Re: [PATCH 04/24] x86,nospec: Annotate indirect calls/jumps

[David Woodhouse]

On Tue, 2018-01-23 at 16:25 +0100, Peter Zijlstra wrote:
> Annotate the indirect calls/jumps in the CALL_NOSPEC/JUMP_NOSPEC
> alternatives.
> 
> 
> Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>

Reviewed-by: David Woodhouse <dwmw@xxxxxxxxxxxx>

However...


> Â/*
> + * This should be used immediately before an indirect jump/call. It tells
> + * objtool the subsequent indirect jump/call is vouched safe for retpoline
> + * builds.
> + */
> +.macro ANNOTATE_RETPOLINE_SAFE
> +	.Lannotate_\@:
> +	.pushsection .discard.retpoline_safe
> +	_ASM_PTR .Lannotate_\@
> +	.popsection
> +.endm

Didn't I just see one of those in patch 3? So this makes two...



> @@ -143,6 +155,12 @@
> Â	".long 999b - .\n\t"					\
> Â	".popsection\n\t"
> Â
> +#define ANNOTATE_RETPOLINE_SAFE					\
> +	"999:\n\t"						\
> +	".pushsection .discard.retpoline_safe\n\t"		\
> +	_ASM_PTR " 999b\n\t"					\
> +	".popsection\n\t"
> +
> Â#if defined(CONFIG_X86_64) && defined(RETPOLINE)

... three.

Now, I did briefly toy with the idea of using a .macro from both
__ASSEMBLY__ and inline asm, making the latter work by means ofÂ
asm(".include \"asm/nospec-branch.h\");

In the end I just ended up with the __FILL_RETURN_BUFFER CPP macro
which is used from both by other tricks.

Can we look at doing something like that, please?

Attachment: smime.p7s
Description: S/MIME cryptographic signature