Re: [PATCH 2/2] x86/speculation: Simplify indirect_branch_prediction_barrier()

From: Josh Poimboeuf <jpoimboe@redhat.com>
To: David Woodhouse <dwmw2@infradead.org>
Cc: Borislav Petkov <bp@alien8.de>, X86 ML <x86@kernel.org>,
	LKML <linux-kernel@vger.kernel.org>,
	tim.c.chen@linux.intel.com, pjt@google.com, jikos@kernel.org,
	gregkh@linux-foundation.org, dave.hansen@intel.com,
	riel@redhat.com, luto@amacapital.net,
	torvalds@linux-foundation.org, ak@linux.intel.com,
	keescook@google.com, peterz@infradead.org
Subject: Re: [PATCH 2/2] x86/speculation: Simplify indirect_branch_prediction_barrier()
Date: Tue, 6 Feb 2018 17:25:14 -0600	[thread overview]
Message-ID: <20180206232514.qcy4y3dzfkjo3xdg@treble> (raw)
In-Reply-To: <1517946292.3677.22.camel@infradead.org>

On Tue, Feb 06, 2018 at 07:44:52PM +0000, David Woodhouse wrote:
> On Fri, 2018-01-26 at 21:08 +0100, Borislav Petkov wrote:
> > Make it all a function which does the WRMSR instead of having a hairy
> > inline asm.
> 
> ...
> 
> > +	alternative_input("",
> > +			 "call __ibp_barrier",
> > +			 X86_FEATURE_IBPB,
> > +			 ASM_NO_INPUT_CLOBBER("eax", "ecx", "edx", "memory"));
> >  }
> 
> Dammit. I know the best time to comment is *before* I add my own sign-
> off to it and before Linus has merged it but... I think this is broken.
> 
> If you're calling a C function then you have to mark *all* the call-
> clobbered registers as, well, clobbered.
> 
> If you really really really want to *call* something out of line, then
> it would need to be implemented in asm.

Hm.  In theory I agree this seems like a bug.  On x86_64 I believe we
would need to mark the following registers as clobbered: r8-r11, ax, cx,
dx, si, di, plus "memory" and "cc".

But I'm scratching my head a bit, because we seem to have this bug all
over the kernel.  (Grep for ASM_CALL_CONSTRAINT to see them.)

Many of those inline asm calls have been around a long time.  So why
hasn't it ever bitten us?

-- 
Josh