mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-12-28 16:56:26 +00:00
Merge branch 'x86/bugs' into x86/core, to pick up pending changes before dependent patches
Merge in pending alternatives patching infrastructure changes, before applying more patches. Signed-off-by: Ingo Molnar <mingo@kernel.org>
This commit is contained in:
commit
4589f199eb
@ -473,8 +473,8 @@ Spectre variant 2
|
||||
-mindirect-branch=thunk-extern -mindirect-branch-register options.
|
||||
If the kernel is compiled with a Clang compiler, the compiler needs
|
||||
to support -mretpoline-external-thunk option. The kernel config
|
||||
CONFIG_RETPOLINE needs to be turned on, and the CPU needs to run with
|
||||
the latest updated microcode.
|
||||
CONFIG_MITIGATION_RETPOLINE needs to be turned on, and the CPU needs
|
||||
to run with the latest updated microcode.
|
||||
|
||||
On Intel Skylake-era systems the mitigation covers most, but not all,
|
||||
cases. See :ref:`[3] <spec_ref3>` for more details.
|
||||
@ -609,8 +609,8 @@ kernel command line.
|
||||
Selecting 'on' will, and 'auto' may, choose a
|
||||
mitigation method at run time according to the
|
||||
CPU, the available microcode, the setting of the
|
||||
CONFIG_RETPOLINE configuration option, and the
|
||||
compiler with which the kernel was built.
|
||||
CONFIG_MITIGATION_RETPOLINE configuration option,
|
||||
and the compiler with which the kernel was built.
|
||||
|
||||
Selecting 'on' will also enable the mitigation
|
||||
against user space to user space task attacks.
|
||||
|
@ -6027,8 +6027,8 @@
|
||||
Selecting 'on' will, and 'auto' may, choose a
|
||||
mitigation method at run time according to the
|
||||
CPU, the available microcode, the setting of the
|
||||
CONFIG_RETPOLINE configuration option, and the
|
||||
compiler with which the kernel was built.
|
||||
CONFIG_MITIGATION_RETPOLINE configuration option,
|
||||
and the compiler with which the kernel was built.
|
||||
|
||||
Selecting 'on' will also enable the mitigation
|
||||
against user space to user space task attacks.
|
||||
|
@ -26,9 +26,9 @@ comments in pti.c).
|
||||
|
||||
This approach helps to ensure that side-channel attacks leveraging
|
||||
the paging structures do not function when PTI is enabled. It can be
|
||||
enabled by setting CONFIG_PAGE_TABLE_ISOLATION=y at compile time.
|
||||
Once enabled at compile-time, it can be disabled at boot with the
|
||||
'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt).
|
||||
enabled by setting CONFIG_MITIGATION_PAGE_TABLE_ISOLATION=y at compile
|
||||
time. Once enabled at compile-time, it can be disabled at boot with
|
||||
the 'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt).
|
||||
|
||||
Page Table Management
|
||||
=====================
|
||||
|
@ -2477,12 +2477,12 @@ config CALL_PADDING
|
||||
|
||||
config FINEIBT
|
||||
def_bool y
|
||||
depends on X86_KERNEL_IBT && CFI_CLANG && RETPOLINE
|
||||
depends on X86_KERNEL_IBT && CFI_CLANG && MITIGATION_RETPOLINE
|
||||
select CALL_PADDING
|
||||
|
||||
config HAVE_CALL_THUNKS
|
||||
def_bool y
|
||||
depends on CC_HAS_ENTRY_PADDING && RETHUNK && OBJTOOL
|
||||
depends on CC_HAS_ENTRY_PADDING && MITIGATION_RETHUNK && OBJTOOL
|
||||
|
||||
config CALL_THUNKS
|
||||
def_bool n
|
||||
@ -2504,7 +2504,7 @@ menuconfig SPECULATION_MITIGATIONS
|
||||
|
||||
if SPECULATION_MITIGATIONS
|
||||
|
||||
config PAGE_TABLE_ISOLATION
|
||||
config MITIGATION_PAGE_TABLE_ISOLATION
|
||||
bool "Remove the kernel mapping in user mode"
|
||||
default y
|
||||
depends on (X86_64 || X86_PAE)
|
||||
@ -2515,7 +2515,7 @@ config PAGE_TABLE_ISOLATION
|
||||
|
||||
See Documentation/arch/x86/pti.rst for more details.
|
||||
|
||||
config RETPOLINE
|
||||
config MITIGATION_RETPOLINE
|
||||
bool "Avoid speculative indirect branches in kernel"
|
||||
select OBJTOOL if HAVE_OBJTOOL
|
||||
default y
|
||||
@ -2525,9 +2525,9 @@ config RETPOLINE
|
||||
branches. Requires a compiler with -mindirect-branch=thunk-extern
|
||||
support for full protection. The kernel may run slower.
|
||||
|
||||
config RETHUNK
|
||||
config MITIGATION_RETHUNK
|
||||
bool "Enable return-thunks"
|
||||
depends on RETPOLINE && CC_HAS_RETURN_THUNK
|
||||
depends on MITIGATION_RETPOLINE && CC_HAS_RETURN_THUNK
|
||||
select OBJTOOL if HAVE_OBJTOOL
|
||||
default y if X86_64
|
||||
help
|
||||
@ -2536,14 +2536,14 @@ config RETHUNK
|
||||
Requires a compiler with -mfunction-return=thunk-extern
|
||||
support for full protection. The kernel may run slower.
|
||||
|
||||
config CPU_UNRET_ENTRY
|
||||
config MITIGATION_UNRET_ENTRY
|
||||
bool "Enable UNRET on kernel entry"
|
||||
depends on CPU_SUP_AMD && RETHUNK && X86_64
|
||||
depends on CPU_SUP_AMD && MITIGATION_RETHUNK && X86_64
|
||||
default y
|
||||
help
|
||||
Compile the kernel with support for the retbleed=unret mitigation.
|
||||
|
||||
config CALL_DEPTH_TRACKING
|
||||
config MITIGATION_CALL_DEPTH_TRACKING
|
||||
bool "Mitigate RSB underflow with call depth tracking"
|
||||
depends on CPU_SUP_INTEL && HAVE_CALL_THUNKS
|
||||
select HAVE_DYNAMIC_FTRACE_NO_PATCHABLE
|
||||
@ -2563,7 +2563,7 @@ config CALL_DEPTH_TRACKING
|
||||
|
||||
config CALL_THUNKS_DEBUG
|
||||
bool "Enable call thunks and call depth tracking debugging"
|
||||
depends on CALL_DEPTH_TRACKING
|
||||
depends on MITIGATION_CALL_DEPTH_TRACKING
|
||||
select FUNCTION_ALIGNMENT_32B
|
||||
default n
|
||||
help
|
||||
@ -2574,14 +2574,14 @@ config CALL_THUNKS_DEBUG
|
||||
Only enable this when you are debugging call thunks as this
|
||||
creates a noticeable runtime overhead. If unsure say N.
|
||||
|
||||
config CPU_IBPB_ENTRY
|
||||
config MITIGATION_IBPB_ENTRY
|
||||
bool "Enable IBPB on kernel entry"
|
||||
depends on CPU_SUP_AMD && X86_64
|
||||
default y
|
||||
help
|
||||
Compile the kernel with support for the retbleed=ibpb mitigation.
|
||||
|
||||
config CPU_IBRS_ENTRY
|
||||
config MITIGATION_IBRS_ENTRY
|
||||
bool "Enable IBRS on kernel entry"
|
||||
depends on CPU_SUP_INTEL && X86_64
|
||||
default y
|
||||
@ -2590,14 +2590,14 @@ config CPU_IBRS_ENTRY
|
||||
This mitigates both spectre_v2 and retbleed at great cost to
|
||||
performance.
|
||||
|
||||
config CPU_SRSO
|
||||
config MITIGATION_SRSO
|
||||
bool "Mitigate speculative RAS overflow on AMD"
|
||||
depends on CPU_SUP_AMD && X86_64 && RETHUNK
|
||||
depends on CPU_SUP_AMD && X86_64 && MITIGATION_RETHUNK
|
||||
default y
|
||||
help
|
||||
Enable the SRSO mitigation needed on AMD Zen1-4 machines.
|
||||
|
||||
config SLS
|
||||
config MITIGATION_SLS
|
||||
bool "Mitigate Straight-Line-Speculation"
|
||||
depends on CC_HAS_SLS && X86_64
|
||||
select OBJTOOL if HAVE_OBJTOOL
|
||||
@ -2607,7 +2607,7 @@ config SLS
|
||||
against straight line speculation. The kernel image might be slightly
|
||||
larger.
|
||||
|
||||
config GDS_FORCE_MITIGATION
|
||||
config MITIGATION_GDS_FORCE
|
||||
bool "Force GDS Mitigation"
|
||||
depends on CPU_SUP_INTEL
|
||||
default n
|
||||
|
@ -22,7 +22,7 @@ RETPOLINE_VDSO_CFLAGS := -mretpoline
|
||||
endif
|
||||
RETPOLINE_CFLAGS += $(call cc-option,-mindirect-branch-cs-prefix)
|
||||
|
||||
ifdef CONFIG_RETHUNK
|
||||
ifdef CONFIG_MITIGATION_RETHUNK
|
||||
RETHUNK_CFLAGS := -mfunction-return=thunk-extern
|
||||
RETPOLINE_CFLAGS += $(RETHUNK_CFLAGS)
|
||||
endif
|
||||
@ -192,7 +192,7 @@ KBUILD_CFLAGS += -Wno-sign-compare
|
||||
KBUILD_CFLAGS += -fno-asynchronous-unwind-tables
|
||||
|
||||
# Avoid indirect branches in kernel to deal with Spectre
|
||||
ifdef CONFIG_RETPOLINE
|
||||
ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
KBUILD_CFLAGS += $(RETPOLINE_CFLAGS)
|
||||
# Additionally, avoid generating expensive indirect jumps which
|
||||
# are subject to retpolines for small number of switch cases.
|
||||
@ -205,7 +205,7 @@ ifdef CONFIG_RETPOLINE
|
||||
endif
|
||||
endif
|
||||
|
||||
ifdef CONFIG_SLS
|
||||
ifdef CONFIG_MITIGATION_SLS
|
||||
KBUILD_CFLAGS += -mharden-sls=all
|
||||
endif
|
||||
|
||||
@ -301,7 +301,7 @@ vdso-install-$(CONFIG_IA32_EMULATION) += arch/x86/entry/vdso/vdso32.so.dbg
|
||||
|
||||
archprepare: checkbin
|
||||
checkbin:
|
||||
ifdef CONFIG_RETPOLINE
|
||||
ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
ifeq ($(RETPOLINE_CFLAGS),)
|
||||
@echo "You are building kernel with non-retpoline compiler." >&2
|
||||
@echo "Please update your compiler." >&2
|
||||
|
@ -8,8 +8,8 @@
|
||||
* Copyright (C) 2016 Kees Cook
|
||||
*/
|
||||
|
||||
/* No PAGE_TABLE_ISOLATION support needed either: */
|
||||
#undef CONFIG_PAGE_TABLE_ISOLATION
|
||||
/* No MITIGATION_PAGE_TABLE_ISOLATION support needed either: */
|
||||
#undef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
|
||||
#include "error.h"
|
||||
#include "misc.h"
|
||||
|
@ -42,7 +42,7 @@ CONFIG_EFI_STUB=y
|
||||
CONFIG_HZ_1000=y
|
||||
CONFIG_KEXEC=y
|
||||
CONFIG_CRASH_DUMP=y
|
||||
# CONFIG_RETHUNK is not set
|
||||
# CONFIG_MITIGATION_RETHUNK is not set
|
||||
CONFIG_HIBERNATION=y
|
||||
CONFIG_PM_DEBUG=y
|
||||
CONFIG_PM_TRACE_RTC=y
|
||||
|
@ -142,10 +142,10 @@ For 32-bit we have the following conventions - kernel is built with
|
||||
.endif
|
||||
.endm
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
|
||||
/*
|
||||
* PAGE_TABLE_ISOLATION PGDs are 8k. Flip bit 12 to switch between the two
|
||||
* MITIGATION_PAGE_TABLE_ISOLATION PGDs are 8k. Flip bit 12 to switch between the two
|
||||
* halves:
|
||||
*/
|
||||
#define PTI_USER_PGTABLE_BIT PAGE_SHIFT
|
||||
@ -160,7 +160,7 @@ For 32-bit we have the following conventions - kernel is built with
|
||||
|
||||
.macro ADJUST_KERNEL_CR3 reg:req
|
||||
ALTERNATIVE "", "SET_NOFLUSH_BIT \reg", X86_FEATURE_PCID
|
||||
/* Clear PCID and "PAGE_TABLE_ISOLATION bit", point CR3 at kernel pagetables: */
|
||||
/* Clear PCID and "MITIGATION_PAGE_TABLE_ISOLATION bit", point CR3 at kernel pagetables: */
|
||||
andq $(~PTI_USER_PGTABLE_AND_PCID_MASK), \reg
|
||||
.endm
|
||||
|
||||
@ -275,7 +275,7 @@ For 32-bit we have the following conventions - kernel is built with
|
||||
.Lend_\@:
|
||||
.endm
|
||||
|
||||
#else /* CONFIG_PAGE_TABLE_ISOLATION=n: */
|
||||
#else /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION=n: */
|
||||
|
||||
.macro SWITCH_TO_KERNEL_CR3 scratch_reg:req
|
||||
.endm
|
||||
@ -303,7 +303,7 @@ For 32-bit we have the following conventions - kernel is built with
|
||||
* Assumes x86_spec_ctrl_{base,current} to have SPEC_CTRL_IBRS set.
|
||||
*/
|
||||
.macro IBRS_ENTER save_reg
|
||||
#ifdef CONFIG_CPU_IBRS_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_IBRS_ENTRY
|
||||
ALTERNATIVE "jmp .Lend_\@", "", X86_FEATURE_KERNEL_IBRS
|
||||
movl $MSR_IA32_SPEC_CTRL, %ecx
|
||||
|
||||
@ -332,7 +332,7 @@ For 32-bit we have the following conventions - kernel is built with
|
||||
* regs. Must be called after the last RET.
|
||||
*/
|
||||
.macro IBRS_EXIT save_reg
|
||||
#ifdef CONFIG_CPU_IBRS_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_IBRS_ENTRY
|
||||
ALTERNATIVE "jmp .Lend_\@", "", X86_FEATURE_KERNEL_IBRS
|
||||
movl $MSR_IA32_SPEC_CTRL, %ecx
|
||||
|
||||
@ -426,3 +426,63 @@ For 32-bit we have the following conventions - kernel is built with
|
||||
.endm
|
||||
|
||||
#endif /* CONFIG_SMP */
|
||||
|
||||
#ifdef CONFIG_X86_64
|
||||
|
||||
/* rdi: arg1 ... normal C conventions. rax is saved/restored. */
|
||||
.macro THUNK name, func
|
||||
SYM_FUNC_START(\name)
|
||||
pushq %rbp
|
||||
movq %rsp, %rbp
|
||||
|
||||
pushq %rdi
|
||||
pushq %rsi
|
||||
pushq %rdx
|
||||
pushq %rcx
|
||||
pushq %rax
|
||||
pushq %r8
|
||||
pushq %r9
|
||||
pushq %r10
|
||||
pushq %r11
|
||||
|
||||
call \func
|
||||
|
||||
popq %r11
|
||||
popq %r10
|
||||
popq %r9
|
||||
popq %r8
|
||||
popq %rax
|
||||
popq %rcx
|
||||
popq %rdx
|
||||
popq %rsi
|
||||
popq %rdi
|
||||
popq %rbp
|
||||
RET
|
||||
SYM_FUNC_END(\name)
|
||||
_ASM_NOKPROBE(\name)
|
||||
.endm
|
||||
|
||||
#else /* CONFIG_X86_32 */
|
||||
|
||||
/* put return address in eax (arg1) */
|
||||
.macro THUNK name, func, put_ret_addr_in_eax=0
|
||||
SYM_CODE_START_NOALIGN(\name)
|
||||
pushl %eax
|
||||
pushl %ecx
|
||||
pushl %edx
|
||||
|
||||
.if \put_ret_addr_in_eax
|
||||
/* Place EIP in the arg1 */
|
||||
movl 3*4(%esp), %eax
|
||||
.endif
|
||||
|
||||
call \func
|
||||
popl %edx
|
||||
popl %ecx
|
||||
popl %eax
|
||||
RET
|
||||
_ASM_NOKPROBE(\name)
|
||||
SYM_CODE_END(\name)
|
||||
.endm
|
||||
|
||||
#endif
|
||||
|
@ -7,6 +7,8 @@
|
||||
#include <linux/linkage.h>
|
||||
#include <asm/msr-index.h>
|
||||
|
||||
#include "calling.h"
|
||||
|
||||
.pushsection .noinstr.text, "ax"
|
||||
|
||||
SYM_FUNC_START(entry_ibpb)
|
||||
@ -20,3 +22,5 @@ SYM_FUNC_END(entry_ibpb)
|
||||
EXPORT_SYMBOL_GPL(entry_ibpb);
|
||||
|
||||
.popsection
|
||||
|
||||
THUNK warn_thunk_thunk, __warn_thunk
|
||||
|
@ -562,7 +562,7 @@ SYM_INNER_LABEL(swapgs_restore_regs_and_return_to_usermode, SYM_L_GLOBAL)
|
||||
#ifdef CONFIG_XEN_PV
|
||||
ALTERNATIVE "", "jmp xenpv_restore_regs_and_return_to_usermode", X86_FEATURE_XENPV
|
||||
#endif
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
ALTERNATIVE "", "jmp .Lpti_restore_regs_and_return_to_usermode", X86_FEATURE_PTI
|
||||
#endif
|
||||
|
||||
@ -578,7 +578,7 @@ SYM_INNER_LABEL(swapgs_restore_regs_and_return_to_usermode, SYM_L_GLOBAL)
|
||||
jnz .Lnative_iret
|
||||
ud2
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
.Lpti_restore_regs_and_return_to_usermode:
|
||||
POP_REGS pop_rdi=0
|
||||
|
||||
@ -1096,7 +1096,7 @@ SYM_CODE_END(error_return)
|
||||
*
|
||||
* Registers:
|
||||
* %r14: Used to save/restore the CR3 of the interrupted context
|
||||
* when PAGE_TABLE_ISOLATION is in use. Do not clobber.
|
||||
* when MITIGATION_PAGE_TABLE_ISOLATION is in use. Do not clobber.
|
||||
*/
|
||||
SYM_CODE_START(asm_exc_nmi)
|
||||
UNWIND_HINT_IRET_ENTRY
|
||||
|
@ -4,33 +4,15 @@
|
||||
* Copyright 2008 by Steven Rostedt, Red Hat, Inc
|
||||
* (inspired by Andi Kleen's thunk_64.S)
|
||||
*/
|
||||
#include <linux/export.h>
|
||||
#include <linux/linkage.h>
|
||||
#include <asm/asm.h>
|
||||
|
||||
/* put return address in eax (arg1) */
|
||||
.macro THUNK name, func, put_ret_addr_in_eax=0
|
||||
SYM_CODE_START_NOALIGN(\name)
|
||||
pushl %eax
|
||||
pushl %ecx
|
||||
pushl %edx
|
||||
#include <linux/export.h>
|
||||
#include <linux/linkage.h>
|
||||
#include <asm/asm.h>
|
||||
|
||||
.if \put_ret_addr_in_eax
|
||||
/* Place EIP in the arg1 */
|
||||
movl 3*4(%esp), %eax
|
||||
.endif
|
||||
#include "calling.h"
|
||||
|
||||
call \func
|
||||
popl %edx
|
||||
popl %ecx
|
||||
popl %eax
|
||||
RET
|
||||
_ASM_NOKPROBE(\name)
|
||||
SYM_CODE_END(\name)
|
||||
.endm
|
||||
|
||||
THUNK preempt_schedule_thunk, preempt_schedule
|
||||
THUNK preempt_schedule_notrace_thunk, preempt_schedule_notrace
|
||||
EXPORT_SYMBOL(preempt_schedule_thunk)
|
||||
EXPORT_SYMBOL(preempt_schedule_notrace_thunk)
|
||||
THUNK preempt_schedule_thunk, preempt_schedule
|
||||
THUNK preempt_schedule_notrace_thunk, preempt_schedule_notrace
|
||||
EXPORT_SYMBOL(preempt_schedule_thunk)
|
||||
EXPORT_SYMBOL(preempt_schedule_notrace_thunk)
|
||||
|
||||
|
@ -9,39 +9,6 @@
|
||||
#include "calling.h"
|
||||
#include <asm/asm.h>
|
||||
|
||||
/* rdi: arg1 ... normal C conventions. rax is saved/restored. */
|
||||
.macro THUNK name, func
|
||||
SYM_FUNC_START(\name)
|
||||
pushq %rbp
|
||||
movq %rsp, %rbp
|
||||
|
||||
pushq %rdi
|
||||
pushq %rsi
|
||||
pushq %rdx
|
||||
pushq %rcx
|
||||
pushq %rax
|
||||
pushq %r8
|
||||
pushq %r9
|
||||
pushq %r10
|
||||
pushq %r11
|
||||
|
||||
call \func
|
||||
|
||||
popq %r11
|
||||
popq %r10
|
||||
popq %r9
|
||||
popq %r8
|
||||
popq %rax
|
||||
popq %rcx
|
||||
popq %rdx
|
||||
popq %rsi
|
||||
popq %rdi
|
||||
popq %rbp
|
||||
RET
|
||||
SYM_FUNC_END(\name)
|
||||
_ASM_NOKPROBE(\name)
|
||||
.endm
|
||||
|
||||
THUNK preempt_schedule_thunk, preempt_schedule
|
||||
THUNK preempt_schedule_notrace_thunk, preempt_schedule_notrace
|
||||
EXPORT_SYMBOL(preempt_schedule_thunk)
|
||||
|
@ -87,7 +87,7 @@ CFL := $(PROFILING) -mcmodel=small -fPIC -O2 -fasynchronous-unwind-tables -m64 \
|
||||
-fno-omit-frame-pointer -foptimize-sibling-calls \
|
||||
-DDISABLE_BRANCH_PROFILING -DBUILD_VDSO
|
||||
|
||||
ifdef CONFIG_RETPOLINE
|
||||
ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
ifneq ($(RETPOLINE_VDSO_CFLAGS),)
|
||||
CFL += $(RETPOLINE_VDSO_CFLAGS)
|
||||
endif
|
||||
@ -164,7 +164,7 @@ KBUILD_CFLAGS_32 += $(call cc-option, -foptimize-sibling-calls)
|
||||
KBUILD_CFLAGS_32 += -fno-omit-frame-pointer
|
||||
KBUILD_CFLAGS_32 += -DDISABLE_BRANCH_PROFILING
|
||||
|
||||
ifdef CONFIG_RETPOLINE
|
||||
ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
ifneq ($(RETPOLINE_VDSO_CFLAGS),)
|
||||
KBUILD_CFLAGS_32 += $(RETPOLINE_VDSO_CFLAGS)
|
||||
endif
|
||||
|
@ -18,7 +18,7 @@ struct pcpu_hot {
|
||||
struct task_struct *current_task;
|
||||
int preempt_count;
|
||||
int cpu_number;
|
||||
#ifdef CONFIG_CALL_DEPTH_TRACKING
|
||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||
u64 call_depth;
|
||||
#endif
|
||||
unsigned long top_of_stack;
|
||||
|
@ -44,32 +44,32 @@
|
||||
# define DISABLE_LA57 (1<<(X86_FEATURE_LA57 & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
# define DISABLE_PTI 0
|
||||
#else
|
||||
# define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
# define DISABLE_RETPOLINE 0
|
||||
#else
|
||||
# define DISABLE_RETPOLINE ((1 << (X86_FEATURE_RETPOLINE & 31)) | \
|
||||
(1 << (X86_FEATURE_RETPOLINE_LFENCE & 31)))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_RETHUNK
|
||||
#ifdef CONFIG_MITIGATION_RETHUNK
|
||||
# define DISABLE_RETHUNK 0
|
||||
#else
|
||||
# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
# define DISABLE_UNRET 0
|
||||
#else
|
||||
# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CALL_DEPTH_TRACKING
|
||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||
# define DISABLE_CALL_DEPTH_TRACKING 0
|
||||
#else
|
||||
# define DISABLE_CALL_DEPTH_TRACKING (1 << (X86_FEATURE_CALL_DEPTH & 31))
|
||||
|
@ -40,27 +40,27 @@
|
||||
|
||||
#ifdef __ASSEMBLY__
|
||||
|
||||
#if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO)
|
||||
#if defined(CONFIG_MITIGATION_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO)
|
||||
#define RET jmp __x86_return_thunk
|
||||
#else /* CONFIG_RETPOLINE */
|
||||
#ifdef CONFIG_SLS
|
||||
#else /* CONFIG_MITIGATION_RETPOLINE */
|
||||
#ifdef CONFIG_MITIGATION_SLS
|
||||
#define RET ret; int3
|
||||
#else
|
||||
#define RET ret
|
||||
#endif
|
||||
#endif /* CONFIG_RETPOLINE */
|
||||
#endif /* CONFIG_MITIGATION_RETPOLINE */
|
||||
|
||||
#else /* __ASSEMBLY__ */
|
||||
|
||||
#if defined(CONFIG_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO)
|
||||
#if defined(CONFIG_MITIGATION_RETHUNK) && !defined(__DISABLE_EXPORTS) && !defined(BUILD_VDSO)
|
||||
#define ASM_RET "jmp __x86_return_thunk\n\t"
|
||||
#else /* CONFIG_RETPOLINE */
|
||||
#ifdef CONFIG_SLS
|
||||
#else /* CONFIG_MITIGATION_RETPOLINE */
|
||||
#ifdef CONFIG_MITIGATION_SLS
|
||||
#define ASM_RET "ret; int3\n\t"
|
||||
#else
|
||||
#define ASM_RET "ret\n\t"
|
||||
#endif
|
||||
#endif /* CONFIG_RETPOLINE */
|
||||
#endif /* CONFIG_MITIGATION_RETPOLINE */
|
||||
|
||||
#endif /* __ASSEMBLY__ */
|
||||
|
||||
|
@ -73,7 +73,7 @@
|
||||
# define CALL_THUNKS_DEBUG_INC_CTXSW
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_CALL_DEPTH_TRACKING) && !defined(COMPILE_OFFSETS)
|
||||
#if defined(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) && !defined(COMPILE_OFFSETS)
|
||||
|
||||
#include <asm/asm-offsets.h>
|
||||
|
||||
@ -203,7 +203,7 @@
|
||||
*/
|
||||
.macro VALIDATE_UNRET_END
|
||||
#if defined(CONFIG_NOINSTR_VALIDATION) && \
|
||||
(defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
||||
(defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO))
|
||||
ANNOTATE_RETPOLINE_SAFE
|
||||
nop
|
||||
#endif
|
||||
@ -232,7 +232,7 @@
|
||||
* instruction irrespective of kCFI.
|
||||
*/
|
||||
.macro JMP_NOSPEC reg:req
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
__CS_PREFIX \reg
|
||||
jmp __x86_indirect_thunk_\reg
|
||||
#else
|
||||
@ -242,7 +242,7 @@
|
||||
.endm
|
||||
|
||||
.macro CALL_NOSPEC reg:req
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
__CS_PREFIX \reg
|
||||
call __x86_indirect_thunk_\reg
|
||||
#else
|
||||
@ -262,7 +262,7 @@
|
||||
.Lskip_rsb_\@:
|
||||
.endm
|
||||
|
||||
#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
||||
#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO)
|
||||
#define CALL_UNTRAIN_RET "call entry_untrain_ret"
|
||||
#else
|
||||
#define CALL_UNTRAIN_RET ""
|
||||
@ -280,7 +280,7 @@
|
||||
* where we have a stack but before any RET instruction.
|
||||
*/
|
||||
.macro __UNTRAIN_RET ibpb_feature, call_depth_insns
|
||||
#if defined(CONFIG_RETHUNK) || defined(CONFIG_CPU_IBPB_ENTRY)
|
||||
#if defined(CONFIG_MITIGATION_RETHUNK) || defined(CONFIG_MITIGATION_IBPB_ENTRY)
|
||||
VALIDATE_UNRET_END
|
||||
ALTERNATIVE_3 "", \
|
||||
CALL_UNTRAIN_RET, X86_FEATURE_UNRET, \
|
||||
@ -300,7 +300,7 @@
|
||||
|
||||
|
||||
.macro CALL_DEPTH_ACCOUNT
|
||||
#ifdef CONFIG_CALL_DEPTH_TRACKING
|
||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||
ALTERNATIVE "", \
|
||||
__stringify(INCREMENT_CALL_DEPTH), X86_FEATURE_CALL_DEPTH
|
||||
#endif
|
||||
@ -319,19 +319,19 @@ extern retpoline_thunk_t __x86_indirect_thunk_array[];
|
||||
extern retpoline_thunk_t __x86_indirect_call_thunk_array[];
|
||||
extern retpoline_thunk_t __x86_indirect_jump_thunk_array[];
|
||||
|
||||
#ifdef CONFIG_RETHUNK
|
||||
#ifdef CONFIG_MITIGATION_RETHUNK
|
||||
extern void __x86_return_thunk(void);
|
||||
#else
|
||||
static inline void __x86_return_thunk(void) {}
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
extern void retbleed_return_thunk(void);
|
||||
#else
|
||||
static inline void retbleed_return_thunk(void) {}
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_SRSO
|
||||
#ifdef CONFIG_MITIGATION_SRSO
|
||||
extern void srso_return_thunk(void);
|
||||
extern void srso_alias_return_thunk(void);
|
||||
#else
|
||||
@ -348,7 +348,9 @@ extern void entry_ibpb(void);
|
||||
|
||||
extern void (*x86_return_thunk)(void);
|
||||
|
||||
#ifdef CONFIG_CALL_DEPTH_TRACKING
|
||||
extern void __warn_thunk(void);
|
||||
|
||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||
extern void call_depth_return_thunk(void);
|
||||
|
||||
#define CALL_DEPTH_ACCOUNT \
|
||||
@ -362,14 +364,14 @@ DECLARE_PER_CPU(u64, __x86_ret_count);
|
||||
DECLARE_PER_CPU(u64, __x86_stuffs_count);
|
||||
DECLARE_PER_CPU(u64, __x86_ctxsw_count);
|
||||
#endif
|
||||
#else /* !CONFIG_CALL_DEPTH_TRACKING */
|
||||
#else /* !CONFIG_MITIGATION_CALL_DEPTH_TRACKING */
|
||||
|
||||
static inline void call_depth_return_thunk(void) {}
|
||||
#define CALL_DEPTH_ACCOUNT ""
|
||||
|
||||
#endif /* CONFIG_CALL_DEPTH_TRACKING */
|
||||
#endif /* CONFIG_MITIGATION_CALL_DEPTH_TRACKING */
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
|
||||
#define GEN(reg) \
|
||||
extern retpoline_thunk_t __x86_indirect_thunk_ ## reg;
|
||||
@ -390,7 +392,7 @@ static inline void call_depth_return_thunk(void) {}
|
||||
|
||||
/*
|
||||
* Inline asm uses the %V modifier which is only in newer GCC
|
||||
* which is ensured when CONFIG_RETPOLINE is defined.
|
||||
* which is ensured when CONFIG_MITIGATION_RETPOLINE is defined.
|
||||
*/
|
||||
# define CALL_NOSPEC \
|
||||
ALTERNATIVE_2( \
|
||||
|
@ -34,7 +34,7 @@ static inline void paravirt_release_p4d(unsigned long pfn) {}
|
||||
*/
|
||||
extern gfp_t __userpte_alloc_gfp;
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
/*
|
||||
* Instead of one PGD, we acquire two PGDs. Being order-1, it is
|
||||
* both 8k in size and 8k-aligned. That lets us just flip bit 12
|
||||
|
@ -52,7 +52,7 @@ static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd)
|
||||
|
||||
static inline void native_set_pud(pud_t *pudp, pud_t pud)
|
||||
{
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
pud.p4d.pgd = pti_set_user_pgtbl(&pudp->p4d.pgd, pud.p4d.pgd);
|
||||
#endif
|
||||
pxx_xchg64(pud, pudp, native_pud_val(pud));
|
||||
|
@ -909,7 +909,7 @@ static inline int is_new_memtype_allowed(u64 paddr, unsigned long size,
|
||||
pmd_t *populate_extra_pmd(unsigned long vaddr);
|
||||
pte_t *populate_extra_pte(unsigned long vaddr);
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
pgd_t __pti_set_user_pgtbl(pgd_t *pgdp, pgd_t pgd);
|
||||
|
||||
/*
|
||||
@ -923,12 +923,12 @@ static inline pgd_t pti_set_user_pgtbl(pgd_t *pgdp, pgd_t pgd)
|
||||
return pgd;
|
||||
return __pti_set_user_pgtbl(pgdp, pgd);
|
||||
}
|
||||
#else /* CONFIG_PAGE_TABLE_ISOLATION */
|
||||
#else /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */
|
||||
static inline pgd_t pti_set_user_pgtbl(pgd_t *pgdp, pgd_t pgd)
|
||||
{
|
||||
return pgd;
|
||||
}
|
||||
#endif /* CONFIG_PAGE_TABLE_ISOLATION */
|
||||
#endif /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */
|
||||
|
||||
#endif /* __ASSEMBLY__ */
|
||||
|
||||
@ -1131,7 +1131,7 @@ static inline int p4d_bad(p4d_t p4d)
|
||||
{
|
||||
unsigned long ignore_flags = _KERNPG_TABLE | _PAGE_USER;
|
||||
|
||||
if (IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION))
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION))
|
||||
ignore_flags |= _PAGE_NX;
|
||||
|
||||
return (p4d_flags(p4d) & ~ignore_flags) != 0;
|
||||
@ -1177,7 +1177,7 @@ static inline int pgd_bad(pgd_t pgd)
|
||||
if (!pgtable_l5_enabled())
|
||||
return 0;
|
||||
|
||||
if (IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION))
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION))
|
||||
ignore_flags |= _PAGE_NX;
|
||||
|
||||
return (pgd_flags(pgd) & ~ignore_flags) != _KERNPG_TABLE;
|
||||
@ -1422,9 +1422,9 @@ static inline bool pgdp_maps_userspace(void *__ptr)
|
||||
#define pgd_leaf pgd_large
|
||||
static inline int pgd_large(pgd_t pgd) { return 0; }
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
/*
|
||||
* All top-level PAGE_TABLE_ISOLATION page tables are order-1 pages
|
||||
* All top-level MITIGATION_PAGE_TABLE_ISOLATION page tables are order-1 pages
|
||||
* (8k-aligned and 8k in size). The kernel one is at the beginning 4k and
|
||||
* the user one is in the last 4k. To switch between them, you
|
||||
* just need to flip the 12th bit in their addresses.
|
||||
@ -1469,7 +1469,7 @@ static inline p4d_t *user_to_kernel_p4dp(p4d_t *p4dp)
|
||||
{
|
||||
return ptr_clear_bit(p4dp, PTI_PGTABLE_SWITCH_BIT);
|
||||
}
|
||||
#endif /* CONFIG_PAGE_TABLE_ISOLATION */
|
||||
#endif /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */
|
||||
|
||||
/*
|
||||
* clone_pgd_range(pgd_t *dst, pgd_t *src, int count);
|
||||
@ -1484,7 +1484,7 @@ static inline p4d_t *user_to_kernel_p4dp(p4d_t *p4dp)
|
||||
static inline void clone_pgd_range(pgd_t *dst, pgd_t *src, int count)
|
||||
{
|
||||
memcpy(dst, src, count * sizeof(pgd_t));
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
if (!static_cpu_has(X86_FEATURE_PTI))
|
||||
return;
|
||||
/* Clone the user space pgd as well */
|
||||
|
@ -143,7 +143,8 @@ static inline void native_set_p4d(p4d_t *p4dp, p4d_t p4d)
|
||||
{
|
||||
pgd_t pgd;
|
||||
|
||||
if (pgtable_l5_enabled() || !IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) {
|
||||
if (pgtable_l5_enabled() ||
|
||||
!IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION)) {
|
||||
WRITE_ONCE(*p4dp, p4d);
|
||||
return;
|
||||
}
|
||||
|
@ -51,7 +51,7 @@
|
||||
#define CR3_NOFLUSH 0
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
# define X86_CR3_PTI_PCID_USER_BIT 11
|
||||
#endif
|
||||
|
||||
|
@ -3,7 +3,7 @@
|
||||
#define _ASM_X86_PTI_H
|
||||
#ifndef __ASSEMBLY__
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
extern void pti_init(void);
|
||||
extern void pti_check_boottime_disable(void);
|
||||
extern void pti_finalize(void);
|
||||
|
@ -46,7 +46,7 @@
|
||||
#define ARCH_DEFINE_STATIC_CALL_TRAMP(name, func) \
|
||||
__ARCH_DEFINE_STATIC_CALL_TRAMP(name, ".byte 0xe9; .long " #func " - (. + 4)")
|
||||
|
||||
#ifdef CONFIG_RETHUNK
|
||||
#ifdef CONFIG_MITIGATION_RETHUNK
|
||||
#define ARCH_DEFINE_STATIC_CALL_NULL_TRAMP(name) \
|
||||
__ARCH_DEFINE_STATIC_CALL_TRAMP(name, "jmp __x86_return_thunk")
|
||||
#else
|
||||
|
@ -544,7 +544,7 @@ static inline bool is_jcc32(struct insn *insn)
|
||||
return insn->opcode.bytes[0] == 0x0f && (insn->opcode.bytes[1] & 0xf0) == 0x80;
|
||||
}
|
||||
|
||||
#if defined(CONFIG_RETPOLINE) && defined(CONFIG_OBJTOOL)
|
||||
#if defined(CONFIG_MITIGATION_RETPOLINE) && defined(CONFIG_OBJTOOL)
|
||||
|
||||
/*
|
||||
* CALL/JMP *%\reg
|
||||
@ -708,8 +708,8 @@ static int patch_retpoline(void *addr, struct insn *insn, u8 *bytes)
|
||||
/*
|
||||
* The compiler is supposed to EMIT an INT3 after every unconditional
|
||||
* JMP instruction due to AMD BTC. However, if the compiler is too old
|
||||
* or SLS isn't enabled, we still need an INT3 after indirect JMPs
|
||||
* even on Intel.
|
||||
* or MITIGATION_SLS isn't enabled, we still need an INT3 after
|
||||
* indirect JMPs even on Intel.
|
||||
*/
|
||||
if (op == JMP32_INSN_OPCODE && i < insn->length)
|
||||
bytes[i++] = INT3_INSN_OPCODE;
|
||||
@ -769,7 +769,7 @@ void __init_or_module noinline apply_retpolines(s32 *start, s32 *end)
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef CONFIG_RETHUNK
|
||||
#ifdef CONFIG_MITIGATION_RETHUNK
|
||||
|
||||
/*
|
||||
* Rewrite the compiler generated return thunk tail-calls.
|
||||
@ -842,14 +842,14 @@ void __init_or_module noinline apply_returns(s32 *start, s32 *end)
|
||||
}
|
||||
#else
|
||||
void __init_or_module noinline apply_returns(s32 *start, s32 *end) { }
|
||||
#endif /* CONFIG_RETHUNK */
|
||||
#endif /* CONFIG_MITIGATION_RETHUNK */
|
||||
|
||||
#else /* !CONFIG_RETPOLINE || !CONFIG_OBJTOOL */
|
||||
#else /* !CONFIG_MITIGATION_RETPOLINE || !CONFIG_OBJTOOL */
|
||||
|
||||
void __init_or_module noinline apply_retpolines(s32 *start, s32 *end) { }
|
||||
void __init_or_module noinline apply_returns(s32 *start, s32 *end) { }
|
||||
|
||||
#endif /* CONFIG_RETPOLINE && CONFIG_OBJTOOL */
|
||||
#endif /* CONFIG_MITIGATION_RETPOLINE && CONFIG_OBJTOOL */
|
||||
|
||||
#ifdef CONFIG_X86_KERNEL_IBT
|
||||
|
||||
|
@ -109,7 +109,7 @@ static void __used common(void)
|
||||
OFFSET(TSS_sp2, tss_struct, x86_tss.sp2);
|
||||
OFFSET(X86_top_of_stack, pcpu_hot, top_of_stack);
|
||||
OFFSET(X86_current_task, pcpu_hot, current_task);
|
||||
#ifdef CONFIG_CALL_DEPTH_TRACKING
|
||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||
OFFSET(X86_call_depth, pcpu_hot, call_depth);
|
||||
#endif
|
||||
#if IS_ENABLED(CONFIG_CRYPTO_ARIA_AESNI_AVX_X86_64)
|
||||
|
@ -941,7 +941,7 @@ static void fix_erratum_1386(struct cpuinfo_x86 *c)
|
||||
|
||||
void init_spectral_chicken(struct cpuinfo_x86 *c)
|
||||
{
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
u64 value;
|
||||
|
||||
/*
|
||||
|
@ -671,7 +671,7 @@ enum gds_mitigations {
|
||||
GDS_MITIGATION_HYPERVISOR,
|
||||
};
|
||||
|
||||
#if IS_ENABLED(CONFIG_GDS_FORCE_MITIGATION)
|
||||
#if IS_ENABLED(CONFIG_MITIGATION_GDS_FORCE)
|
||||
static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FORCE;
|
||||
#else
|
||||
static enum gds_mitigations gds_mitigation __ro_after_init = GDS_MITIGATION_FULL;
|
||||
@ -982,10 +982,10 @@ static void __init retbleed_select_mitigation(void)
|
||||
return;
|
||||
|
||||
case RETBLEED_CMD_UNRET:
|
||||
if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) {
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY)) {
|
||||
retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
|
||||
} else {
|
||||
pr_err("WARNING: kernel not compiled with CPU_UNRET_ENTRY.\n");
|
||||
pr_err("WARNING: kernel not compiled with MITIGATION_UNRET_ENTRY.\n");
|
||||
goto do_cmd_auto;
|
||||
}
|
||||
break;
|
||||
@ -994,24 +994,24 @@ static void __init retbleed_select_mitigation(void)
|
||||
if (!boot_cpu_has(X86_FEATURE_IBPB)) {
|
||||
pr_err("WARNING: CPU does not support IBPB.\n");
|
||||
goto do_cmd_auto;
|
||||
} else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) {
|
||||
} else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) {
|
||||
retbleed_mitigation = RETBLEED_MITIGATION_IBPB;
|
||||
} else {
|
||||
pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n");
|
||||
pr_err("WARNING: kernel not compiled with MITIGATION_IBPB_ENTRY.\n");
|
||||
goto do_cmd_auto;
|
||||
}
|
||||
break;
|
||||
|
||||
case RETBLEED_CMD_STUFF:
|
||||
if (IS_ENABLED(CONFIG_CALL_DEPTH_TRACKING) &&
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) &&
|
||||
spectre_v2_enabled == SPECTRE_V2_RETPOLINE) {
|
||||
retbleed_mitigation = RETBLEED_MITIGATION_STUFF;
|
||||
|
||||
} else {
|
||||
if (IS_ENABLED(CONFIG_CALL_DEPTH_TRACKING))
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING))
|
||||
pr_err("WARNING: retbleed=stuff depends on spectre_v2=retpoline\n");
|
||||
else
|
||||
pr_err("WARNING: kernel not compiled with CALL_DEPTH_TRACKING.\n");
|
||||
pr_err("WARNING: kernel not compiled with MITIGATION_CALL_DEPTH_TRACKING.\n");
|
||||
|
||||
goto do_cmd_auto;
|
||||
}
|
||||
@ -1021,9 +1021,10 @@ static void __init retbleed_select_mitigation(void)
|
||||
case RETBLEED_CMD_AUTO:
|
||||
if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD ||
|
||||
boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) {
|
||||
if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY))
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_UNRET_ENTRY))
|
||||
retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
|
||||
else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY) && boot_cpu_has(X86_FEATURE_IBPB))
|
||||
else if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY) &&
|
||||
boot_cpu_has(X86_FEATURE_IBPB))
|
||||
retbleed_mitigation = RETBLEED_MITIGATION_IBPB;
|
||||
}
|
||||
|
||||
@ -1102,7 +1103,7 @@ static enum spectre_v2_user_mitigation spectre_v2_user_stibp __ro_after_init =
|
||||
static enum spectre_v2_user_mitigation spectre_v2_user_ibpb __ro_after_init =
|
||||
SPECTRE_V2_USER_NONE;
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
static bool spectre_v2_bad_module;
|
||||
|
||||
bool retpoline_module_ok(bool has_retpoline)
|
||||
@ -1415,7 +1416,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void)
|
||||
cmd == SPECTRE_V2_CMD_RETPOLINE_GENERIC ||
|
||||
cmd == SPECTRE_V2_CMD_EIBRS_LFENCE ||
|
||||
cmd == SPECTRE_V2_CMD_EIBRS_RETPOLINE) &&
|
||||
!IS_ENABLED(CONFIG_RETPOLINE)) {
|
||||
!IS_ENABLED(CONFIG_MITIGATION_RETPOLINE)) {
|
||||
pr_err("%s selected but not compiled in. Switching to AUTO select\n",
|
||||
mitigation_options[i].option);
|
||||
return SPECTRE_V2_CMD_AUTO;
|
||||
@ -1438,7 +1439,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void)
|
||||
return SPECTRE_V2_CMD_AUTO;
|
||||
}
|
||||
|
||||
if (cmd == SPECTRE_V2_CMD_IBRS && !IS_ENABLED(CONFIG_CPU_IBRS_ENTRY)) {
|
||||
if (cmd == SPECTRE_V2_CMD_IBRS && !IS_ENABLED(CONFIG_MITIGATION_IBRS_ENTRY)) {
|
||||
pr_err("%s selected but not compiled in. Switching to AUTO select\n",
|
||||
mitigation_options[i].option);
|
||||
return SPECTRE_V2_CMD_AUTO;
|
||||
@ -1469,7 +1470,7 @@ static enum spectre_v2_mitigation_cmd __init spectre_v2_parse_cmdline(void)
|
||||
|
||||
static enum spectre_v2_mitigation __init spectre_v2_select_retpoline(void)
|
||||
{
|
||||
if (!IS_ENABLED(CONFIG_RETPOLINE)) {
|
||||
if (!IS_ENABLED(CONFIG_MITIGATION_RETPOLINE)) {
|
||||
pr_err("Kernel not compiled with retpoline; no mitigation available!");
|
||||
return SPECTRE_V2_NONE;
|
||||
}
|
||||
@ -1564,7 +1565,7 @@ static void __init spectre_v2_select_mitigation(void)
|
||||
break;
|
||||
}
|
||||
|
||||
if (IS_ENABLED(CONFIG_CPU_IBRS_ENTRY) &&
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_IBRS_ENTRY) &&
|
||||
boot_cpu_has_bug(X86_BUG_RETBLEED) &&
|
||||
retbleed_cmd != RETBLEED_CMD_OFF &&
|
||||
retbleed_cmd != RETBLEED_CMD_STUFF &&
|
||||
@ -2457,7 +2458,7 @@ static void __init srso_select_mitigation(void)
|
||||
break;
|
||||
|
||||
case SRSO_CMD_SAFE_RET:
|
||||
if (IS_ENABLED(CONFIG_CPU_SRSO)) {
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_SRSO)) {
|
||||
/*
|
||||
* Enable the return thunk for generated code
|
||||
* like ftrace, static_call, etc.
|
||||
@ -2477,29 +2478,29 @@ static void __init srso_select_mitigation(void)
|
||||
else
|
||||
srso_mitigation = SRSO_MITIGATION_SAFE_RET_UCODE_NEEDED;
|
||||
} else {
|
||||
pr_err("WARNING: kernel not compiled with CPU_SRSO.\n");
|
||||
pr_err("WARNING: kernel not compiled with MITIGATION_SRSO.\n");
|
||||
}
|
||||
break;
|
||||
|
||||
case SRSO_CMD_IBPB:
|
||||
if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) {
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_IBPB_ENTRY)) {
|
||||
if (has_microcode) {
|
||||
setup_force_cpu_cap(X86_FEATURE_ENTRY_IBPB);
|
||||
srso_mitigation = SRSO_MITIGATION_IBPB;
|
||||
}
|
||||
} else {
|
||||
pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n");
|
||||
pr_err("WARNING: kernel not compiled with MITIGATION_IBPB_ENTRY.\n");
|
||||
}
|
||||
break;
|
||||
|
||||
case SRSO_CMD_IBPB_ON_VMEXIT:
|
||||
if (IS_ENABLED(CONFIG_CPU_SRSO)) {
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_SRSO)) {
|
||||
if (!boot_cpu_has(X86_FEATURE_ENTRY_IBPB) && has_microcode) {
|
||||
setup_force_cpu_cap(X86_FEATURE_IBPB_ON_VMEXIT);
|
||||
srso_mitigation = SRSO_MITIGATION_IBPB_ON_VMEXIT;
|
||||
}
|
||||
} else {
|
||||
pr_err("WARNING: kernel not compiled with CPU_SRSO.\n");
|
||||
pr_err("WARNING: kernel not compiled with MITIGATION_SRSO.\n");
|
||||
}
|
||||
break;
|
||||
}
|
||||
@ -2849,3 +2850,8 @@ ssize_t cpu_show_gds(struct device *dev, struct device_attribute *attr, char *bu
|
||||
return cpu_show_common(dev, attr, buf, X86_BUG_GDS);
|
||||
}
|
||||
#endif
|
||||
|
||||
void __warn_thunk(void)
|
||||
{
|
||||
WARN_ONCE(1, "Unpatched return thunk in use. This should not happen!\n");
|
||||
}
|
||||
|
@ -410,7 +410,7 @@ static void __die_header(const char *str, struct pt_regs *regs, long err)
|
||||
IS_ENABLED(CONFIG_SMP) ? " SMP" : "",
|
||||
debug_pagealloc_enabled() ? " DEBUG_PAGEALLOC" : "",
|
||||
IS_ENABLED(CONFIG_KASAN) ? " KASAN" : "",
|
||||
IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION) ?
|
||||
IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION) ?
|
||||
(boot_cpu_has(X86_FEATURE_PTI) ? " PTI" : " NOPTI") : "");
|
||||
}
|
||||
NOKPROBE_SYMBOL(__die_header);
|
||||
|
@ -307,7 +307,8 @@ union ftrace_op_code_union {
|
||||
} __attribute__((packed));
|
||||
};
|
||||
|
||||
#define RET_SIZE (IS_ENABLED(CONFIG_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_SLS))
|
||||
#define RET_SIZE \
|
||||
(IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) ? 5 : 1 + IS_ENABLED(CONFIG_MITIGATION_SLS))
|
||||
|
||||
static unsigned long
|
||||
create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size)
|
||||
|
@ -414,7 +414,7 @@ __REFDATA
|
||||
.align 4
|
||||
SYM_DATA(initial_code, .long i386_start_kernel)
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
#define PGD_ALIGN (2 * PAGE_SIZE)
|
||||
#define PTI_USER_PGD_FILL 1024
|
||||
#else
|
||||
@ -474,7 +474,7 @@ SYM_DATA_START(initial_page_table)
|
||||
# endif
|
||||
.align PAGE_SIZE /* needs to be page-sized too */
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
/*
|
||||
* PTI needs another page so sync_initial_pagetable() works correctly
|
||||
* and does not scribble over the data which is placed behind the
|
||||
|
@ -622,7 +622,7 @@ SYM_CODE_END(vc_no_ghcb)
|
||||
#define SYM_DATA_START_PAGE_ALIGNED(name) \
|
||||
SYM_START(name, SYM_L_GLOBAL, .balign PAGE_SIZE)
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
/*
|
||||
* Each PGD needs to be 8k long and 8k aligned. We do not
|
||||
* ever go out to userspace with these, so we do not
|
||||
|
@ -324,7 +324,7 @@ static int can_optimize(unsigned long paddr)
|
||||
* However, the kernel built with retpolines or IBT has jump
|
||||
* tables disabled so the check can be skipped altogether.
|
||||
*/
|
||||
if (!IS_ENABLED(CONFIG_RETPOLINE) &&
|
||||
if (!IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) &&
|
||||
!IS_ENABLED(CONFIG_X86_KERNEL_IBT) &&
|
||||
insn_is_indirect_jump(&insn))
|
||||
return 0;
|
||||
|
@ -184,7 +184,7 @@ static struct ldt_struct *alloc_ldt_struct(unsigned int num_entries)
|
||||
return new_ldt;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
|
||||
static void do_sanity_check(struct mm_struct *mm,
|
||||
bool had_kernel_mapping,
|
||||
@ -377,7 +377,7 @@ static void unmap_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt)
|
||||
flush_tlb_mm_range(mm, va, va + nr_pages * PAGE_SIZE, PAGE_SHIFT, false);
|
||||
}
|
||||
|
||||
#else /* !CONFIG_PAGE_TABLE_ISOLATION */
|
||||
#else /* !CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */
|
||||
|
||||
static int
|
||||
map_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt, int slot)
|
||||
@ -388,11 +388,11 @@ map_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt, int slot)
|
||||
static void unmap_ldt_struct(struct mm_struct *mm, struct ldt_struct *ldt)
|
||||
{
|
||||
}
|
||||
#endif /* CONFIG_PAGE_TABLE_ISOLATION */
|
||||
#endif /* CONFIG_MITIGATION_PAGE_TABLE_ISOLATION */
|
||||
|
||||
static void free_ldt_pgtables(struct mm_struct *mm)
|
||||
{
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
struct mmu_gather tlb;
|
||||
unsigned long start = LDT_BASE_ADDR;
|
||||
unsigned long end = LDT_END_ADDR;
|
||||
|
@ -172,7 +172,7 @@ void arch_static_call_transform(void *site, void *tramp, void *func, bool tail)
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(arch_static_call_transform);
|
||||
|
||||
#ifdef CONFIG_RETHUNK
|
||||
#ifdef CONFIG_MITIGATION_RETHUNK
|
||||
/*
|
||||
* This is called by apply_returns() to fix up static call trampolines,
|
||||
* specifically ARCH_DEFINE_STATIC_CALL_NULL_TRAMP which is recorded as
|
||||
|
@ -133,7 +133,7 @@ SECTIONS
|
||||
LOCK_TEXT
|
||||
KPROBES_TEXT
|
||||
SOFTIRQENTRY_TEXT
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
*(.text..__x86.indirect_thunk)
|
||||
*(.text..__x86.return_thunk)
|
||||
#endif
|
||||
@ -143,7 +143,7 @@ SECTIONS
|
||||
*(.text..__x86.rethunk_untrain)
|
||||
ENTRY_TEXT
|
||||
|
||||
#ifdef CONFIG_CPU_SRSO
|
||||
#ifdef CONFIG_MITIGATION_SRSO
|
||||
/*
|
||||
* See the comment above srso_alias_untrain_ret()'s
|
||||
* definition.
|
||||
@ -268,7 +268,7 @@ SECTIONS
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
/*
|
||||
* List of instructions that call/jmp/jcc to retpoline thunks
|
||||
* __x86_indirect_thunk_*(). These instructions can be patched along
|
||||
@ -505,11 +505,11 @@ INIT_PER_CPU(irq_stack_backing_store);
|
||||
"fixed_percpu_data is not at start of per-cpu area");
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
. = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned");
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_SRSO
|
||||
#ifdef CONFIG_MITIGATION_SRSO
|
||||
. = ASSERT((srso_safe_ret & 0x3f) == 0, "srso_safe_ret not cacheline-aligned");
|
||||
/*
|
||||
* GNU ld cannot do XOR until 2.41.
|
||||
|
@ -263,7 +263,7 @@ static unsigned long get_guest_cr3(struct kvm_vcpu *vcpu)
|
||||
static inline unsigned long kvm_mmu_get_guest_pgd(struct kvm_vcpu *vcpu,
|
||||
struct kvm_mmu *mmu)
|
||||
{
|
||||
if (IS_ENABLED(CONFIG_RETPOLINE) && mmu->get_guest_pgd == get_guest_cr3)
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && mmu->get_guest_pgd == get_guest_cr3)
|
||||
return kvm_read_cr3(vcpu);
|
||||
|
||||
return mmu->get_guest_pgd(vcpu);
|
||||
|
@ -315,7 +315,7 @@ static inline int kvm_mmu_do_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa,
|
||||
if (!prefetch)
|
||||
vcpu->stat.pf_taken++;
|
||||
|
||||
if (IS_ENABLED(CONFIG_RETPOLINE) && fault.is_tdp)
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && fault.is_tdp)
|
||||
r = kvm_tdp_page_fault(vcpu, &fault);
|
||||
else
|
||||
r = vcpu->arch.mmu->page_fault(vcpu, &fault);
|
||||
|
@ -3455,7 +3455,7 @@ int svm_invoke_exit_handler(struct kvm_vcpu *vcpu, u64 exit_code)
|
||||
if (!svm_check_exit_valid(exit_code))
|
||||
return svm_handle_invalid_exit(vcpu, exit_code);
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
if (exit_code == SVM_EXIT_MSR)
|
||||
return msr_interception(vcpu);
|
||||
else if (exit_code == SVM_EXIT_VINTR)
|
||||
|
@ -207,7 +207,7 @@ SYM_FUNC_START(__svm_vcpu_run)
|
||||
7: vmload %_ASM_AX
|
||||
8:
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
/* IMPORTANT: Stuff the RSB immediately after VM-Exit, before RET! */
|
||||
FILL_RETURN_BUFFER %_ASM_AX, RSB_CLEAR_LOOPS, X86_FEATURE_RETPOLINE
|
||||
#endif
|
||||
@ -344,7 +344,7 @@ SYM_FUNC_START(__svm_sev_es_vcpu_run)
|
||||
/* Pop @svm to RDI, guest registers have been saved already. */
|
||||
pop %_ASM_DI
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
/* IMPORTANT: Stuff the RSB immediately after VM-Exit, before RET! */
|
||||
FILL_RETURN_BUFFER %_ASM_AX, RSB_CLEAR_LOOPS, X86_FEATURE_RETPOLINE
|
||||
#endif
|
||||
|
@ -6543,7 +6543,7 @@ static int __vmx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath)
|
||||
|
||||
if (exit_reason.basic >= kvm_vmx_max_exit_handlers)
|
||||
goto unexpected_vmexit;
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
if (exit_reason.basic == EXIT_REASON_MSR_WRITE)
|
||||
return kvm_emulate_wrmsr(vcpu);
|
||||
else if (exit_reason.basic == EXIT_REASON_PREEMPTION_TIMER)
|
||||
|
@ -49,7 +49,7 @@ lib-$(CONFIG_ARCH_HAS_COPY_MC) += copy_mc.o copy_mc_64.o
|
||||
lib-$(CONFIG_INSTRUCTION_DECODER) += insn.o inat.o insn-eval.o
|
||||
lib-$(CONFIG_RANDOMIZE_BASE) += kaslr.o
|
||||
lib-$(CONFIG_FUNCTION_ERROR_INJECTION) += error-inject.o
|
||||
lib-$(CONFIG_RETPOLINE) += retpoline.o
|
||||
lib-$(CONFIG_MITIGATION_RETPOLINE) += retpoline.o
|
||||
|
||||
obj-y += msr.o msr-reg.o msr-reg-export.o hweight.o
|
||||
obj-y += iomem.o
|
||||
|
@ -71,7 +71,7 @@ SYM_CODE_END(__x86_indirect_thunk_array)
|
||||
#include <asm/GEN-for-each-reg.h>
|
||||
#undef GEN
|
||||
|
||||
#ifdef CONFIG_CALL_DEPTH_TRACKING
|
||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||
.macro CALL_THUNK reg
|
||||
.align RETPOLINE_THUNK_SIZE
|
||||
|
||||
@ -127,7 +127,7 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array)
|
||||
#undef GEN
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_RETHUNK
|
||||
#ifdef CONFIG_MITIGATION_RETHUNK
|
||||
|
||||
/*
|
||||
* Be careful here: that label cannot really be removed because in
|
||||
@ -138,7 +138,7 @@ SYM_CODE_END(__x86_indirect_jump_thunk_array)
|
||||
*/
|
||||
.section .text..__x86.return_thunk
|
||||
|
||||
#ifdef CONFIG_CPU_SRSO
|
||||
#ifdef CONFIG_MITIGATION_SRSO
|
||||
|
||||
/*
|
||||
* srso_alias_untrain_ret() and srso_alias_safe_ret() are placed at
|
||||
@ -225,12 +225,12 @@ SYM_CODE_END(srso_return_thunk)
|
||||
|
||||
#define JMP_SRSO_UNTRAIN_RET "jmp srso_untrain_ret"
|
||||
#define JMP_SRSO_ALIAS_UNTRAIN_RET "jmp srso_alias_untrain_ret"
|
||||
#else /* !CONFIG_CPU_SRSO */
|
||||
#else /* !CONFIG_MITIGATION_SRSO */
|
||||
#define JMP_SRSO_UNTRAIN_RET "ud2"
|
||||
#define JMP_SRSO_ALIAS_UNTRAIN_RET "ud2"
|
||||
#endif /* CONFIG_CPU_SRSO */
|
||||
#endif /* CONFIG_MITIGATION_SRSO */
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
|
||||
/*
|
||||
* Some generic notes on the untraining sequences:
|
||||
@ -312,11 +312,11 @@ SYM_CODE_END(retbleed_return_thunk)
|
||||
SYM_FUNC_END(retbleed_untrain_ret)
|
||||
|
||||
#define JMP_RETBLEED_UNTRAIN_RET "jmp retbleed_untrain_ret"
|
||||
#else /* !CONFIG_CPU_UNRET_ENTRY */
|
||||
#else /* !CONFIG_MITIGATION_UNRET_ENTRY */
|
||||
#define JMP_RETBLEED_UNTRAIN_RET "ud2"
|
||||
#endif /* CONFIG_CPU_UNRET_ENTRY */
|
||||
#endif /* CONFIG_MITIGATION_UNRET_ENTRY */
|
||||
|
||||
#if defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO)
|
||||
#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO)
|
||||
|
||||
SYM_FUNC_START(entry_untrain_ret)
|
||||
ALTERNATIVE_2 JMP_RETBLEED_UNTRAIN_RET, \
|
||||
@ -325,9 +325,9 @@ SYM_FUNC_START(entry_untrain_ret)
|
||||
SYM_FUNC_END(entry_untrain_ret)
|
||||
__EXPORT_THUNK(entry_untrain_ret)
|
||||
|
||||
#endif /* CONFIG_CPU_UNRET_ENTRY || CONFIG_CPU_SRSO */
|
||||
#endif /* CONFIG_MITIGATION_UNRET_ENTRY || CONFIG_MITIGATION_SRSO */
|
||||
|
||||
#ifdef CONFIG_CALL_DEPTH_TRACKING
|
||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||
|
||||
.align 64
|
||||
SYM_FUNC_START(call_depth_return_thunk)
|
||||
@ -359,7 +359,7 @@ SYM_FUNC_START(call_depth_return_thunk)
|
||||
int3
|
||||
SYM_FUNC_END(call_depth_return_thunk)
|
||||
|
||||
#endif /* CONFIG_CALL_DEPTH_TRACKING */
|
||||
#endif /* CONFIG_MITIGATION_CALL_DEPTH_TRACKING */
|
||||
|
||||
/*
|
||||
* This function name is magical and is used by -mfunction-return=thunk-extern
|
||||
@ -369,21 +369,18 @@ SYM_FUNC_END(call_depth_return_thunk)
|
||||
* 'JMP __x86_return_thunk' sites are changed to something else by
|
||||
* apply_returns().
|
||||
*
|
||||
* This should be converted eventually to call a warning function which
|
||||
* should scream loudly when the default return thunk is called after
|
||||
* alternatives have been applied.
|
||||
*
|
||||
* That warning function cannot BUG() because the bug splat cannot be
|
||||
* displayed in all possible configurations, leading to users not really
|
||||
* knowing why the machine froze.
|
||||
* The ALTERNATIVE below adds a really loud warning to catch the case
|
||||
* where the insufficient default return thunk ends up getting used for
|
||||
* whatever reason like miscompilation or failure of
|
||||
* objtool/alternatives/etc to patch all the return sites.
|
||||
*/
|
||||
SYM_CODE_START(__x86_return_thunk)
|
||||
UNWIND_HINT_FUNC
|
||||
ANNOTATE_NOENDBR
|
||||
ANNOTATE_UNRET_SAFE
|
||||
ret
|
||||
ALTERNATIVE __stringify(ANNOTATE_UNRET_SAFE; ret), \
|
||||
"jmp warn_thunk_thunk", X86_FEATURE_ALWAYS
|
||||
int3
|
||||
SYM_CODE_END(__x86_return_thunk)
|
||||
EXPORT_SYMBOL(__x86_return_thunk)
|
||||
|
||||
#endif /* CONFIG_RETHUNK */
|
||||
#endif /* CONFIG_MITIGATION_RETHUNK */
|
||||
|
@ -60,7 +60,7 @@ obj-$(CONFIG_NUMA_EMU) += numa_emulation.o
|
||||
|
||||
obj-$(CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS) += pkeys.o
|
||||
obj-$(CONFIG_RANDOMIZE_MEMORY) += kaslr.o
|
||||
obj-$(CONFIG_PAGE_TABLE_ISOLATION) += pti.o
|
||||
obj-$(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION) += pti.o
|
||||
|
||||
obj-$(CONFIG_X86_MEM_ENCRYPT) += mem_encrypt.o
|
||||
obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_amd.o
|
||||
|
@ -22,7 +22,7 @@ static int ptdump_curknl_show(struct seq_file *m, void *v)
|
||||
|
||||
DEFINE_SHOW_ATTRIBUTE(ptdump_curknl);
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
static int ptdump_curusr_show(struct seq_file *m, void *v)
|
||||
{
|
||||
if (current->mm->pgd)
|
||||
@ -54,7 +54,7 @@ static int __init pt_dump_debug_init(void)
|
||||
debugfs_create_file("current_kernel", 0400, dir, NULL,
|
||||
&ptdump_curknl_fops);
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
debugfs_create_file("current_user", 0400, dir, NULL,
|
||||
&ptdump_curusr_fops);
|
||||
#endif
|
||||
|
@ -408,7 +408,7 @@ void ptdump_walk_pgd_level_debugfs(struct seq_file *m, struct mm_struct *mm,
|
||||
bool user)
|
||||
{
|
||||
pgd_t *pgd = mm->pgd;
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
if (user && boot_cpu_has(X86_FEATURE_PTI))
|
||||
pgd = kernel_to_user_pgdp(pgd);
|
||||
#endif
|
||||
@ -418,7 +418,7 @@ EXPORT_SYMBOL_GPL(ptdump_walk_pgd_level_debugfs);
|
||||
|
||||
void ptdump_walk_user_pgd_level_checkwx(void)
|
||||
{
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
pgd_t *pgd = INIT_PGD;
|
||||
|
||||
if (!(__supported_pte_mask & _PAGE_NX) ||
|
||||
|
@ -293,7 +293,7 @@ static void pgd_mop_up_pmds(struct mm_struct *mm, pgd_t *pgdp)
|
||||
for (i = 0; i < PREALLOCATED_PMDS; i++)
|
||||
mop_up_one_pmd(mm, &pgdp[i]);
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
|
||||
if (!boot_cpu_has(X86_FEATURE_PTI))
|
||||
return;
|
||||
@ -325,7 +325,7 @@ static void pgd_prepopulate_pmd(struct mm_struct *mm, pgd_t *pgd, pmd_t *pmds[])
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
static void pgd_prepopulate_user_pmd(struct mm_struct *mm,
|
||||
pgd_t *k_pgd, pmd_t *pmds[])
|
||||
{
|
||||
|
@ -89,10 +89,10 @@
|
||||
#define CR3_HW_ASID_BITS 12
|
||||
|
||||
/*
|
||||
* When enabled, PAGE_TABLE_ISOLATION consumes a single bit for
|
||||
* When enabled, MITIGATION_PAGE_TABLE_ISOLATION consumes a single bit for
|
||||
* user/kernel switches
|
||||
*/
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
# define PTI_CONSUMED_PCID_BITS 1
|
||||
#else
|
||||
# define PTI_CONSUMED_PCID_BITS 0
|
||||
@ -114,7 +114,7 @@ static inline u16 kern_pcid(u16 asid)
|
||||
{
|
||||
VM_WARN_ON_ONCE(asid > MAX_ASID_AVAILABLE);
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
/*
|
||||
* Make sure that the dynamic ASID space does not conflict with the
|
||||
* bit we are using to switch between user and kernel ASIDs.
|
||||
@ -149,7 +149,7 @@ static inline u16 kern_pcid(u16 asid)
|
||||
static inline u16 user_pcid(u16 asid)
|
||||
{
|
||||
u16 ret = kern_pcid(asid);
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
ret |= 1 << X86_CR3_PTI_PCID_USER_BIT;
|
||||
#endif
|
||||
return ret;
|
||||
@ -262,7 +262,7 @@ static void choose_new_asid(struct mm_struct *next, u64 next_tlb_gen,
|
||||
static inline void invalidate_user_asid(u16 asid)
|
||||
{
|
||||
/* There is no user ASID if address space separation is off */
|
||||
if (!IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION))
|
||||
if (!IS_ENABLED(CONFIG_MITIGATION_PAGE_TABLE_ISOLATION))
|
||||
return;
|
||||
|
||||
/*
|
||||
|
@ -553,7 +553,7 @@ static void emit_indirect_jump(u8 **pprog, int reg, u8 *ip)
|
||||
emit_jump(&prog, &__x86_indirect_thunk_array[reg], ip);
|
||||
} else {
|
||||
EMIT2(0xFF, 0xE0 + reg); /* jmp *%\reg */
|
||||
if (IS_ENABLED(CONFIG_RETPOLINE) || IS_ENABLED(CONFIG_SLS))
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) || IS_ENABLED(CONFIG_MITIGATION_SLS))
|
||||
EMIT1(0xCC); /* int3 */
|
||||
}
|
||||
|
||||
@ -568,7 +568,7 @@ static void emit_return(u8 **pprog, u8 *ip)
|
||||
emit_jump(&prog, x86_return_thunk, ip);
|
||||
} else {
|
||||
EMIT1(0xC3); /* ret */
|
||||
if (IS_ENABLED(CONFIG_SLS))
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_SLS))
|
||||
EMIT1(0xCC); /* int3 */
|
||||
}
|
||||
|
||||
|
@ -1273,7 +1273,7 @@ static int emit_jmp_edx(u8 **pprog, u8 *ip)
|
||||
u8 *prog = *pprog;
|
||||
int cnt = 0;
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
EMIT1_off32(0xE9, (u8 *)__x86_indirect_thunk_edx - (ip + 5));
|
||||
#else
|
||||
EMIT2(0xFF, 0xE2);
|
||||
|
@ -61,7 +61,7 @@ ifdef CONFIG_STACKPROTECTOR_STRONG
|
||||
PURGATORY_CFLAGS_REMOVE += -fstack-protector-strong
|
||||
endif
|
||||
|
||||
ifdef CONFIG_RETPOLINE
|
||||
ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
PURGATORY_CFLAGS_REMOVE += $(RETPOLINE_CFLAGS)
|
||||
endif
|
||||
|
||||
|
@ -35,7 +35,7 @@
|
||||
(typeof(ptr)) (__ptr + (off)); \
|
||||
})
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
#define __noretpoline __attribute__((__indirect_branch__("keep")))
|
||||
#endif
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
#ifndef _LINUX_INDIRECT_CALL_WRAPPER_H
|
||||
#define _LINUX_INDIRECT_CALL_WRAPPER_H
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
|
||||
/*
|
||||
* INDIRECT_CALL_$NR - wrapper for indirect calls with $NR known builtin
|
||||
|
@ -885,7 +885,7 @@ static inline void module_bug_finalize(const Elf_Ehdr *hdr,
|
||||
static inline void module_bug_cleanup(struct module *mod) {}
|
||||
#endif /* CONFIG_GENERIC_BUG */
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
extern bool retpoline_module_ok(bool has_retpoline);
|
||||
#else
|
||||
static inline bool retpoline_module_ok(bool has_retpoline)
|
||||
|
@ -131,7 +131,7 @@
|
||||
*/
|
||||
.macro VALIDATE_UNRET_BEGIN
|
||||
#if defined(CONFIG_NOINSTR_VALIDATION) && \
|
||||
(defined(CONFIG_CPU_UNRET_ENTRY) || defined(CONFIG_CPU_SRSO))
|
||||
(defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO))
|
||||
.Lhere_\@:
|
||||
.pushsection .discard.validate_unret
|
||||
.long .Lhere_\@ - .
|
||||
|
@ -2,7 +2,7 @@
|
||||
#ifndef _INCLUDE_PTI_H
|
||||
#define _INCLUDE_PTI_H
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
#include <asm/pti.h>
|
||||
#else
|
||||
static inline void pti_init(void) { }
|
||||
|
@ -93,7 +93,7 @@ extern const struct nft_set_type nft_set_bitmap_type;
|
||||
extern const struct nft_set_type nft_set_pipapo_type;
|
||||
extern const struct nft_set_type nft_set_pipapo_avx2_type;
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
bool nft_rhash_lookup(const struct net *net, const struct nft_set *set,
|
||||
const u32 *key, const struct nft_set_ext **ext);
|
||||
bool nft_rbtree_lookup(const struct net *net, const struct nft_set *set,
|
||||
|
@ -4,7 +4,7 @@
|
||||
|
||||
#include <net/pkt_cls.h>
|
||||
|
||||
#if IS_ENABLED(CONFIG_RETPOLINE)
|
||||
#if IS_ENABLED(CONFIG_MITIGATION_RETPOLINE)
|
||||
|
||||
#include <linux/cpufeature.h>
|
||||
#include <linux/static_key.h>
|
||||
|
@ -1009,7 +1009,7 @@ static inline u64 rb_time_stamp(struct trace_buffer *buffer)
|
||||
u64 ts;
|
||||
|
||||
/* Skip retpolines :-( */
|
||||
if (IS_ENABLED(CONFIG_RETPOLINE) && likely(buffer->clock == trace_clock_local))
|
||||
if (IS_ENABLED(CONFIG_MITIGATION_RETPOLINE) && likely(buffer->clock == trace_clock_local))
|
||||
ts = trace_clock_local();
|
||||
else
|
||||
ts = buffer->clock();
|
||||
|
@ -101,7 +101,7 @@ endif
|
||||
endif
|
||||
|
||||
ifdef CONFIG_NFT_CT
|
||||
ifdef CONFIG_RETPOLINE
|
||||
ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
nf_tables-objs += nft_ct_fast.o
|
||||
endif
|
||||
endif
|
||||
|
@ -21,7 +21,7 @@
|
||||
#include <net/netfilter/nf_log.h>
|
||||
#include <net/netfilter/nft_meta.h>
|
||||
|
||||
#if defined(CONFIG_RETPOLINE) && defined(CONFIG_X86)
|
||||
#if defined(CONFIG_MITIGATION_RETPOLINE) && defined(CONFIG_X86)
|
||||
|
||||
static struct static_key_false nf_tables_skip_direct_calls;
|
||||
|
||||
@ -207,7 +207,7 @@ static void expr_call_ops_eval(const struct nft_expr *expr,
|
||||
struct nft_regs *regs,
|
||||
struct nft_pktinfo *pkt)
|
||||
{
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
unsigned long e;
|
||||
|
||||
if (nf_skip_indirect_calls())
|
||||
@ -236,7 +236,7 @@ static void expr_call_ops_eval(const struct nft_expr *expr,
|
||||
X(e, nft_objref_map_eval);
|
||||
#undef X
|
||||
indirect_call:
|
||||
#endif /* CONFIG_RETPOLINE */
|
||||
#endif /* CONFIG_MITIGATION_RETPOLINE */
|
||||
expr->ops->eval(expr, regs, pkt);
|
||||
}
|
||||
|
||||
|
@ -754,7 +754,7 @@ static bool nft_ct_set_reduce(struct nft_regs_track *track,
|
||||
return false;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
static const struct nft_expr_ops nft_ct_get_fast_ops = {
|
||||
.type = &nft_ct_type,
|
||||
.size = NFT_EXPR_SIZE(sizeof(struct nft_ct)),
|
||||
@ -799,7 +799,7 @@ nft_ct_select_ops(const struct nft_ctx *ctx,
|
||||
return ERR_PTR(-EINVAL);
|
||||
|
||||
if (tb[NFTA_CT_DREG]) {
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
u32 k = ntohl(nla_get_be32(tb[NFTA_CT_KEY]));
|
||||
|
||||
switch (k) {
|
||||
|
@ -24,7 +24,7 @@ struct nft_lookup {
|
||||
struct nft_set_binding binding;
|
||||
};
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
bool nft_set_do_lookup(const struct net *net, const struct nft_set *set,
|
||||
const u32 *key, const struct nft_set_ext **ext)
|
||||
{
|
||||
|
@ -2410,7 +2410,7 @@ static struct pernet_operations psched_net_ops = {
|
||||
.exit = psched_net_exit,
|
||||
};
|
||||
|
||||
#if IS_ENABLED(CONFIG_RETPOLINE)
|
||||
#if IS_ENABLED(CONFIG_MITIGATION_RETPOLINE)
|
||||
DEFINE_STATIC_KEY_FALSE(tc_skip_wrapper);
|
||||
#endif
|
||||
|
||||
|
@ -254,7 +254,7 @@ objtool := $(objtree)/tools/objtool/objtool
|
||||
|
||||
objtool-args-$(CONFIG_HAVE_JUMP_LABEL_HACK) += --hacks=jump_label
|
||||
objtool-args-$(CONFIG_HAVE_NOINSTR_HACK) += --hacks=noinstr
|
||||
objtool-args-$(CONFIG_CALL_DEPTH_TRACKING) += --hacks=skylake
|
||||
objtool-args-$(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) += --hacks=skylake
|
||||
objtool-args-$(CONFIG_X86_KERNEL_IBT) += --ibt
|
||||
objtool-args-$(CONFIG_FINEIBT) += --cfi
|
||||
objtool-args-$(CONFIG_FTRACE_MCOUNT_USE_OBJTOOL) += --mcount
|
||||
@ -262,9 +262,9 @@ ifdef CONFIG_FTRACE_MCOUNT_USE_OBJTOOL
|
||||
objtool-args-$(CONFIG_HAVE_OBJTOOL_NOP_MCOUNT) += --mnop
|
||||
endif
|
||||
objtool-args-$(CONFIG_UNWINDER_ORC) += --orc
|
||||
objtool-args-$(CONFIG_RETPOLINE) += --retpoline
|
||||
objtool-args-$(CONFIG_RETHUNK) += --rethunk
|
||||
objtool-args-$(CONFIG_SLS) += --sls
|
||||
objtool-args-$(CONFIG_MITIGATION_RETPOLINE) += --retpoline
|
||||
objtool-args-$(CONFIG_MITIGATION_RETHUNK) += --rethunk
|
||||
objtool-args-$(CONFIG_MITIGATION_SLS) += --sls
|
||||
objtool-args-$(CONFIG_STACK_VALIDATION) += --stackval
|
||||
objtool-args-$(CONFIG_HAVE_STATIC_CALL_INLINE) += --static-call
|
||||
objtool-args-$(CONFIG_HAVE_UACCESS_VALIDATION) += --uaccess
|
||||
|
@ -38,7 +38,7 @@ objtool-enabled := $(or $(delay-objtool),$(CONFIG_NOINSTR_VALIDATION))
|
||||
vmlinux-objtool-args-$(delay-objtool) += $(objtool-args-y)
|
||||
vmlinux-objtool-args-$(CONFIG_GCOV_KERNEL) += --no-unreachable
|
||||
vmlinux-objtool-args-$(CONFIG_NOINSTR_VALIDATION) += --noinstr \
|
||||
$(if $(or $(CONFIG_CPU_UNRET_ENTRY),$(CONFIG_CPU_SRSO)), --unret)
|
||||
$(if $(or $(CONFIG_MITIGATION_UNRET_ENTRY),$(CONFIG_MITIGATION_SRSO)), --unret)
|
||||
|
||||
objtool-args = $(vmlinux-objtool-args-y) --link
|
||||
|
||||
|
@ -155,7 +155,7 @@ fn main() {
|
||||
"e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128",
|
||||
);
|
||||
let mut features = "-3dnow,-3dnowa,-mmx,+soft-float".to_string();
|
||||
if cfg.has("RETPOLINE") {
|
||||
if cfg.has("MITIGATION_RETPOLINE") {
|
||||
features += ",+retpoline-external-thunk";
|
||||
}
|
||||
ts.push("features", features);
|
||||
|
@ -1848,7 +1848,7 @@ static void add_header(struct buffer *b, struct module *mod)
|
||||
|
||||
buf_printf(b,
|
||||
"\n"
|
||||
"#ifdef CONFIG_RETPOLINE\n"
|
||||
"#ifdef CONFIG_MITIGATION_RETPOLINE\n"
|
||||
"MODULE_INFO(retpoline, \"Y\");\n"
|
||||
"#endif\n");
|
||||
|
||||
|
@ -44,32 +44,32 @@
|
||||
# define DISABLE_LA57 (1<<(X86_FEATURE_LA57 & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_PAGE_TABLE_ISOLATION
|
||||
#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
|
||||
# define DISABLE_PTI 0
|
||||
#else
|
||||
# define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_RETPOLINE
|
||||
#ifdef CONFIG_MITIGATION_RETPOLINE
|
||||
# define DISABLE_RETPOLINE 0
|
||||
#else
|
||||
# define DISABLE_RETPOLINE ((1 << (X86_FEATURE_RETPOLINE & 31)) | \
|
||||
(1 << (X86_FEATURE_RETPOLINE_LFENCE & 31)))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_RETHUNK
|
||||
#ifdef CONFIG_MITIGATION_RETHUNK
|
||||
# define DISABLE_RETHUNK 0
|
||||
#else
|
||||
# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||
#ifdef CONFIG_MITIGATION_UNRET_ENTRY
|
||||
# define DISABLE_UNRET 0
|
||||
#else
|
||||
# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31))
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_CALL_DEPTH_TRACKING
|
||||
#ifdef CONFIG_MITIGATION_CALL_DEPTH_TRACKING
|
||||
# define DISABLE_CALL_DEPTH_TRACKING 0
|
||||
#else
|
||||
# define DISABLE_CALL_DEPTH_TRACKING (1 << (X86_FEATURE_CALL_DEPTH & 31))
|
||||
|
@ -83,7 +83,7 @@ bool arch_support_alt_relocation(struct special_alt *special_alt,
|
||||
* TODO: Once we have DWARF CFI and smarter instruction decoding logic,
|
||||
* ensure the same register is used in the mov and jump instructions.
|
||||
*
|
||||
* NOTE: RETPOLINE made it harder still to decode dynamic jumps.
|
||||
* NOTE: MITIGATION_RETPOLINE made it harder still to decode dynamic jumps.
|
||||
*/
|
||||
struct reloc *arch_find_switch_table(struct objtool_file *file,
|
||||
struct instruction *insn)
|
||||
|
@ -3980,11 +3980,11 @@ static int validate_retpoline(struct objtool_file *file)
|
||||
|
||||
if (insn->type == INSN_RETURN) {
|
||||
if (opts.rethunk) {
|
||||
WARN_INSN(insn, "'naked' return found in RETHUNK build");
|
||||
WARN_INSN(insn, "'naked' return found in MITIGATION_RETHUNK build");
|
||||
} else
|
||||
continue;
|
||||
} else {
|
||||
WARN_INSN(insn, "indirect %s found in RETPOLINE build",
|
||||
WARN_INSN(insn, "indirect %s found in MITIGATION_RETPOLINE build",
|
||||
insn->type == INSN_JUMP_DYNAMIC ? "jump" : "call");
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user