Re: [PATCH] x86/kvm, objtool: Avoid fastop ENDBR from being sealed
From: Josh Poimboeuf
Date: Thu Aug 18 2022 - 11:17:17 EST
On Thu, Aug 18, 2022 at 01:06:16PM +0200, Peter Zijlstra wrote:
> On Thu, Aug 18, 2022 at 03:38:45PM +0800, Pengfei Xu wrote:
> > And this "Missing ENDBR: andw_ax_dx+0x0/0x10 [kvm]" issue was
> > reproduced again after ran syzkaller 5min on ADL-P.
>
> Ha, indeed :/
>
> > > > +/*
> > > > + * Create a dummy function pointer reference to prevent objtool from marking
> > > > + * the function as needing to be "sealed" (i.e. ENDBR converted to NOP by
> > > > + * apply_ibt_endbr()).
> > > > + */
> > > > +#define IBT_NOSEAL(fname) \
> > > > + ".pushsection .discard.endbr.noseal\n\t" \
> > > > + _ASM_PTR fname "\n\t" \
> > > > + ".popsection\n\t"
> > > > +
>
> objtool/check.c:validate_ibt():
>
> if (!strncmp(sec->name, ".discard", 8) ||
> ...)
> continue;
>
> So yeah, that'll just get ignored. So at the very least we need to
> special case this section.
Indeed. I swear that patch worked last night.
I also found that not all fastops use __FOP_FUNC().
Anyway I'll post a new (official) pair of patches shortly.
--
Josh