linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Nick Desaulniers <ndesaulniers@google.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: x86@kernel.org, jpoimboe@redhat.com, andrew.cooper3@citrix.com,
	linux-kernel@vger.kernel.org, alexei.starovoitov@gmail.com,
	llvm@lists.linux.dev
Subject: Re: [PATCH 5/9] x86/alternative: Handle Jcc __x86_indirect_thunk_\reg
Date: Wed, 13 Oct 2021 13:11:45 -0700	[thread overview]
Message-ID: <CAKwvOd=4s70S9irWGV94u2AoyQyo67XZ9tU12cdhf=6879gA+w@mail.gmail.com> (raw)
In-Reply-To: <20211013123645.119101107@infradead.org>

On Wed, Oct 13, 2021 at 5:41 AM Peter Zijlstra <peterz@infradead.org> wrote:
>
> Handle the rare cases where the compiler (clang) does an indirect
> conditional tail-call using:
>
>   Jcc __x86_indirect_thunk_\reg

`Jcc.d32 __x86_indirect_thunk_\reg` might be clearer; otherwise
putting that in an assembler and assembling/disassembling produces the
2B instructions, which makes the below patch confusing. Ah, it is
stated in the comment added below.

>
> For the !RETPOLINE case this can be rewritten to fit the original (6
> byte) instruction like:
>
>   Jncc.d8       1f
>   JMP           *%\reg
>   NOP
> 1:
>
> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
> ---
>  arch/x86/kernel/alternative.c |   38 ++++++++++++++++++++++++++++++++++----
>  1 file changed, 34 insertions(+), 4 deletions(-)
>
> --- a/arch/x86/kernel/alternative.c
> +++ b/arch/x86/kernel/alternative.c
> @@ -378,7 +378,8 @@ static int emit_indirect(int op, int reg
>  static int patch_retpoline(void *addr, struct insn *insn, u8 *bytes)
>  {
>         void (*target)(void);
> -       int reg, i = 0;
> +       int reg, ret, i = 0;
> +       u8 op, cc;
>
>         if (cpu_feature_enabled(X86_FEATURE_RETPOLINE))
>                 return -1;
> @@ -390,9 +391,34 @@ static int patch_retpoline(void *addr, s
>         if (WARN_ON_ONCE(reg & ~0xf))
>                 return -1;
>
> -       i = emit_indirect(insn->opcode.bytes[0], reg, bytes);
> -       if (i < 0)
> -               return i;
> +       op = insn->opcode.bytes[0];
> +
> +       /*
> +        * Convert:
> +        *
> +        *   Jcc.d32 __x86_indirect_thunk_\reg
> +        *
> +        * into:
> +        *
> +        *   Jncc.d8 1f
> +        *   jmp *%\reg
> +        *   nop
> +        * 1:
> +        */
> +       if (op == 0x0f && (insn->opcode.bytes[1] & 0xf0) == 0x80) {
> +               cc = insn->opcode.bytes[1] & 0xf;
> +               cc ^= 1; /* invert condition */
> +
> +               bytes[i++] = 0x70 + cc; /* Jcc.d8 */
> +               bytes[i++] = insn->length - 2;

Isn't `insn->length - 2` always 4 (in this case)? We could avoid
computing that at runtime I suspect if we just hardcoded it.

Either way, I've looked at the disassembly enough that this LGTM.
Thanks for the patch.

Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>

> +
> +               op = JMP32_INSN_OPCODE;
> +       }
> +
> +       ret = emit_indirect(op, reg, bytes + i);
> +       if (ret < 0)
> +               return ret;
> +       i += ret;
>
>         for (; i < insn->length;)
>                 bytes[i++] = BYTES_NOP1;
> @@ -423,6 +449,10 @@ void __init_or_module noinline apply_ret
>                 case JMP32_INSN_OPCODE:
>                         break;
>
> +               case 0x0f: /* escape */
> +                       if (op2 >= 0x80 && op2 <= 0x8f)
> +                               break;
> +                       fallthrough;
>                 default:
>                         WARN_ON_ONCE(1);
>                         continue;
>
>


-- 
Thanks,
~Nick Desaulniers

  reply	other threads:[~2021-10-13 20:12 UTC|newest]

Thread overview: 52+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-13 12:22 [PATCH 0/9] x86: Rewrite the retpoline rewrite logic Peter Zijlstra
2021-10-13 12:22 ` [PATCH 1/9] objtool,x86: Replace alternatives with .retpoline_sites Peter Zijlstra
2021-10-13 13:29   ` Borislav Petkov
2021-10-13 20:11   ` Josh Poimboeuf
2021-10-14 15:43     ` Peter Zijlstra
2021-10-13 12:22 ` [PATCH 2/9] x86/retpoline: Remove unused replacement symbols Peter Zijlstra
2021-10-13 12:22 ` [PATCH 3/9] x86/asm: Fix register order Peter Zijlstra
2021-10-13 20:15   ` Josh Poimboeuf
2021-10-13 12:22 ` [PATCH 4/9] x86/alternative: Implement .retpoline_sites support Peter Zijlstra
2021-10-13 14:38   ` Andrew Cooper
2021-10-13 15:12     ` Peter Zijlstra
2021-10-13 17:11       ` Andrew Cooper
2021-10-14 10:05       ` Peter Zijlstra
2021-10-13 20:39   ` Josh Poimboeuf
2021-10-13 21:20     ` Peter Zijlstra
2021-10-13 21:49       ` Josh Poimboeuf
2021-10-13 21:52         ` Josh Poimboeuf
2021-10-13 22:10         ` Peter Zijlstra
2021-10-13 22:47           ` Andrew Cooper
2021-10-13 20:52   ` Josh Poimboeuf
2021-10-13 21:00     ` Peter Zijlstra
2021-10-19 11:37     ` Peter Zijlstra
2021-10-19 16:46       ` Josh Poimboeuf
2021-10-19 16:49         ` Josh Poimboeuf
2021-10-20  8:25           ` Peter Zijlstra
2021-10-20  8:30           ` Peter Zijlstra
2021-10-13 21:11   ` Josh Poimboeuf
2021-10-13 21:43     ` Peter Zijlstra
2021-10-13 22:05       ` Josh Poimboeuf
2021-10-13 22:14         ` Peter Zijlstra
2021-10-15 14:24   ` Borislav Petkov
2021-10-15 16:56     ` Peter Zijlstra
2021-10-18 23:06       ` Alexander Lobakin
2021-10-19  0:25         ` Alexander Lobakin
2021-10-19  9:47           ` Alexander Lobakin
2021-10-19 10:16             ` Peter Zijlstra
2021-10-19 15:37               ` Sami Tolvanen
2021-10-19 18:00                 ` Alexander Lobakin
2021-10-19  9:40         ` Peter Zijlstra
2021-10-19 10:02           ` Peter Zijlstra
2021-10-13 12:22 ` [PATCH 5/9] x86/alternative: Handle Jcc __x86_indirect_thunk_\reg Peter Zijlstra
2021-10-13 20:11   ` Nick Desaulniers [this message]
2021-10-13 21:08     ` Peter Zijlstra
2021-10-13 12:22 ` [PATCH 6/9] x86/alternative: Try inline spectre_v2=retpoline,amd Peter Zijlstra
2021-10-13 12:22 ` [PATCH 7/9] x86/alternative: Add debug prints to apply_retpolines() Peter Zijlstra
2021-10-13 12:22 ` [PATCH 8/9] x86,bugs: Unconditionally allow spectre_v2=retpoline,amd Peter Zijlstra
2021-10-13 12:22 ` [PATCH 9/9] bpf,x86: Respect X86_FEATURE_RETPOLINE* Peter Zijlstra
2021-10-13 21:06   ` Josh Poimboeuf
2021-10-13 21:54     ` Peter Zijlstra
2021-10-14  9:46       ` Peter Zijlstra
2021-10-14  9:48         ` Peter Zijlstra
2021-10-20  7:34         ` Peter Zijlstra

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAKwvOd=4s70S9irWGV94u2AoyQyo67XZ9tU12cdhf=6879gA+w@mail.gmail.com' \
    --to=ndesaulniers@google.com \
    --cc=alexei.starovoitov@gmail.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=jpoimboe@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=llvm@lists.linux.dev \
    --cc=peterz@infradead.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).