Re: [PATCH v1.1] x86/ibt, objtool: Add IBT_NOSEAL()

From: Pengfei Xu
Date: Fri Aug 19 2022 - 01:54:34 EST


Hi Poimboeuf,
I installed your patches based on v5.19 kernel.

And ran syzkaller test on TGL-H and ADL-P for more than
4 hours with above kernel, this issue could not be reproduced.
This issue should be fixed.

Thanks!
BR.

On 2022-08-18 at 14:39:27 -0700, Josh Poimboeuf wrote:
> Add a macro which prevents a function from getting sealed if there are
> no compile-time references to it.
>
> Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> ---
> v1.1:
> - add empty IBT_NOSEAL for CONFIG_X86_KERNEL_IBT=n
>
> arch/x86/include/asm/ibt.h | 11 +++++++++++
> tools/objtool/check.c | 3 ++-
> 2 files changed, 13 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/include/asm/ibt.h b/arch/x86/include/asm/ibt.h
> index 689880eca9ba..9b08082a5d9f 100644
> --- a/arch/x86/include/asm/ibt.h
> +++ b/arch/x86/include/asm/ibt.h
> @@ -31,6 +31,16 @@
>
> #define __noendbr __attribute__((nocf_check))
>
> +/*
> + * Create a dummy function pointer reference to prevent objtool from marking
> + * the function as needing to be "sealed" (i.e. ENDBR converted to NOP by
> + * apply_ibt_endbr()).
> + */
> +#define IBT_NOSEAL(fname) \
> + ".pushsection .discard.ibt_endbr_noseal\n\t" \
> + _ASM_PTR fname "\n\t" \
> + ".popsection\n\t"
> +
> static inline __attribute_const__ u32 gen_endbr(void)
> {
> u32 endbr;
> @@ -84,6 +94,7 @@ extern __noendbr void ibt_restore(u64 save);
> #ifndef __ASSEMBLY__
>
> #define ASM_ENDBR
> +#define IBT_NOSEAL(name)
>
> #define __noendbr
>
> diff --git a/tools/objtool/check.c b/tools/objtool/check.c
> index 0cec74da7ffe..91678252a9b6 100644
> --- a/tools/objtool/check.c
> +++ b/tools/objtool/check.c
> @@ -4096,7 +4096,8 @@ static int validate_ibt(struct objtool_file *file)
> * These sections can reference text addresses, but not with
> * the intent to indirect branch to them.
> */
> - if (!strncmp(sec->name, ".discard", 8) ||
> + if ((!strncmp(sec->name, ".discard", 8) &&
> + strcmp(sec->name, ".discard.ibt_endbr_noseal")) ||
> !strncmp(sec->name, ".debug", 6) ||
> !strcmp(sec->name, ".altinstructions") ||
> !strcmp(sec->name, ".ibt_endbr_seal") ||
> --
> 2.37.2
>