Re: [PATCH v2 12/12] x86/kvm/emulate: Avoid RET for fastops
From: Peter Zijlstra
Date: Mon Nov 11 2024 - 13:28:58 EST
On Mon, Nov 11, 2024 at 09:26:44AM -0800, Sean Christopherson wrote:
> KVM: x86:
>
> On Mon, Nov 11, 2024, Peter Zijlstra wrote:
> > Since there is only a single fastop() function, convert the FASTOP
> > stuff from CALL_NOSPEC+RET to JMP_NOSPEC+JMP, avoiding the return
> > thunks and all that jazz.
> >
> > Specifically FASTOPs rely on the return thunk to preserve EFLAGS,
> > which not all of them can trivially do (call depth tracing suffers
> > here).
>
> Maybe add an example? Mostly as a reminder of how to reproduce the call depth
> issues.
>
> E.g. booting with "retbleed=force,stuff spectre_v2=retpoline,generic" causes
> KVM-Unit-Test's "emulator" test to fail due to flags being clobbered.
>
> > Objtool strenuously complains about this:
> >
> > - indirect call without a .rodata, fails to determine JUMP_TABLE,
> > annotate
> > - fastop functions fall through, exception
> > - unreachable instruction after fastop_return, save/restore
> >
> > Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
>
> The original patch works, but with the fixup KVM fails emulation of an ADC and
> generates:
Bah, I'll go chase it down. Thanks!