| Message ID | 20231010171020.462211-4-david.kaplan@amd.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:2908:b0:403:3b70:6f57 with SMTP id ib8csp12039vqb;
Tue, 10 Oct 2023 10:11:31 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IGh0kYytZYr5TEJA/nGLtkrcJ07B0dueQ0aahjySnip8kb5tyEqOVGieGUqzGTbkQrtdNUX
X-Received: by 2002:a05:6a20:7fa8:b0:159:c2d0:9fc6 with SMTP id
d40-20020a056a207fa800b00159c2d09fc6mr23975933pzj.8.1696957891162;
Tue, 10 Oct 2023 10:11:31 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1696957891; cv=pass;
d=google.com; s=arc-20160816;
b=DAm/uJAkcoELo63aoH8gh99Jvkag4uB3vc5dpxFXmWl7CpfSw5Bs3Sr69SqlGigRBt
/3361mtKKdWEBCIl9McMN6fafVvpizI0fNB6rU74MUQemknQ4tSs+OvJpPb6Df534eYV
lqlWpZoUoszxbE9k/syL0mIuyNGGglYFqCRkFPJO0z9sNXJF0OykUxExdExifySU8lJ8
xHXY+uFiht0KWkUghJZ3QJFtonorUTR44kX+KVAuJCJlaS/FW4rJ1lV27y3OgsYFQEA3
+4jvwSohaQjJxYlbfk4AsErlgNA5/BJ1E92l/8q2I0XEHhi2BI3jbsQD8eSNh8h6GcxI
rbhA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:dkim-signature;
bh=ShsxksQCBU+sYJtQmS5RnFGE4ATRkKsS1l9HZ71b+WI=;
fh=mVUpxsDEUPK3Aj+B/5Eb1ZAwKjNSV9Pb4KUQcow5Ypk=;
b=mbT9qbK4ibCTn140MmEKdAkQIEXb0ZRrUXXh5sRnN8wFcLmwrHVC6Ks7blbqEkKhob
j2nezoTBiw6BjBWBSZbGID3j52B37sYsKW7ZNrFsUQjNd60+QfgHZ5detee0OKbTrQxb
QUJk2thLeiD4toahntbao5O43Q71PXyH8Vvho/0rsE2opK68kzuYLd36gu138IbQG7GU
Kzldxp3G+Y9Lp+tbD07TDcgWy1nLMsr2rjy8+wmI8zuoPQvhs6qWDL2OwWBH+XH53sla
u3J3ePJLuAUwT/sdZe01w4eUOO0bPJl/qRnUoRFxVcHt3QyKeDawS47u7G4psgllc03M
K0sw==
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@amd.com header.s=selector1 header.b=SNM4fg6l;
arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass
fromdomain=amd.com);
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.34 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com
Received: from howler.vger.email (howler.vger.email. [23.128.96.34])
by mx.google.com with ESMTPS id
b75-20020a63344e000000b005859aec9406si2021685pga.16.2023.10.10.10.11.30
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 10 Oct 2023 10:11:31 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.34 as permitted sender) client-ip=23.128.96.34;
Authentication-Results: mx.google.com;
dkim=pass header.i=@amd.com header.s=selector1 header.b=SNM4fg6l;
arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass
fromdomain=amd.com);
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.34 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by howler.vger.email (Postfix) with ESMTP id 8864F806114E;
Tue, 10 Oct 2023 10:11:28 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S233505AbjJJRKu (ORCPT <rfc822;rua109.linux@gmail.com>
+ 20 others); Tue, 10 Oct 2023 13:10:50 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51918 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S233629AbjJJRKr (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 10 Oct 2023 13:10:47 -0400
Received: from NAM11-CO1-obe.outbound.protection.outlook.com
(mail-co1nam11on2043.outbound.protection.outlook.com [40.107.220.43])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 989D194
for <linux-kernel@vger.kernel.org>;
Tue, 10 Oct 2023 10:10:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=g72D7d0WCfwGKUAWg3b4rQhoLLFL8qVvwygSAOvomcSIIuwzBXXhL+H1ANkHWvzX/bh6ypqW9A2fg3uA7jxgW+lJY1KAiD4hCO+mqATAgyTibxMWCPOAkeEi8Kbf8U055jCZHEkz5Ljr7AnfOod9uRYyJiqqF/y5I2yIpOtsPn71xItSH12AOs3VafmoVvZusyffzZ95su1KWvAUWtAH/upFLmSQZhOIN/UsIVKVDSfcG3tjyo/+Y1Y9IB/vieXmL5lkqjFaMx2XQJ94JoNjZGbQsauUwBo7O8n0kZZgggOHbHzY6pXnAk31N0lg9sl2TLxIjYocskf3FcFfXF4E8w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=ShsxksQCBU+sYJtQmS5RnFGE4ATRkKsS1l9HZ71b+WI=;
b=nuIpmIWFtpQqssdjRkJpCGYrzlrKuaEC/Os/XcfnJI6iMBL3DQpIxRl9Bx/BGmvj+bsXPKniqZg08GRXBlD6W1Hz9xOSdUlTjJnKCBkmWgIjRXTN3LBW6gzKTTpeIDNKvIteI9thJJ5ekYdyLvRfhmZiV4JOxWTCOOvaVf6h46zPudyBLggapIX2aT927qlKqBMI067p2UEIEwqhkQ6GRbfROXz4NiKaXABrKHt9jbFkTmJQB87XYv8Ix4j5UzOeuNs2W23/9UoozA1YowPLhZPwag4xldzNJZdT8fY9U4pwsrX4YjGfIviAP/EY3i1EXNBGlqNAoj91QfY9fxtvDg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
165.204.84.17) smtp.rcpttodomain=kernel.org smtp.mailfrom=amd.com; dmarc=pass
(p=quarantine sp=quarantine pct=100) action=none header.from=amd.com;
dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=ShsxksQCBU+sYJtQmS5RnFGE4ATRkKsS1l9HZ71b+WI=;
b=SNM4fg6l135k1zowTtRq5K+6vSPkZCpD65214wzqEsazJkrgocqUDocvLEUtpCYniWSLQSLMvJZUZeHS0yyz6PSC6l/19h4qzteRa7p72R0Ijr5l+7QGixg8x3zR1lNRCAquxObA5TkLAzv6dovnhcG0FvqPKw9dcJ36TFOZ1ag=
Received: from MW4P220CA0013.NAMP220.PROD.OUTLOOK.COM (2603:10b6:303:115::18)
by IA0PR12MB8227.namprd12.prod.outlook.com (2603:10b6:208:406::15) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38; Tue, 10 Oct
2023 17:10:40 +0000
Received: from CO1PEPF000044F7.namprd21.prod.outlook.com
(2603:10b6:303:115:cafe::5d) by MW4P220CA0013.outlook.office365.com
(2603:10b6:303:115::18) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38 via Frontend
Transport; Tue, 10 Oct 2023 17:10:40 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
smtp.mailfrom=amd.com; dkim=none (message not signed)
header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
165.204.84.17 as permitted sender) receiver=protection.outlook.com;
client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
Received: from SATLEXMB04.amd.com (165.204.84.17) by
CO1PEPF000044F7.mail.protection.outlook.com (10.167.241.197) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.20.6907.6 via Frontend Transport; Tue, 10 Oct 2023 17:10:40 +0000
Received: from tiny.amd.com (10.180.168.240) by SATLEXMB04.amd.com
(10.181.40.145) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Tue, 10 Oct
2023 12:10:37 -0500
From: David Kaplan <david.kaplan@amd.com>
To: <x86@kernel.org>, <luto@kernel.org>
CC: <linux-kernel@vger.kernel.org>
Subject: [PATCH 3/3] x86/retpoline: Ensure default return thunk isn't used at
runtime
Date: Tue, 10 Oct 2023 12:10:20 -0500
Message-ID: <20231010171020.462211-4-david.kaplan@amd.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20231010171020.462211-1-david.kaplan@amd.com>
References: <20231010171020.462211-1-david.kaplan@amd.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com
(10.181.40.145)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: CO1PEPF000044F7:EE_|IA0PR12MB8227:EE_
X-MS-Office365-Filtering-Correlation-Id: ae2c7f24-709c-4f95-0a33-08dbc9b3d463
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info:
50r1pv1iS8iN6ApKzm7EAU74/GG84G1cpJbP3eTkRS9r3bSmKrgI++C4TCygqzjv6MPPI2+V8USSqosJ3EaK3AT/Cdf+WnyXircevwWPbKZ57gG61HsSBVfM+4AU87yhfNSJFzHXGxhyOsjnW43v0V2JssEfmO6CRW17rnzAqk2VURoS9JtzF+XqVSEsIyT37G82A3TNwtGsKs6MgMeygU/GD6CDyyFup0h3sSloIg4mV3FI/bjIxlx/DFzJ1wEqhkI2B6eCPMS2bYtMMhov0gbrJ9J2+ec02ZpbcUJxkNWbcfG2CX1NOqRmIONW6CMeHbo0kOBoL+2vZURkyPTMiMk7FxVU3sGKcrzpbzO6/6ZRex+krM82txEBkyvEAtB9omPG94Tz+t1/5Nn+V934oGH0yoWz/ysKx/uCagpMNfDdtshncScsCo1Up3yXBOMcqktMNIp12ptv+gSv+/9tb0PS1ZnXHSYlF3NuCfZl/uQS+mevi5dbME+PD32QjIqmyIDXXC8OvxpGftH+HTdTz+pgS1qzcptXqlRikw8reSF0iinfDPPCerZeitSFcmvJAFQzIslrll4PdSz431Ii6Lh9CCMmmXLWRASNGAx3HHpZ6FADKu4eym4AbE+XyC3S8LFBu+iwwzLnEjeUjuAbN5iDiNUSK+14rcmcTPG7sQZ9hvv9HDKoks3DU84ibid1ZlA+HWODSFi57W7q/4OFiLLKZ530jgkxNvoIm6dDkCk=
X-Forefront-Antispam-Report:
CIP:165.204.84.17;CTRY:;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(136003)(396003)(376002)(346002)(230922051799003)(64100799003)(186009)(1800799009)(82310400011)(451199024)(36840700001)(46966006)(40470700004)(40460700003)(1076003)(7696005)(478600001)(6666004)(47076005)(426003)(336012)(26005)(16526019)(83380400001)(2906002)(5660300002)(70586007)(70206006)(110136005)(8676002)(44832011)(8936002)(4326008)(316002)(41300700001)(356005)(82740400003)(36860700001)(2616005)(81166007)(36756003)(86362001)(40480700001)(36900700001);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2023 17:10:40.0927
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id:
ae2c7f24-709c-4f95-0a33-08dbc9b3d463
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp:
TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource:
CO1PEPF000044F7.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8227
X-Spam-Status: No, score=2.7 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
MAILING_LIST_MULTI,RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS autolearn=no
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]);
Tue, 10 Oct 2023 10:11:28 -0700 (PDT)
X-Spam-Level: **
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1779389318000603171
X-GMAIL-MSGID: 1779389318000603171
|
| Series |
Ensure default return thunk isn't used at runtime
|
|
Commit Message
Kaplan, David
Oct. 10, 2023, 5:10 p.m. UTC
All CPU bugs that require a return thunk define a special return thunk
to use (e.g., srso_return_thunk). The default thunk,
__x86_return_thunk, should never be used after apply_returns() completes.
Otherwise this could lead to potential speculation holes.
Enforce this by replacing this thunk with a ud2 when alternatives are
applied. Alternative instructions are applied after apply_returns().
The default thunk is only used during kernel boot, it is not used during
module init since that occurs after apply_returns().
Signed-off-by: David Kaplan <david.kaplan@amd.com>
---
arch/x86/lib/retpoline.S | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
Comments
On Tue, Oct 10, 2023 at 12:10:20PM -0500, David Kaplan wrote: > All CPU bugs that require a return thunk define a special return thunk > to use (e.g., srso_return_thunk). The default thunk, > __x86_return_thunk, should never be used after apply_returns() completes. > Otherwise this could lead to potential speculation holes. > > Enforce this by replacing this thunk with a ud2 when alternatives are > applied. Alternative instructions are applied after apply_returns(). > > The default thunk is only used during kernel boot, it is not used during > module init since that occurs after apply_returns(). > > Signed-off-by: David Kaplan <david.kaplan@amd.com> > --- > arch/x86/lib/retpoline.S | 8 +++++--- > 1 file changed, 5 insertions(+), 3 deletions(-) > > diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S > index 3da768a71cf9..10212cf4a9af 100644 > --- a/arch/x86/lib/retpoline.S > +++ b/arch/x86/lib/retpoline.S > @@ -358,15 +358,17 @@ SYM_FUNC_END(call_depth_return_thunk) > * This function name is magical and is used by -mfunction-return=thunk-extern > * for the compiler to generate JMPs to it. > * > - * This code is only used during kernel boot or module init. All > + * This code is only used during kernel boot. All > * 'JMP __x86_return_thunk' sites are changed to something else by > * apply_returns(). > + * > + * This thunk is turned into a ud2 to ensure it is never used at runtime. > + * Alternative instructions are applied after apply_returns(). > */ > SYM_CODE_START(__x86_return_thunk) > UNWIND_HINT_FUNC > ANNOTATE_NOENDBR > - ANNOTATE_UNRET_SAFE > - ret > + ALTERNATIVE __stringify(ANNOTATE_UNRET_SAFE;ret),"ud2", X86_FEATURE_RETHUNK If it's truly never used after boot (even for non-rethunk cases) then can we use X86_FEATURE_ALWAYS?
[AMD Official Use Only - General] > -----Original Message----- > From: Josh Poimboeuf <jpoimboe@kernel.org> > Sent: Tuesday, October 10, 2023 2:37 PM > To: Kaplan, David <David.Kaplan@amd.com> > Cc: x86@kernel.org; luto@kernel.org; linux-kernel@vger.kernel.org > Subject: Re: [PATCH 3/3] x86/retpoline: Ensure default return thunk isn't used > at runtime > > > * > > - * This code is only used during kernel boot or module init. All > > + * This code is only used during kernel boot. All > > * 'JMP __x86_return_thunk' sites are changed to something else by > > * apply_returns(). > > + * > > + * This thunk is turned into a ud2 to ensure it is never used at runtime. > > + * Alternative instructions are applied after apply_returns(). > > */ > > SYM_CODE_START(__x86_return_thunk) > > UNWIND_HINT_FUNC > > ANNOTATE_NOENDBR > > - ANNOTATE_UNRET_SAFE > > - ret > > + ALTERNATIVE __stringify(ANNOTATE_UNRET_SAFE;ret),"ud2", > > + X86_FEATURE_RETHUNK > > If it's truly never used after boot (even for non-rethunk cases) then can we use > X86_FEATURE_ALWAYS? > I think that could work. There is one subtlety though I'll point out: The use of __x86_return_thunk when X86_FEATURE_RETHUNK is set is a potential security issue, as it means the required return thunk is not being used. The use of __x86_return_thunk when X86_FEATURE_RETHUNK is not set is only a performance issue, as it means there is a return that was not rewritten to be an inline 'ret' by apply_returns(). The ud2 was primarily intended to capture cases where there is a potential security hole, while it is a bit overkill just to point out a return that was not optimized. --David Kaplan
On Tue, Oct 10, 2023 at 08:14:33PM +0000, Kaplan, David wrote: > [AMD Official Use Only - General] > > > -----Original Message----- > > From: Josh Poimboeuf <jpoimboe@kernel.org> > > Sent: Tuesday, October 10, 2023 2:37 PM > > To: Kaplan, David <David.Kaplan@amd.com> > > Cc: x86@kernel.org; luto@kernel.org; linux-kernel@vger.kernel.org > > Subject: Re: [PATCH 3/3] x86/retpoline: Ensure default return thunk isn't used > > at runtime > > > > > * > > > - * This code is only used during kernel boot or module init. All > > > + * This code is only used during kernel boot. All > > > * 'JMP __x86_return_thunk' sites are changed to something else by > > > * apply_returns(). > > > + * > > > + * This thunk is turned into a ud2 to ensure it is never used at runtime. > > > + * Alternative instructions are applied after apply_returns(). > > > */ > > > SYM_CODE_START(__x86_return_thunk) > > > UNWIND_HINT_FUNC > > > ANNOTATE_NOENDBR > > > - ANNOTATE_UNRET_SAFE > > > - ret > > > + ALTERNATIVE __stringify(ANNOTATE_UNRET_SAFE;ret),"ud2", > > > + X86_FEATURE_RETHUNK > > > > If it's truly never used after boot (even for non-rethunk cases) then can we use > > X86_FEATURE_ALWAYS? > > > > I think that could work. There is one subtlety though I'll point out: > > The use of __x86_return_thunk when X86_FEATURE_RETHUNK is set is a > potential security issue, as it means the required return thunk is not > being used. The use of __x86_return_thunk when X86_FEATURE_RETHUNK is > not set is only a performance issue, as it means there is a return > that was not rewritten to be an inline 'ret' by apply_returns(). > > The ud2 was primarily intended to capture cases where there is a > potential security hole, while it is a bit overkill just to point out > a return that was not optimized. Even if it's not a security hole, I'd still view it as a major BUG() as it would directly contradict our understanding (and the comments above) and could cause performance or other correctness issues that would otherwise go unnoticed. So I think an unconditional UD2 is warranted.
diff --git a/arch/x86/lib/retpoline.S b/arch/x86/lib/retpoline.S index 3da768a71cf9..10212cf4a9af 100644 --- a/arch/x86/lib/retpoline.S +++ b/arch/x86/lib/retpoline.S @@ -358,15 +358,17 @@ SYM_FUNC_END(call_depth_return_thunk) * This function name is magical and is used by -mfunction-return=thunk-extern * for the compiler to generate JMPs to it. * - * This code is only used during kernel boot or module init. All + * This code is only used during kernel boot. All * 'JMP __x86_return_thunk' sites are changed to something else by * apply_returns(). + * + * This thunk is turned into a ud2 to ensure it is never used at runtime. + * Alternative instructions are applied after apply_returns(). */ SYM_CODE_START(__x86_return_thunk) UNWIND_HINT_FUNC ANNOTATE_NOENDBR - ANNOTATE_UNRET_SAFE - ret + ALTERNATIVE __stringify(ANNOTATE_UNRET_SAFE;ret),"ud2", X86_FEATURE_RETHUNK int3 SYM_CODE_END(__x86_return_thunk) EXPORT_SYMBOL(__x86_return_thunk)