Received: by 2002:a05:7412:6592:b0:d7:7d3a:4fe2 with SMTP id m18csp1386021rdg; Fri, 11 Aug 2023 22:12:48 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF8P5knSbNdcHNbp2lfrJHN1u74FcUN9EvXLm0eylIL6S8MDE1bIOI8dOnQ4qhv8wyF1O8T X-Received: by 2002:a50:fb8d:0:b0:523:27c:3564 with SMTP id e13-20020a50fb8d000000b00523027c3564mr2996904edq.18.1691817167831; Fri, 11 Aug 2023 22:12:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691817167; cv=none; d=google.com; s=arc-20160816; b=DueamgnAD1mfHNZpg1F+1Ff/YYHOQSTA+OaH0hZ1cvKAN+cDI7ebtnp4qcq1v1k8Y/ hKU25idJl6it0F1MHseyPjpoqIziji7QR0JbzMZXsBE1FI4w5s6TJP15nhwPA5WYmcH9 TDB5RGR/hPR6PHP3L2A4CnZQjPvtaMFy7fSJwXpGP1orowWsk8NHP7Uu8KgPwitg+0qI iYeRe+8e/NRqvvupkjjwAiBtLxtyOT9QBmhi7MAdj7O4q14N6rjvzptBD5t4gKvbJxNN FApiAQCJnO5NKspJJG4PrBExJJooCJfut/4Tz71LPxQcR4iXfTEg9C0deGXB2oY3TJiE 6+lA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:from:subject :message-id:references:mime-version:in-reply-to:date:dkim-signature; bh=tS5bjxGvXHgpjsR89BBAVK24EK+MfHyO8qai22TwsEE=; fh=3BBMP0T1ac+1cwH5mq0rvuAvxGTLlCPGzmfulTFUNfw=; b=JDvTE2snmdlhGE/JL1WNiQQvkHZ2gfJMOqTHclLTcGv9tAFVSH/4DaVWJ/NviH0UmB nWvmDrsVzuwzCIpzpUv3T4H/XXSqZGk5kB6rYq633sx/c1Y5P0pVcNL5k9tm9bnn9iiD eVQiBrFWFZdMTHSpIazQIjoGa2oua41yBKdJ2t7WpeHsA8x9n/Db3EO7H3cTPdoYmbwK audqvj1kHow55GRjpknyK/sAo9v9EJyrwy8adadMvBsqX0OUDbiSrG910VQx4G/iI1zR 8E6Lz5RCzr4uNzSs119bQYgZ8bVTVJJ/65IPqVV/sVg8vGr2C8tpehTLM0d/ZMKHnpDU E8xA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b="0xRjApE/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f24-20020a05640214d800b005223a219e26si4720394edx.191.2023.08.11.22.12.23; Fri, 11 Aug 2023 22:12:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b="0xRjApE/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231894AbjHLC51 (ORCPT + 99 others); Fri, 11 Aug 2023 22:57:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40972 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235412AbjHLC5Z (ORCPT ); Fri, 11 Aug 2023 22:57:25 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 45F553581 for ; Fri, 11 Aug 2023 19:57:24 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id d2e1a72fcca58-686e7b27f55so3359573b3a.2 for ; Fri, 11 Aug 2023 19:57:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691809044; x=1692413844; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id :reply-to; bh=tS5bjxGvXHgpjsR89BBAVK24EK+MfHyO8qai22TwsEE=; b=0xRjApE/U2RYFS+YWsLHyC/7iP6MlrHOrokf6+FnoBtk43mlqfsrwUv8M/FWPvEMxR n/IlPK4ZSgwFLSbugSEe11CEcWK596MYNaTc12vJSoAXiB1Q1S7E8n37GfCZUNiVvLzI mRF9H2wv+hFDorBRRf0l7Sw+fQIW7GKXBv+wgFEO59Y6UibZvqkgqZo5NUb1VE42c153 /A+4DJCLf+ZnVVCqjLqNnGQGAo6FN6HMe3AJ52aiNQVCOQjPj7XO79l+tXRnicRvwlOn T6m2ifmiho+Xy1m3EYbG0oKMwPo60tZZE6K5+uLlTIsCqNkCdnZkE3mujYPrz/swJMoL SLng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691809044; x=1692413844; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=tS5bjxGvXHgpjsR89BBAVK24EK+MfHyO8qai22TwsEE=; b=LRWYcaQbEztBJJfoVAm6tbue92dR3wLosBKeu9+SispM+Mcaq7WJohEOgh2W6kmgez TNnN3Q1vMJZN+dHXobB+OwWBefxQmCUJ1Y7Sn46J1lbE/BN7bWO99J/40XmRrTAjNLdF 87VoKi1Rx3xGOVCRWe0+9OquXDOK055BAVRu7vZK0nYSYTC1tNGOfKjv5ry7VBUSlwD3 H0L6qN4DtTYPKoMW0yAQOnEYcPMpWEUiJPYYE7+KPOdDRuhrFwT+9A5EGgfzfek6ceQ9 TOwQrU3TzOOaYAC4PGP7JgYiqQ6gf9y/f126LwAkfEtpOMBvn3HgNHVZvwBWPKYBtdFJ VPxw== X-Gm-Message-State: AOJu0YwUw+ECiQ5Q9qG6hLz8bW2Cr1R9uSs7kAD+YQBqCgG2XqhYja4l stQRfE8gffSJLHV4Hk5UAtMuILj+hH8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:3928:b0:686:df16:f887 with SMTP id fh40-20020a056a00392800b00686df16f887mr1611366pfb.6.1691809043752; Fri, 11 Aug 2023 19:57:23 -0700 (PDT) Date: Fri, 11 Aug 2023 19:57:22 -0700 In-Reply-To: <8edc91f9-ce20-9528-a496-5b6e650bb63f@redhat.com> Mime-Version: 1.0 References: <20230811155255.250835-1-seanjc@google.com> <8edc91f9-ce20-9528-a496-5b6e650bb63f@redhat.com> Message-ID: Subject: Re: [PATCH] x86/retpoline: Don't clobber RFLAGS during srso_safe_ret() From: Sean Christopherson To: "Mika =?utf-8?B?UGVudHRpbMOk?=" Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, linux-kernel@vger.kernel.org, Srikanth Aithal , kvm@vger.kernel.org, Paolo Bonzini Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 11, 2023, Mika Penttil=C3=A4 wrote: > > @@ -252,11 +252,10 @@ SYM_START(srso_untrain_ret, SYM_L_GLOBAL, SYM_A_N= ONE) > > .byte 0x48, 0xb8 > > SYM_INNER_LABEL(srso_safe_ret, SYM_L_GLOBAL) > > - add $8, %_ASM_SP > > + lea 8(%_ASM_SP), %_ASM_SP > > ret > > int3 > > int3 > > - int3 > > lfence > > call srso_safe_ret > > int3 > >=20 > > base-commit: 25aa0bebba72b318e71fe205bfd1236550cc9534 >=20 > Don't we have the same kind of problems with __x86_return_skl ? Yep, forcing that path via "retbleed=3Dforce retbleed=3Dstuff spectre_v2=3D= retpoline,generic" yields the same failures. I have no idea how to go about cleanly fixing th= at. The logic effectively requires modifying flags, the only thing I can think = of is to save/restore flags across the thunk, which seems beyond gross. Given that no one has complained about this, I think I'd vote to simply dis= able KVM if call depth tracking is being used.