From patchwork Tue Jul 10 22:26:36 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yu-cheng Yu X-Patchwork-Id: 10518193 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 9D1A5600CA for ; Tue, 10 Jul 2018 22:32:17 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8F1002623D for ; Tue, 10 Jul 2018 22:32:17 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 818BD28C16; Tue, 10 Jul 2018 22:32:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00, MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 251492623D for ; Tue, 10 Jul 2018 22:32:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 889EC6B0274; Tue, 10 Jul 2018 18:31:20 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 699A26B0275; Tue, 10 Jul 2018 18:31:20 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4F5CA6B0276; Tue, 10 Jul 2018 18:31:20 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf0-f199.google.com (mail-pf0-f199.google.com [209.85.192.199]) by kanga.kvack.org (Postfix) with ESMTP id EE76E6B0275 for ; Tue, 10 Jul 2018 18:31:19 -0400 (EDT) Received: by mail-pf0-f199.google.com with SMTP id a20-v6so14870337pfi.1 for ; Tue, 10 Jul 2018 15:31:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to :subject:date:message-id:in-reply-to:references; bh=W5YwrobrT8JOjhjoevDTDjLhNNbaY43+nV/c8jdvH7s=; b=EUas0NWeSBEn9P9bfwP2QnpWfTo+Nxph5K4CuEfzaFy/3KAqct8T+7uJ8OXluGXAsH h9p7Dl3i4jdzOV/9HF87vyMrNBiF9VTkEwZRvgnpWamzsFNSenM/O+6Bqy2FSDS1j5Xj 7oi9w+SD7z2TsFJlS+67JcV8vJvYzRstLP1SAIsKKSBiSvDSDGq5hgYR43hmvuU+dV7a xZkWKEIHL77ob367cxdCQS0KNdQXxhge6ASJ3LL3h08ulDxxxn2Ife/sb3zwOn0czy5p 2sYq2xUYuhAyFffxKKlnpNRqYF4UUgHwkQesCuJUtWpkfpHnxg3OTegr+wXSnA1IzdXJ 2Q4A== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.136 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: APt69E3GmePonKivVXaoT4PB6pwNRQM8wMbL0x3YNhOWVhK0NnNkUVZk DFMWohJ/tBhQNa1KL75W28t/tlm8yfYMCY4iCiwTsz7zJC2mbDylV2K3OrJ4Ruat42z1ADpDoxm 4osU7Xba3Egv7hkX3GG1c/cMOg9oe62XAJQQjIAq4sW9tK+phZlPYtNHP8H6vp+YjCQ== X-Received: by 2002:a63:5c10:: with SMTP id q16-v6mr24253507pgb.452.1531261879660; Tue, 10 Jul 2018 15:31:19 -0700 (PDT) X-Google-Smtp-Source: AAOMgpdF6eRQrWNu44Hac+aLj60x25clbY9kMrinQuV/LeRhjTT95hdTvvHotrwzFyh4BU5CY3KT X-Received: by 2002:a63:5c10:: with SMTP id q16-v6mr24253473pgb.452.1531261878903; Tue, 10 Jul 2018 15:31:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531261878; cv=none; d=google.com; s=arc-20160816; b=Q4chYtmuqVK6ggKpHZefUCnkAqqIAEOmHnP6LTkKLdaMe7vg8FVG/8nr0xeY1ylgL2 IFhCNQHvrbZFoZI2ZRvylemFZLmgNf3h6wG66rIeFrosjwMXZ0otqsaK3WnMLzbFxoQt lSzbqquqoimM3twNUCNayR+cQrRCvz2qfJfmfwSfKfmU6KbBXo/VDR6sFqPtlwEksrZh vqvOSz50yGVRE3McuZvCerzZBZ4YzIGEIhgtFfAQ/YPIaslNxsqe3XpPrkbhTMRpVJme QWOmuTGqAg/Igsmq95pAAdnAeJ7uc2QMEArmXLrMMC6Wh9oriLS2MKLAVbfWLE+06Y8m nzcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:to:from :arc-authentication-results; bh=W5YwrobrT8JOjhjoevDTDjLhNNbaY43+nV/c8jdvH7s=; b=ufZXftw2HiD0mznnWx1ttFe1SOaps5i6eFBMmxBc8phcAnPF2FMzb/J91xb8KWjuAo tJbmV/95CnBBv9PgSKQTzTH9a8BGI5E9s28FT3fHwu1ya4AP1hE7GYhAbfF4Ttu7uFG8 0VCRhuNeYBStOPkZcejEx2650eMCwK3TAhk+v2DlrSwHYjAZzqQOkqOZbxK2H2rzs2IR t/5fYU6HqQ4t9yPslmfn3DYy4YSIGzo62jJipWwZ6lez2bDnmpUcd3pt+tr/JQ4y1uiJ nkqykyMD5Z6/zBQyb51HnYW43AOr1w6A/2LGBP66gKwCY1J8KrJxUuhxhKfWeJI16/rF P2Tg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.136 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga12.intel.com (mga12.intel.com. [192.55.52.136]) by mx.google.com with ESMTPS id e6-v6si18699657pfa.217.2018.07.10.15.31.18 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Jul 2018 15:31:18 -0700 (PDT) Received-SPF: pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.136 as permitted sender) client-ip=192.55.52.136; Authentication-Results: mx.google.com; spf=pass (google.com: domain of yu-cheng.yu@intel.com designates 192.55.52.136 as permitted sender) smtp.mailfrom=yu-cheng.yu@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Jul 2018 15:31:16 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,335,1526367600"; d="scan'208";a="70305454" Received: from 2b52.sc.intel.com ([143.183.136.52]) by fmsmga004.fm.intel.com with ESMTP; 10 Jul 2018 15:31:16 -0700 From: Yu-cheng Yu To: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Cyrill Gorcunov , Dave Hansen , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , "Ravi V. Shankar" , Vedvyas Shanbhogue Subject: [RFC PATCH v2 24/27] x86: Insert endbr32/endbr64 to vDSO Date: Tue, 10 Jul 2018 15:26:36 -0700 Message-Id: <20180710222639.8241-25-yu-cheng.yu@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180710222639.8241-1-yu-cheng.yu@intel.com> References: <20180710222639.8241-1-yu-cheng.yu@intel.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: "H.J. Lu" When Intel indirect branch tracking is enabled, functions in vDSO which may be called indirectly must have endbr32 or endbr64 as the first instruction. Compiler must support -fcf-protection=branch so that it can be used to compile vDSO. Signed-off-by: H.J. Lu --- arch/x86/entry/vdso/.gitignore | 4 ++++ arch/x86/entry/vdso/Makefile | 12 +++++++++++- arch/x86/entry/vdso/vdso-layout.lds.S | 1 + 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/arch/x86/entry/vdso/.gitignore b/arch/x86/entry/vdso/.gitignore index aae8ffdd5880..552941fdfae0 100644 --- a/arch/x86/entry/vdso/.gitignore +++ b/arch/x86/entry/vdso/.gitignore @@ -5,3 +5,7 @@ vdso32-sysenter-syms.lds vdso32-int80-syms.lds vdso-image-*.c vdso2c +vclock_gettime.S +vgetcpu.S +vclock_gettime.asm +vgetcpu.asm diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index 261802b1cc50..d49548ebec6f 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -108,13 +108,17 @@ vobjx32s := $(foreach F,$(vobjx32s-y),$(obj)/$F) # Convert 64bit object file to x32 for x32 vDSO. quiet_cmd_x32 = X32 $@ - cmd_x32 = $(OBJCOPY) -O elf32-x86-64 $< $@ + cmd_x32 = $(OBJCOPY) -R .note.gnu.property -O elf32-x86-64 $< $@ $(obj)/%-x32.o: $(obj)/%.o FORCE $(call if_changed,x32) targets += vdsox32.lds $(vobjx32s-y) +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + $(obj)/vclock_gettime.o $(obj)/vgetcpu.o $(obj)/vdso32/vclock_gettime.o: KBUILD_CFLAGS += -fcf-protection=branch +endif + $(obj)/%.so: OBJCOPYFLAGS := -S $(obj)/%.so: $(obj)/%.so.dbg $(call if_changed,objcopy) @@ -164,6 +168,12 @@ quiet_cmd_vdso = VDSO $@ VDSO_LDFLAGS = -fPIC -shared $(call cc-ldoption, -Wl$(comma)--hash-style=both) \ $(call cc-ldoption, -Wl$(comma)--build-id) -Wl,-Bsymbolic $(LTO_CFLAGS) +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + VDSO_LDFLAGS += $(call cc-ldoption, -Wl$(comma)-z$(comma)ibt) +endif +ifdef CONFIG_X86_INTEL_SHADOW_STACK_USER + VDSO_LDFLAGS += $(call cc-ldoption, -Wl$(comma)-z$(comma)shstk) +endif GCOV_PROFILE := n # diff --git a/arch/x86/entry/vdso/vdso-layout.lds.S b/arch/x86/entry/vdso/vdso-layout.lds.S index acfd5ba7d943..cabaeedfed78 100644 --- a/arch/x86/entry/vdso/vdso-layout.lds.S +++ b/arch/x86/entry/vdso/vdso-layout.lds.S @@ -74,6 +74,7 @@ SECTIONS .fake_shstrtab : { *(.fake_shstrtab) } :text + .note.gnu.property : { *(.note.gnu.property) } :text :note .note : { *(.note.*) } :text :note .eh_frame_hdr : { *(.eh_frame_hdr) } :text :eh_frame_hdr