From patchwork Tue Oct 18 12:35:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Zijlstra X-Patchwork-Id: 4152 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp1939881wrs; Tue, 18 Oct 2022 05:46:53 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4jPZaMyIwkQeZzFiOCxshJUJSEy3SHWGLozz5yEsMswhxArQ12Z0Ez6RQYDaQnDXkRNSw5 X-Received: by 2002:a17:907:c03:b0:781:fd5a:c093 with SMTP id ga3-20020a1709070c0300b00781fd5ac093mr2249828ejc.89.1666097213262; Tue, 18 Oct 2022 05:46:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666097213; cv=none; d=google.com; s=arc-20160816; b=FDnep8VrSqiUmqxRb5rey9IK2WfLrafHRR3W+wGrND3nhCOf95Rzr52lHHHl+zQOJ6 Kl9kZlPS9lWc3UY+wmod/os1qFRzyXQ8dvebC+sSxOON04hzM+keV8oAZRE4vvznYG+2 0wW320NAZOh15P8Z5EOuyJvECaIhnODMxdC4HJeLU/B+z9vfcUKpvFpXVnAlz502ceKM xRto5ff2USjPqiei1m4tm0uYQrOz8iRW4m/DxuGdranzeAW0+pxWTbsvbqkFUSb7E9nv /7aCq1wwwHS/Lr7nM+rn7n9XIR8DuaD6U9XXVR7PAhszOjXbfHolL/A0N7QmURUjmwVB 5ZMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-disposition:mime-version:message-id :subject:cc:to:from:date:dkim-signature; bh=s/2OoidSG8cI1q4hTwzfAsysrB6WSg4UF4HBlyHF0HE=; b=Gxh+OzJuMM7CEBaC3q26WXtIY2U1eBme0/T3Utp0DrMIKVQm2lp2wPQgSi9QlQSrxS aNEVd+ROMpsMFZelPhNIXxG9wncGiNbE1Vuvpb9WsQpBdVIPEx+LNbV02h0XNsDMdzp8 UXRGgTOrLFCeUChj07zKiNPifBUIk4L7P2vWBho+WPlutCZ29NE46VOV0LMOTltxTe4t FgfB3CklIQoRCSnvqPr44DejPUSry+pyy4B68ocRidwgSiAnLo1AYHxHxyhR7R+pWRyi XQ/WqUyGsRLGno2ZA5GO/Sj6HATh59T57QfsyHXsfnF8+7xand5e6qkMXaoNR2kJYQzC 9fJg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=EVCSs2v2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hd13-20020a170907968d00b00782a1b59663si11712693ejc.891.2022.10.18.05.46.27; Tue, 18 Oct 2022 05:46:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=EVCSs2v2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230016AbiJRMfa (ORCPT + 99 others); Tue, 18 Oct 2022 08:35:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40358 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229753AbiJRMf1 (ORCPT ); Tue, 18 Oct 2022 08:35:27 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 56A89604B8 for ; Tue, 18 Oct 2022 05:35:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Type:MIME-Version:Message-ID: Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:In-Reply-To:References; bh=s/2OoidSG8cI1q4hTwzfAsysrB6WSg4UF4HBlyHF0HE=; b=EVCSs2v2MdPbf9jUsruatbBGNA ARcxoTKnWA91LTzyrwUuPfe/XRlYVKVBzwZ1a4GueyCElPE9io1sli5c03m/n+W6gceAaanT9NyeE YFsp1fB/KDPsJf1Y5BT2CxRfP+hVgP20KkhwJzOR1tPwxewcxs0WtWhX5Gi9IahzyRIVdkusHEdcz DLdM45odJez/zaRNy5tZ57/R88LLfoVjC+KnjPqKb3bkyPhgx7QLO7GBl/O5ogzISYEoGfarIAAEG gGdl47Gp3tXs0ndpfT4TXIlntlUIKDiXEGr6Zu8f4bkJ2aSkN2/3mSUNcqs3IPendKaIYSxWBpQF6 oI+hwt+g==; Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net) by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1okloY-00Ak5M-CJ; Tue, 18 Oct 2022 12:35:22 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id 382FE300431; Tue, 18 Oct 2022 14:35:16 +0200 (CEST) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 1424E2075A8C7; Tue, 18 Oct 2022 14:35:16 +0200 (CEST) Date: Tue, 18 Oct 2022 14:35:15 +0200 From: Peter Zijlstra To: Steven Rostedt , x86@kernel.org, linux-kernel@vger.kernel.org, Mark Rutland Cc: Kees Cook , Sami Tolvanen Subject: [PATCH] ftrace,kcfi: Separate ftrace_stub() and ftrace_stub_graph() Message-ID: MIME-Version: 1.0 Content-Disposition: inline X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747029495640472375?= X-GMAIL-MSGID: =?utf-8?q?1747029551640392090?= Different function signatures means they needs to be different functions; otherwise CFI gets upset. Signed-off-by: Peter Zijlstra (Intel) --- Notable; this patch depends on eac828eaef29 ("x86/ftrace: Remove ftrace_epilogue()") which can be cleanly picked on top of -rc1. Since kCFI is upstream this should go into some /urgent tree. arch/arm64/kernel/entry-ftrace.S | 7 ++++++- arch/x86/kernel/ftrace_64.S | 17 +++++++++-------- include/asm-generic/vmlinux.lds.h | 18 ++++++++++++------ 3 files changed, 27 insertions(+), 15 deletions(-) --- a/arch/arm64/kernel/entry-ftrace.S +++ b/arch/arm64/kernel/entry-ftrace.S @@ -7,6 +7,7 @@ */ #include +#include #include #include #include @@ -294,10 +295,14 @@ SYM_FUNC_END(ftrace_graph_caller) #endif /* CONFIG_FUNCTION_GRAPH_TRACER */ #endif /* CONFIG_DYNAMIC_FTRACE_WITH_REGS */ -SYM_FUNC_START(ftrace_stub) +SYM_TYPED_FUNC_START(ftrace_stub) ret SYM_FUNC_END(ftrace_stub) +SYM_TYPED_FUNC_START(ftrace_stub_graph) + ret +SYM_FUNC_END(ftrace_stub_graph) + #ifdef CONFIG_FUNCTION_GRAPH_TRACER /* * void return_to_handler(void) --- a/arch/x86/kernel/ftrace_64.S +++ b/arch/x86/kernel/ftrace_64.S @@ -4,6 +4,7 @@ */ #include +#include #include #include #include @@ -129,6 +130,14 @@ .endm +SYM_TYPED_FUNC_START(ftrace_stub) + RET +SYM_FUNC_END(ftrace_stub) + +SYM_TYPED_FUNC_START(ftrace_stub_graph) + RET +SYM_FUNC_END(ftrace_stub_graph) + #ifdef CONFIG_DYNAMIC_FTRACE SYM_FUNC_START(__fentry__) @@ -176,11 +185,6 @@ SYM_INNER_LABEL(ftrace_caller_end, SYM_L SYM_FUNC_END(ftrace_caller); STACK_FRAME_NON_STANDARD_FP(ftrace_caller) -SYM_FUNC_START(ftrace_stub) - UNWIND_HINT_FUNC - RET -SYM_FUNC_END(ftrace_stub) - SYM_FUNC_START(ftrace_regs_caller) /* Save the current flags before any operations that can change them */ pushfq @@ -282,9 +286,6 @@ STACK_FRAME_NON_STANDARD_FP(ftrace_regs_ SYM_FUNC_START(__fentry__) cmpq $ftrace_stub, ftrace_trace_function jnz trace - -SYM_INNER_LABEL(ftrace_stub, SYM_L_GLOBAL) - ENDBR RET trace: --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -162,6 +162,16 @@ #define PATCHABLE_DISCARDS *(__patchable_function_entries) #endif +#ifndef ARCH_SUPPORTS_CFI_CLANG +/* + * Simply points to ftrace_stub, but with the proper protocol. + * Defined by the linker script in linux/vmlinux.lds.h + */ +#define FTRACE_STUB_HACK ftrace_stub_graph = ftrace_stub; +#else +#define FTRACE_STUB_HACK +#endif + #ifdef CONFIG_FTRACE_MCOUNT_RECORD /* * The ftrace call sites are logged to a section whose name depends on the @@ -169,10 +179,6 @@ * FTRACE_CALLSITE_SECTION. We capture all of them here to avoid header * dependencies for FTRACE_CALLSITE_SECTION's definition. * - * Need to also make ftrace_stub_graph point to ftrace_stub - * so that the same stub location may have different protocols - * and not mess up with C verifiers. - * * ftrace_ops_list_func will be defined as arch_ftrace_ops_list_func * as some archs will have a different prototype for that function * but ftrace_ops_list_func() will have a single prototype. @@ -182,11 +188,11 @@ KEEP(*(__mcount_loc)) \ KEEP_PATCHABLE \ __stop_mcount_loc = .; \ - ftrace_stub_graph = ftrace_stub; \ + FTRACE_STUB_HACK \ ftrace_ops_list_func = arch_ftrace_ops_list_func; #else # ifdef CONFIG_FUNCTION_TRACER -# define MCOUNT_REC() ftrace_stub_graph = ftrace_stub; \ +# define MCOUNT_REC() FTRACE_STUB_HACK \ ftrace_ops_list_func = arch_ftrace_ops_list_func; # else # define MCOUNT_REC()