| Message ID | 20240129180502.4069817-24-ardb+git@google.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel+bounces-43270-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7301:2087:b0:106:209c:c626 with SMTP id gs7csp740467dyb;
Mon, 29 Jan 2024 10:06:58 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IGAEZCvc6WODF6rpXdAjC40Wj5Rh+6pBHyNurFB6tMDnq07Z68/6s5Rjvrj94QMyPD0VwfD
X-Received: by 2002:a17:907:1044:b0:a31:13ce:d64f with SMTP id
oy4-20020a170907104400b00a3113ced64fmr4304999ejb.55.1706551618331;
Mon, 29 Jan 2024 10:06:58 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1706551618; cv=pass;
d=google.com; s=arc-20160816;
b=XQ94c7q2qkJpRWilWXQ+vGYwINV2HL6Q5Jdf3QIftaIQzNUPgt/2oz/f7sGTRquvc/
ItiIzR+Kd6lQR6p47VL4nruVXgaWZfl/65V4FzlE8IKmYZpD/zURO9Hqs/xN4CI26OAX
hhyI6cfNK4BdH1E1Ns/qw9wlLG81j975RuZERTs08iHxtL1CXWsacspjUR+Md8kB19ZT
2Q/+iG+S3Qyp+qYEeICsnfXhN6njlLhbeLxLDUllhcoMuPKEkEc2S85LTbE9FX1Gx1e0
Sy0Kgbngrkbgk9EmCdS+bjRxchJY3kpy3CZia1iiOHkRD4UETQIAYjSnC72ArDSAXzV9
AK8Q==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=cc:to:from:subject:message-id:references:mime-version
:list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date
:dkim-signature;
bh=VlzuORvF37cHhQgjoovr2a86HYjlNB8YTzXdR4Eq8S8=;
fh=fMhMPvo8duafGkM4xZHdH7fULbau3etefTGsKa+Qy7I=;
b=nrNuB0rjwAnHcgvp1zrYcuLPu1CVwvk4Qu1gKwhcfzlcZpbH3c06ZLfZwJl+lnNedF
8wk3DVpIj8OUizL9fUdSRLsyDu8dzrL6fzJxxDtecn2ftVz4V1Jy9+o7qAa+WXvVkcg4
HvvUVNfulD2W8K/ZftQ36cX/0IqEqCpKID7CK+gtKyYmqi+wqo/QCIf5AcWoTwQO6KKM
SUI3kL4BmbhxGFvpn9M9+ds3QCqW6TRJbLBXBKkyOL+VzlEDJYTtIH9zgCW6awAq9pLN
la9pQCDYyFVtzOJz6s1LxUnwy71NW854nLOQ5Ed1CsKFxlbWIsIRT8S9lXrYXf4f0CQH
7hiA==
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@google.com header.s=20230601 header.b=N5GNZ1+H;
arc=pass (i=1 spf=pass spfdomain=flex--ardb.bounces.google.com
dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com);
spf=pass (google.com: domain of
linux-kernel+bounces-43270-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.80.249 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-43270-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249])
by mx.google.com with ESMTPS id
fy19-20020a170906b7d300b00a35ba88a82bsi1149770ejb.258.2024.01.29.10.06.58
for <ouuuleilei@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 29 Jan 2024 10:06:58 -0800 (PST)
Received-SPF: pass (google.com: domain of
linux-kernel+bounces-43270-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.80.249 as permitted sender) client-ip=147.75.80.249;
Authentication-Results: mx.google.com;
dkim=pass header.i=@google.com header.s=20230601 header.b=N5GNZ1+H;
arc=pass (i=1 spf=pass spfdomain=flex--ardb.bounces.google.com
dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com);
spf=pass (google.com: domain of
linux-kernel+bounces-43270-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.80.249 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-43270-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
[52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by am.mirrors.kernel.org (Postfix) with ESMTPS id 0D1631F25EBF
for <ouuuleilei@gmail.com>; Mon, 29 Jan 2024 18:06:42 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 9ADC37605E;
Mon, 29 Jan 2024 18:05:42 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
header.b="N5GNZ1+H"
Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com
[209.85.128.202])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id 085BB6F07C
for <linux-kernel@vger.kernel.org>; Mon, 29 Jan 2024 18:05:37 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
arc=none smtp.client-ip=209.85.128.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
t=1706551539; cv=none;
b=J42fLjwjPMGVOan0Vnba4BtPOztaJgnd9uENmnlOXt66KiBTBnylmTnvJave+wJn+/cjgXpEnHYke5v/LNcQyqQK3301eOffaYB+KmW20w5SkwXykHGjfwADJQHlqgLjH31huN49AQE+mOVnxCjkbiAmrYWvCo5VH1gjUUQoSI4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
s=arc-20240116; t=1706551539; c=relaxed/simple;
bh=ksYtquI/zNJoo09z1kn9EIIXegn4h7RVzbkZ+iPv7gQ=;
h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
To:Cc:Content-Type;
b=mPCerUWbYB6ycF1/mm0lcb8wI+odz6RU/HC4eb2i3YrLGQ/fc4ek8pKzCTHqaZHtOQ8QHTXxpv7UAZDWu3iH2OnwoClh2jQIVAl5Vjx0X25dIzQ21h4UmLCUo2PHNVmF7g9iRCBuwsVbR+QKDo7AQ93KTGjFDF5AqctVWz7aCiY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
dmarc=pass (p=reject dis=none) header.from=google.com;
spf=pass smtp.mailfrom=flex--ardb.bounces.google.com;
dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
header.b=N5GNZ1+H; arc=none smtp.client-ip=209.85.128.202
Authentication-Results: smtp.subspace.kernel.org;
dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
spf=pass smtp.mailfrom=flex--ardb.bounces.google.com
Received: by mail-yw1-f202.google.com with SMTP id
00721157ae682-6029c85922dso59735997b3.3
for <linux-kernel@vger.kernel.org>;
Mon, 29 Jan 2024 10:05:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20230601; t=1706551536; x=1707156336;
darn=vger.kernel.org;
h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
:date:from:to:cc:subject:date:message-id:reply-to;
bh=VlzuORvF37cHhQgjoovr2a86HYjlNB8YTzXdR4Eq8S8=;
b=N5GNZ1+HcdiMDaLoHriuiPIQ11RvN29Xx0ePSgvy2/TcZEUqNV476uWVlc5098jmV3
xp83LLEGPdgFnE8JTCrQrqjrOGwHRLfeJqtwmWg6lYstTdofsuyD/K22sfxFugdgwlWy
ZP5uczstj19b0jCTfSyQINffGtO6p/7j/q2d1RNLMUkgmUNxqKYzM+pixGreb1NyhwiV
QwFgxKa6LHA9JInQlmzSFjYtq0KdAzM2X9guUTUQ2EzdKy6IbOvJBBRJ1g5dbc3TsZSg
bllZHKJrS+mIjlPL9JlSFz/Y+D45PA6aiCRZvfV+zWg5HX0vHs3Le6QcWfnLlu+dS6Al
jLRQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1706551536; x=1707156336;
h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
:date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=VlzuORvF37cHhQgjoovr2a86HYjlNB8YTzXdR4Eq8S8=;
b=pxiZbgYYwtsXyKRKVITm1pps+gbU58LYny+Nw5A/qxezaDYvPr7vqX43mPomHUluH/
/+mQkVg/1rFFXKPw+nBA6Gf/F7gmbEuWJ/lQ17Z9Zh7nsyJgYDJV1o/ou2Bd2Oauv7Pa
wC9luQxKHBA4Rzi3sEXGPBwoGo8HOeJ33qP4RWj6JEpBWyyyHmFLEsp/AfPuEru+lfRl
jBavOr4eU4GrBtc72IBSpxtJEeBbUzXB396mOtZXCvcgGnIuM98bYqmMZ08DRmt9WJ17
zFRp6aY87HRHWIgKPwGdkgtLUgHvt+LkmpdPdJN5XiRbPfK/CiT+foalOPgtXaaTDn9Q
VAkw==
X-Gm-Message-State: AOJu0Yydc5oeaDzPxPgpFUWXtKMxhEuEB2I9BRSjca1Baz04HZVwtY2V
auDBn7ChSFb6ugD9iPKAlR8JH+PCctsJ3BTyy2KlDDfq7dtkuHtnRLOO/Avc7ua/+0vwiV2E/gg
TE1rIm+bUgx+Z09DD0Yc0EQ1qvTgOariuJq9FSqL95rCDmZSDSshd3rxHtJbO12p+5fPGt4NU/S
db+n+dxobKqUKHt0q+1qoaV28/aBhr/Q==
X-Received: from palermo.c.googlers.com
([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a])
(user=ardb job=sendgmr) by 2002:a05:6902:1b8d:b0:dc2:2f33:bc28 with SMTP id
ei13-20020a0569021b8d00b00dc22f33bc28mr2399097ybb.6.1706551536040; Mon, 29
Jan 2024 10:05:36 -0800 (PST)
Date: Mon, 29 Jan 2024 19:05:06 +0100
In-Reply-To: <20240129180502.4069817-21-ardb+git@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240129180502.4069817-21-ardb+git@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=2268; i=ardb@kernel.org;
h=from:subject; bh=TSUaLCMOyIRIkxI+e58H4dzOT8JQVh2xiOSo20k09Yg=;
b=owGbwMvMwCFmkMcZplerG8N4Wi2JIXX7i0sznR4wlbbnZirKqb0/tlnidNu/zpjLc3ccECxra
OiZErm+o5SFQYyDQVZMkUVg9t93O09PlKp1niULM4eVCWQIAxenAEzEVpXhD0+FxcHZC/v5WsNe
XhTRq9Et+jDvZFyi/tRpcvrJhS3X1zAytLxUqjGVObPST0DFle299G5uPgeeD8eX7t+/rfqL0pE
8BgA=
X-Mailer: git-send-email 2.43.0.429.g432eaa2c6b-goog
Message-ID: <20240129180502.4069817-24-ardb+git@google.com>
Subject: [PATCH v3 03/19] x86/startup_64: Drop long return to initial_code
pointer
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-kernel@vger.kernel.org
Cc: Ard Biesheuvel <ardb@kernel.org>,
Kevin Loughlin <kevinloughlin@google.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Dionna Glaze <dionnaglaze@google.com>,
Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>, Andy Lutomirski <luto@kernel.org>,
Arnd Bergmann <arnd@arndb.de>, Nathan Chancellor <nathan@kernel.org>,
Nick Desaulniers <ndesaulniers@google.com>,
Justin Stitt <justinstitt@google.com>,
Kees Cook <keescook@chromium.org>, Brian Gerst <brgerst@gmail.com>,
linux-arch@vger.kernel.org,
llvm@lists.linux.dev
Content-Type: text/plain; charset="UTF-8"
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1789449069477359112
X-GMAIL-MSGID: 1789449069477359112
|
| Series |
x86: Confine early 1:1 mapped startup code
|
|
Commit Message
Ard Biesheuvel
Jan. 29, 2024, 6:05 p.m. UTC
From: Ard Biesheuvel <ardb@kernel.org> Since commit 866b556efa12 ("x86/head/64: Install startup GDT"), the primary startup sequence sets the code segment register (CS) to __KERNEL_CS before calling into the startup code shared between primary and secondary boot. This means a simple indirect call is sufficient here. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> --- arch/x86/kernel/head_64.S | 35 ++------------------ 1 file changed, 3 insertions(+), 32 deletions(-)
Comments
On Mon, Jan 29, 2024 at 07:05:06PM +0100, Ard Biesheuvel wrote: > From: Ard Biesheuvel <ardb@kernel.org> > > Since commit 866b556efa12 ("x86/head/64: Install startup GDT"), the > primary startup sequence sets the code segment register (CS) to __KERNEL_CS > before calling into the startup code shared between primary and > secondary boot. > > This means a simple indirect call is sufficient here. > > Signed-off-by: Ard Biesheuvel <ardb@kernel.org> > --- > arch/x86/kernel/head_64.S | 35 ++------------------ > 1 file changed, 3 insertions(+), 32 deletions(-) > > diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S > index d4918d03efb4..4017a49d7b76 100644 > --- a/arch/x86/kernel/head_64.S > +++ b/arch/x86/kernel/head_64.S > @@ -428,39 +428,10 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) > movq %r15, %rdi > > .Ljump_to_C_code: > - /* > - * Jump to run C code and to be on a real kernel address. > - * Since we are running on identity-mapped space we have to jump > - * to the full 64bit address, this is only possible as indirect > - * jump. In addition we need to ensure %cs is set so we make this > - * a far return. > - * > - * Note: do not change to far jump indirect with 64bit offset. > - * > - * AMD does not support far jump indirect with 64bit offset. > - * AMD64 Architecture Programmer's Manual, Volume 3: states only > - * JMP FAR mem16:16 FF /5 Far jump indirect, > - * with the target specified by a far pointer in memory. > - * JMP FAR mem16:32 FF /5 Far jump indirect, > - * with the target specified by a far pointer in memory. > - * > - * Intel64 does support 64bit offset. > - * Software Developer Manual Vol 2: states: > - * FF /5 JMP m16:16 Jump far, absolute indirect, > - * address given in m16:16 > - * FF /5 JMP m16:32 Jump far, absolute indirect, > - * address given in m16:32. > - * REX.W + FF /5 JMP m16:64 Jump far, absolute indirect, > - * address given in m16:64. > - */ > - pushq $.Lafter_lret # put return address on stack for unwinder > xorl %ebp, %ebp # clear frame pointer > - movq initial_code(%rip), %rax > - pushq $__KERNEL_CS # set correct cs > - pushq %rax # target address in negative space > - lretq > -.Lafter_lret: > - ANNOTATE_NOENDBR > + ANNOTATE_RETPOLINE_SAFE > + callq *initial_code(%rip) > + int3 > SYM_CODE_END(secondary_startup_64) > > #include "verify_cpu.S" objtool doesn't like it yet: vmlinux.o: warning: objtool: verify_cpu+0x0: stack state mismatch: cfa1=4+8 cfa2=-1+0 Once we've solved this, I'll take this one even now - very nice cleanup! Thx.
On Wed, 31 Jan 2024 at 14:45, Borislav Petkov <bp@alien8.de> wrote: > > On Mon, Jan 29, 2024 at 07:05:06PM +0100, Ard Biesheuvel wrote: > > From: Ard Biesheuvel <ardb@kernel.org> > > > > Since commit 866b556efa12 ("x86/head/64: Install startup GDT"), the > > primary startup sequence sets the code segment register (CS) to __KERNEL_CS > > before calling into the startup code shared between primary and > > secondary boot. > > > > This means a simple indirect call is sufficient here. > > > > Signed-off-by: Ard Biesheuvel <ardb@kernel.org> > > --- > > arch/x86/kernel/head_64.S | 35 ++------------------ > > 1 file changed, 3 insertions(+), 32 deletions(-) > > > > diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S > > index d4918d03efb4..4017a49d7b76 100644 > > --- a/arch/x86/kernel/head_64.S > > +++ b/arch/x86/kernel/head_64.S > > @@ -428,39 +428,10 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) > > movq %r15, %rdi > > > > .Ljump_to_C_code: > > - /* > > - * Jump to run C code and to be on a real kernel address. > > - * Since we are running on identity-mapped space we have to jump > > - * to the full 64bit address, this is only possible as indirect > > - * jump. In addition we need to ensure %cs is set so we make this > > - * a far return. > > - * > > - * Note: do not change to far jump indirect with 64bit offset. > > - * > > - * AMD does not support far jump indirect with 64bit offset. > > - * AMD64 Architecture Programmer's Manual, Volume 3: states only > > - * JMP FAR mem16:16 FF /5 Far jump indirect, > > - * with the target specified by a far pointer in memory. > > - * JMP FAR mem16:32 FF /5 Far jump indirect, > > - * with the target specified by a far pointer in memory. > > - * > > - * Intel64 does support 64bit offset. > > - * Software Developer Manual Vol 2: states: > > - * FF /5 JMP m16:16 Jump far, absolute indirect, > > - * address given in m16:16 > > - * FF /5 JMP m16:32 Jump far, absolute indirect, > > - * address given in m16:32. > > - * REX.W + FF /5 JMP m16:64 Jump far, absolute indirect, > > - * address given in m16:64. > > - */ > > - pushq $.Lafter_lret # put return address on stack for unwinder > > xorl %ebp, %ebp # clear frame pointer > > - movq initial_code(%rip), %rax > > - pushq $__KERNEL_CS # set correct cs > > - pushq %rax # target address in negative space > > - lretq > > -.Lafter_lret: > > - ANNOTATE_NOENDBR > > + ANNOTATE_RETPOLINE_SAFE > > + callq *initial_code(%rip) > > + int3 > > SYM_CODE_END(secondary_startup_64) > > > > #include "verify_cpu.S" > > objtool doesn't like it yet: > > vmlinux.o: warning: objtool: verify_cpu+0x0: stack state mismatch: cfa1=4+8 cfa2=-1+0 > > Once we've solved this, I'll take this one even now - very nice cleanup! > s/int3/RET seems to do the trick. As long as there is an instruction that follows the callq, the unwinder will see secondary_startup_64 at the base of the call stack. We never return here anyway.
On Wed, 31 Jan 2024 at 14:57, Ard Biesheuvel <ardb@kernel.org> wrote: > > On Wed, 31 Jan 2024 at 14:45, Borislav Petkov <bp@alien8.de> wrote: > > > > On Mon, Jan 29, 2024 at 07:05:06PM +0100, Ard Biesheuvel wrote: > > > From: Ard Biesheuvel <ardb@kernel.org> > > > > > > Since commit 866b556efa12 ("x86/head/64: Install startup GDT"), the > > > primary startup sequence sets the code segment register (CS) to __KERNEL_CS > > > before calling into the startup code shared between primary and > > > secondary boot. > > > > > > This means a simple indirect call is sufficient here. > > > > > > Signed-off-by: Ard Biesheuvel <ardb@kernel.org> > > > --- > > > arch/x86/kernel/head_64.S | 35 ++------------------ > > > 1 file changed, 3 insertions(+), 32 deletions(-) > > > > > > diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S > > > index d4918d03efb4..4017a49d7b76 100644 > > > --- a/arch/x86/kernel/head_64.S > > > +++ b/arch/x86/kernel/head_64.S > > > @@ -428,39 +428,10 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) > > > movq %r15, %rdi > > > > > > .Ljump_to_C_code: > > > - /* > > > - * Jump to run C code and to be on a real kernel address. > > > - * Since we are running on identity-mapped space we have to jump > > > - * to the full 64bit address, this is only possible as indirect > > > - * jump. In addition we need to ensure %cs is set so we make this > > > - * a far return. > > > - * > > > - * Note: do not change to far jump indirect with 64bit offset. > > > - * > > > - * AMD does not support far jump indirect with 64bit offset. > > > - * AMD64 Architecture Programmer's Manual, Volume 3: states only > > > - * JMP FAR mem16:16 FF /5 Far jump indirect, > > > - * with the target specified by a far pointer in memory. > > > - * JMP FAR mem16:32 FF /5 Far jump indirect, > > > - * with the target specified by a far pointer in memory. > > > - * > > > - * Intel64 does support 64bit offset. > > > - * Software Developer Manual Vol 2: states: > > > - * FF /5 JMP m16:16 Jump far, absolute indirect, > > > - * address given in m16:16 > > > - * FF /5 JMP m16:32 Jump far, absolute indirect, > > > - * address given in m16:32. > > > - * REX.W + FF /5 JMP m16:64 Jump far, absolute indirect, > > > - * address given in m16:64. > > > - */ > > > - pushq $.Lafter_lret # put return address on stack for unwinder > > > xorl %ebp, %ebp # clear frame pointer > > > - movq initial_code(%rip), %rax > > > - pushq $__KERNEL_CS # set correct cs > > > - pushq %rax # target address in negative space > > > - lretq > > > -.Lafter_lret: > > > - ANNOTATE_NOENDBR > > > + ANNOTATE_RETPOLINE_SAFE > > > + callq *initial_code(%rip) > > > + int3 > > > SYM_CODE_END(secondary_startup_64) > > > > > > #include "verify_cpu.S" > > > > objtool doesn't like it yet: > > > > vmlinux.o: warning: objtool: verify_cpu+0x0: stack state mismatch: cfa1=4+8 cfa2=-1+0 > > > > Once we've solved this, I'll take this one even now - very nice cleanup! > > > > s/int3/RET seems to do the trick. > or ud2, even better,
On Wed, Jan 31, 2024 at 03:07:50PM +0100, Ard Biesheuvel wrote: > > s/int3/RET seems to do the trick. > > > or ud2, even better, Yap, that does it. And yes, we don't return here. I guess objtool complains because "7. file: warning: objtool: func()+0x5c: stack state mismatch The instruction's frame pointer state is inconsistent, depending on which execution path was taken to reach the instruction. ... Another possibility is that the code has some asm or inline asm which does some unusual things to the stack or the frame pointer. In such cases it's probably appropriate to use the unwind hint macros in asm/unwind_hints.h. " Lemme test this one a bit on my machines and queue it. Thx.
diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index d4918d03efb4..4017a49d7b76 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -428,39 +428,10 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) movq %r15, %rdi .Ljump_to_C_code: - /* - * Jump to run C code and to be on a real kernel address. - * Since we are running on identity-mapped space we have to jump - * to the full 64bit address, this is only possible as indirect - * jump. In addition we need to ensure %cs is set so we make this - * a far return. - * - * Note: do not change to far jump indirect with 64bit offset. - * - * AMD does not support far jump indirect with 64bit offset. - * AMD64 Architecture Programmer's Manual, Volume 3: states only - * JMP FAR mem16:16 FF /5 Far jump indirect, - * with the target specified by a far pointer in memory. - * JMP FAR mem16:32 FF /5 Far jump indirect, - * with the target specified by a far pointer in memory. - * - * Intel64 does support 64bit offset. - * Software Developer Manual Vol 2: states: - * FF /5 JMP m16:16 Jump far, absolute indirect, - * address given in m16:16 - * FF /5 JMP m16:32 Jump far, absolute indirect, - * address given in m16:32. - * REX.W + FF /5 JMP m16:64 Jump far, absolute indirect, - * address given in m16:64. - */ - pushq $.Lafter_lret # put return address on stack for unwinder xorl %ebp, %ebp # clear frame pointer - movq initial_code(%rip), %rax - pushq $__KERNEL_CS # set correct cs - pushq %rax # target address in negative space - lretq -.Lafter_lret: - ANNOTATE_NOENDBR + ANNOTATE_RETPOLINE_SAFE + callq *initial_code(%rip) + int3 SYM_CODE_END(secondary_startup_64) #include "verify_cpu.S"