[tip: objtool/core] x86,smap: Fix smap_{save,restore}() alternatives

From: tip-bot2 for Peter Zijlstra
Date: Fri May 01 2020 - 14:22:45 EST

Next message: tip-bot2 for Julien Thierry: "[tip: objtool/core] objtool: Remove check preventing branches within alternative"
Previous message: tip-bot2 for Alexandre Chartre: "[tip: objtool/core] objtool: Add support for intra-function calls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The following commit has been merged into the objtool/core branch of tip:

Commit-ID: 1ff865e343c2b59469d7e41d370a980a3f972c71
Gitweb: https://git.kernel.org/tip/1ff865e343c2b59469d7e41d370a980a3f972c71
Author: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
AuthorDate: Tue, 28 Apr 2020 19:57:59 +02:00
Committer: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
CommitterDate: Thu, 30 Apr 2020 20:14:31 +02:00

x86,smap: Fix smap_{save,restore}() alternatives

As reported by objtool:

lib/ubsan.o: warning: objtool: .altinstr_replacement+0x0: alternative modifies stack
lib/ubsan.o: warning: objtool: .altinstr_replacement+0x7: alternative modifies stack

the smap_{save,restore}() alternatives violate (the newly enforced)
rule on stack invariance. That is, due to there only being a single
ORC table it must be valid to any alternative. These alternatives
violate this with the direct result that unwinds will not be correct
when it hits between the PUSH and POP instructions.

Rewrite the functions to only have a conditional jump.

Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
Reviewed-by: Miroslav Benes <mbenes@xxxxxxx>
Acked-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
Link: https://lkml.kernel.org/r/20200429101802.GI13592@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
---
arch/x86/include/asm/smap.h | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/arch/x86/include/asm/smap.h b/arch/x86/include/asm/smap.h
index 27c47d1..8b58d69 100644
--- a/arch/x86/include/asm/smap.h
+++ b/arch/x86/include/asm/smap.h
@@ -57,8 +57,10 @@ static __always_inline unsigned long smap_save(void)
{
unsigned long flags;

- asm volatile (ALTERNATIVE("", "pushf; pop %0; " __ASM_CLAC,
- X86_FEATURE_SMAP)
+ asm volatile ("# smap_save\n\t"
+ ALTERNATIVE("jmp 1f", "", X86_FEATURE_SMAP)
+ "pushf; pop %0; " __ASM_CLAC "\n\t"
+ "1:"
: "=rm" (flags) : : "memory", "cc");

return flags;
@@ -66,7 +68,10 @@ static __always_inline unsigned long smap_save(void)

static __always_inline void smap_restore(unsigned long flags)
{
- asm volatile (ALTERNATIVE("", "push %0; popf", X86_FEATURE_SMAP)
+ asm volatile ("# smap_restore\n\t"
+ ALTERNATIVE("jmp 1f", "", X86_FEATURE_SMAP)
+ "push %0; popf\n\t"
+ "1:"
: : "g" (flags) : "memory", "cc");
}

Next message: tip-bot2 for Julien Thierry: "[tip: objtool/core] objtool: Remove check preventing branches within alternative"
Previous message: tip-bot2 for Alexandre Chartre: "[tip: objtool/core] objtool: Add support for intra-function calls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]