Re: [RFC][PATCH 2/2] x86: Clean up default rethunk warning

[Peter Zijlstra]

On Mon, Oct 07, 2024 at 10:33:45AM -0700, Josh Poimboeuf wrote:
> On Mon, Oct 07, 2024 at 10:32:12AM +0200, Peter Zijlstra wrote:
> > Replace the funny __warn_thunk thing with a more regular
> > WARN_ON_ONCE(), and simplify the ifdeffery.
> > 
> > Notably this avoids RET from having recursive RETs (once from the
> > thunk and once from the C function) -- recursive RET makes my head
> > hurt for no good reason.
> 
> This could use an explanation for why the ifdefs can be removed and why
> the alternative can be removed.

The alternative is in the WARN_ONCE now.

> > +#define WARN_ONCE							\
> > +	1: ALTERNATIVE "", "ud2", X86_FEATURE_ALWAYS ;			\
> > +	ASM_BUGTABLE_FLAGS(1b, 0, 0, BUGFLAG_WARNING | BUGFLAG_ONCE) ;	\
> > +	REACHABLE
> 
> Can we not use __FILE__ and __LINE__ here?  

Because for asm, __FILE__ is spelled like:

#ifdef CONFIG_DEBUG_BUGVERBOSE
.pushsection .rodata.str1.1, "aMS",@progbits,1
.LC0:
	.string __FILE__
.popsection
#endif
	1: ALTERNATIVE "", "ud2", X86_FEATURE_ALWAYS
	ASM_BUGTABLE_FLAGS(1b, LC0b, __LINE__, BUGFLAG_WARNING | BUGFLAG_ONCE)
	REACHABLE

And I didn't feel the whole thing was worth the trouble, if NULL bug
will only print the symbol name and that should be clear enough.

> Also why not put this in asm/bug.h?

Because the ALTERNATIVE..

> >  SYM_CODE_START(__x86_return_thunk)
> >  	UNWIND_HINT_FUNC
> >  	ANNOTATE_NOENDBR
> > -#if defined(CONFIG_MITIGATION_UNRET_ENTRY) || \
> > -    defined(CONFIG_MITIGATION_SRSO) || \
> > -    defined(CONFIG_MITIGATION_CALL_DEPTH_TRACKING)
> > -	ALTERNATIVE __stringify(ANNOTATE_UNRET_SAFE; ret), \
> > -		   "jmp warn_thunk_thunk", X86_FEATURE_ALWAYS
> > -#else
> > +
> > +#ifdef CONFIG_X86_64
> > +	WARN_ONCE
> > +#endif
> 
> Isn't this return thunk used before apply_returns()?  How does that not
> trigger the warning?

You missed the ALTERNATIVE I squirreled away in the WARN thing :-)