From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <groeck7@gmail.com>
ARC-Seal: i=1; a=rsa-sha256; t=1517189168; cv=none;
        d=google.com; s=arc-20160816;
        b=puvKOt5p6vzLVioJPZgWCP5bObw5jAIQC/1nceVYNBUA1kTL8TuLEpdRTYGCWFx0Ox
         D883nSJT/bEkuXJGV1OJxjLDEqvQpCR7fKRHOD7+yRUB0v9dPy90WoLSd9MTy2djdmZj
         EoFJpYXZkGIOdCF6A6E4RZiUvYi1/d7SCJqi/NSfrkFgIWiRLBqwrvGfhFDXtpHPiGm4
         +qOUp2MmYCi45xoqEh57B65ZTMIEoVM2z9BdnXfWHRgMt0fiJ3bKupSUkCICV/nNvIzw
         xPCMTG3geWUd2UjWGRCGrY0b/+9qtUhXbrVz7PDJqh9ST2HIaOZkWfbFQwLPjoRAWxgP
         n16Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:content-language:in-reply-to:mime-version
         :user-agent:date:message-id:from:references:cc:to:subject:sender
         :dkim-signature:arc-authentication-results;
        bh=cWB5OxBhTHqTRGPqLpOPkBM0+odljJSdaxoj3AaJAxw=;
        b=kYup4TtLyuSRGcoK2ODCETp6H5jZP1cmENBOEkP1MhE7GdhGAeFEMT4F9+DuAjsojB
         4XB1CjwKNDl0cn/tOwuRwdWg4BVRZcqoKuwjW5OTu1Sntotwz6YlLjpmLyXcKGtTF1PV
         w75VMhaZclasOu72JjFlAI1r2MUmy9XbLFsmua+ZMZiC+5LpwTw7HFRb2UGAIMRuoeFh
         1GNBDxyjR4f5W2/3poFNdlqNr/0p/ND91oGZxE8u8qRjFvp654JMArN7tticAyw/+ruO
         PTnDG5/WMEGOt2xayW53THGmlWKvXFwGygbinlW03nag6PklBah3AMNFZXTe1L/la5QZ
         bJuA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=RWDWJrsj;
       spf=pass (google.com: domain of groeck7@gmail.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=groeck7@gmail.com
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=RWDWJrsj;
       spf=pass (google.com: domain of groeck7@gmail.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=groeck7@gmail.com
X-Google-Smtp-Source: AH8x226f4WT4HcMClXGMvwlwJRHvMbY/7K/QUWqttp2eUIMe4qiByRhzjkXIPGSUNEGnavNpBCOsVg==
Sender: Guenter Roeck <groeck7@gmail.com>
Subject: Re: [v8,02/12] objtool: Allow alternatives to be ignored
To: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: David Woodhouse <dwmw2@infradead.org>, Andi Kleen <ak@linux.intel.com>,
 Paul Turner <pjt@google.com>, LKML <linux-kernel@vger.kernel.org>,
 Linus Torvalds <torvalds@linux-foundation.org>,
 Greg Kroah-Hartman <gregkh@linux-foundation.org>,
 Tim Chen <tim.c.chen@linux.intel.com>, Dave Hansen <dave.hansen@intel.com>,
 tglx@linutronix.de, Kees Cook <keescook@google.com>,
 Rik van Riel <riel@redhat.com>, Peter Zijlstra <peterz@infradead.org>,
 Andy Lutomirski <luto@amacapital.net>, Jiri Kosina <jikos@kernel.org>,
 gnomes@lxorguk.ukuu.org.uk, x86@kernel.org, thomas.lendacky@amd.com
References: <1515707194-20531-3-git-send-email-dwmw@amazon.co.uk>
 <20180118190931.GA27143@roeck-us.net>
 <20180118193315.zrrya7qo6kf7pmzp@treble>
 <20180118194112.GA28449@roeck-us.net>
 <1516649644.9521.61.camel@infradead.org>
 <20180122202522.GA29081@roeck-us.net>
 <20180128210642.xob2win53h2gztak@treble>
From: Guenter Roeck <linux@roeck-us.net>
Message-ID: <0a35672a-5bec-d4b2-732b-805b09d7b39b@roeck-us.net>
Date: Sun, 28 Jan 2018 17:26:05 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <20180128210642.xob2win53h2gztak@treble>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: =?utf-8?q?1589334210253041473?=
X-GMAIL-MSGID: =?utf-8?q?1590888150132834332?=
X-Mailing-List: linux-kernel@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>

On 01/28/2018 01:06 PM, Josh Poimboeuf wrote:
> On Mon, Jan 22, 2018 at 12:25:22PM -0800, Guenter Roeck wrote:
>> Hi David,
>>
>> On Mon, Jan 22, 2018 at 07:34:04PM +0000, David Woodhouse wrote:
>>> On Thu, 2018-01-18 at 11:41 -0800, Guenter Roeck wrote:
>>>>
>>>>> Not sure, does your gcc have retpolines?  Give me your .o file and I can
>>>>> diagnose it.
>>>>>   
>>>> Yes, it does, only it is the gcc from the Google toolchain which may
>>>> generate different code than the upstream version.
>>>>
>>>> I attached an affected object file. Please let me know if there is anything else
>>>> I can do to help.
>>> Disassembly of section .text.__x86.indirect_thunk:
>>>
>>> 0000000000000000 <__x86.indirect_thunk>:
>>>     0:	e8 04 00 00 00       	callq  9 <__x86.indirect_thunk+0x9>
>>>     5:	f3 90                	pause
>>>     7:	eb fc                	jmp    5 <__x86.indirect_thunk+0x5>
>>>     9:	48 8d 64 24 08       	lea    0x8(%rsp),%rsp
>>>     e:	c3                   	retq
>>>
>>> That has the old-style CET-incompatible retpoline in a COMDAT section
>>> in the .o file. What compiler options are being used for that? The
>>> kernel should only use retpoline if GCC supports both of
>>> -mindirect-branch=thunk-extern and -mindirect-branch-register, and this
>>> compiler is doing *neither* of those.
>>
>> It uses "-mindirect-branch=thunk -mindirect-branch-loop=pause
>> -fno-jump-tables", though I don't know if that even exists in
>> upstream gcc (it is the gcc use for Chrome OS builds). I'll pass
>> your feedback to our compiler team.
>>
>> Either case, I think it is less than optimal that objtool crashes
>> with _any_ object code.
> 
> I've got a pending fix for this, so that objtool doesn't seg fault, and
> instead prints out a warning:
> 
>    quirks.o: warning: objtool: efi_delete_dummy_variable()+0x99: unsupported intra-function call
>    quirks.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE.
> 
> The code is here, along with a few more fixes:
> 
>    https://git.kernel.org/pub/scm/linux/kernel/git/jpoimboe/linux.git/log/?h=TODO-objtool-seg-fault
> 

Excellent. I'll give it a try tomorrow.

Thanks for looking into this!

Guenter