+ljW5yVRb3Rz5NQzFO7NxOXAfXmGPd9rqO7
         0iNzrice/D3WGMdiEPOns4UhUwsMDDdhevmuw2qw6jxPP7nmG+B9eBRtGslaEIifK0/n
         LUrGh1QzoUTi2/yNKdcJqPsA1ovTV97xvSxALmFXLg+YmrJ91BgjcPYu5GCUGaX8H3qR
         SNU+awKpKl1OXneirIoRsTciUaTMqYlN9CMK8WiNbTG/JQ7iYGnrVtMQymJUhCKvYfUy
         Nty3KruoxrcBXJkbYYzuJXEiClYok1miys8BV/KrehBiKW94cFZc0u6Ej5fWR1qXJD/6
         OiYg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=j+rbnmIVttFmz/uuShV8y1jg3drpXSzAEs8pdF4t6As=;
        b=uDujh3BzaMC/sY4xjaSqN+rMZT61CjO5+j5LYgwV+p3TGou2KbB+kqyaYIcFPN5G5A
         7cugw3gZQo+NwpIGA2++S5gDAs4xOHFhfHdG5U5kF78cQubw2aVKwyqZ+RrRKFNHx4E6
         3oWVoxwrWcMjbwBpnhuBqIH1PvJjhME+SzSAUOuJJQHoCGydLR5c5mBf8uhZSqcz5mLA
         a2iCyp6KoIwiSkCRyEctBm7BpK+7y7MS350v6L+HoPYrRi61CDJegSR76HKrr6Ms172Q
         zVuVshyVbQ5b3y3ipP/u7NVJi8NVUqtc8faXYaK8UT8JjOi0W0ftac4T38ukCaIjjaaM
         8zzQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=hcyVGQqH;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id u3-20020a634703000000b0040d2ada47fbsi23063239pga.465.2022.07.20.12.47.33;
        Wed, 20 Jul 2022 12:47:47 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=hcyVGQqH;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236403AbiGTTgq (ORCPT <rfc822;algowarbles@gmail.com>
        + 99 others); Wed, 20 Jul 2022 15:36:46 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43458 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236244AbiGTTgl (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 20 Jul 2022 15:36:41 -0400
Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73C726392D
        for <linux-kernel@vger.kernel.org>; Wed, 20 Jul 2022 12:36:40 -0700 (PDT)
Received: by mail-pj1-x1030.google.com with SMTP id b7-20020a17090a12c700b001f20eb82a08so3044369pjg.3
        for <linux-kernel@vger.kernel.org>; Wed, 20 Jul 2022 12:36:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to;
        bh=j+rbnmIVttFmz/uuShV8y1jg3drpXSzAEs8pdF4t6As=;
        b=hcyVGQqH/qxwqhCq/lVqNZAlqOACilKr+0G2pQqrCX/SercLmJnbXLSAY5ypWfLg5j
         a59eub7SkrFb7g3s0HWIm1Ikjuw21iznx3UuZCbIKhIVXtxp3CLwy9rrzlIzOG22Rciy
         nTVslGl78duDRWDIw+wC+z0roIBt7pm5KtCds=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to;
        bh=j+rbnmIVttFmz/uuShV8y1jg3drpXSzAEs8pdF4t6As=;
        b=A9ksIcmy6rJif/k2DkyrFPvwR0FKrCOMZn+3CjXWUy4dwhHTDyW/2ij5n9/hcBU5tl
         Qg7HXyyAbdZabCm2gxtlV6lfIVUBTaa1aaBIhK6lQy2N3je4vCvWQQaJjmKCdacE+Bx4
         aoln9Rgj5ipuQn0h65PSeznpUrQwOiZr7azlyTLu8OLIxBmus6kOqdo4zbwKFkUlORUt
         WPsQl1Tybt8aD7sgVV/3s/tM7I1VvqHx2Ojg+sus8r0UPLNyZt58q/pXqctxCukAuXVk
         f4W02QNKYXnqM11WsxLpw/Nw8wNAQDQc/11nF2yQFu8koY8UVAqeZyYQVwNWvz31sUQF
         sVcQ==
X-Gm-Message-State: AJIora875x49JVFdfQBegzC+Ts3aVL1cQtE7BfEx41H36MUS2UhpTAku
        g7Wq91SW9BRuyyJto3+SZMz4iQ==
X-Received: by 2002:a17:902:b7c4:b0:16b:e3d0:c0fe with SMTP id v4-20020a170902b7c400b0016be3d0c0femr39897632plz.98.1658345799713;
        Wed, 20 Jul 2022 12:36:39 -0700 (PDT)
Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163])
        by smtp.gmail.com with ESMTPSA id ru6-20020a17090b2bc600b001f229f8d7bdsm192698pjb.16.2022.07.20.12.36.39
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 20 Jul 2022 12:36:39 -0700 (PDT)
Date:   Wed, 20 Jul 2022 12:36:38 -0700
From:   Kees Cook <keescook@chromium.org>
To:     Linus Torvalds <torvalds@linux-foundation.org>
Cc:     Steven Rostedt <rostedt@goodmis.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        LKML <linux-kernel@vger.kernel.org>,
        the arch/x86 maintainers <x86@kernel.org>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Josh Poimboeuf <jpoimboe@kernel.org>,
        Andrew Cooper <Andrew.Cooper3@citrix.com>,
        Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
        Johannes Wikner <kwikner@ethz.ch>,
        Alyssa Milburn <alyssa.milburn@linux.intel.com>,
        Jann Horn <jannh@google.com>, "H.J. Lu" <hjl.tools@gmail.com>,
        Joao Moreira <joao.moreira@intel.com>,
        Joseph Nuzman <joseph.nuzman@intel.com>,
        Juergen Gross <jgross@suse.com>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>
Subject: Re: [patch 00/38] x86/retbleed: Call depth tracking mitigation
Message-ID: <202207201219.8EA905372@keescook>
References: <20220716230344.239749011@linutronix.de>
 <20220720125736.48164a14@gandalf.local.home>
 <CAHk-=wh=Yjy=DmGzzGj-ivyx_w45AHh35eDkpGtajaiO+TX38A@mail.gmail.com>
 <Ytg6UD+0F6zv981o@worktop.programming.kicks-ass.net>
 <20220720135016.3178ffc6@gandalf.local.home>
 <CAHk-=wjdQbdQGKkQxxEcWoUp4SRmBWm=3bS20SbaVe8cLgKLgg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAHk-=wjdQbdQGKkQxxEcWoUp4SRmBWm=3bS20SbaVe8cLgKLgg@mail.gmail.com>
X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Jul 20, 2022 at 11:07:26AM -0700, Linus Torvalds wrote:
> On Wed, Jul 20, 2022 at 10:50 AM Steven Rostedt <rostedt@goodmis.org> wrote:
> >
> > [    2.464117] missing return thunk: lkdtm_rodata_do_nothing+0x0/0x8-lkdtm_rodata_do_nothing+0x5/0x8: e9 00 00 00 00
> 
> Well, that looks like a "jmp" instruction that has never been relocated.

Peter, Josh, and I drilled down into this recently[1] and discussed
some solutions[2].

This test is doing what's expected: it needed an arch-agnostic way to do
a "return", and when the way to do that changed, it also changed (which
would normally be good, but in this case broke it). It's been happily
being used as part of the per-section architectural behavior testing[3]
of execution-vs-expected-memory-permissions for quite a long while now.

I'd rather not remove it (or do it dynamically) since the point is to
test what has been generated by the toolchain/build process and stuffed
into the .rodata section. i.e. making sure gadgets there can't be
executed, that the boot-time section permission-setting works correctly,
etc. Before the retbleed mitigation, this test worked for all
architectures; I'd hate to regress it. :(

-Kees

[1] https://lore.kernel.org/lkml/Ys66hwtFcGbYmoiZ@hirez.programming.kicks-ass.net/
[2] https://lore.kernel.org/lkml/20220713213133.455599-1-keescook@chromium.org/
[3] e.g. https://linux.kernelci.org/test/plan/id/62d61ee8ef31e0f0faa39bff/

-- 
Kees Cook