lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 12 Jul 2022 15:19:39 -0400
From:   Boris Ostrovsky <boris.ostrovsky@...cle.com>
To:     Greg KH <gregkh@...uxfoundation.org>,
        Juergen Gross <jgross@...e.com>,
        Stefano Stabellini <sstabellini@...nel.org>
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
        "H. Peter Anvin" <hpa@...or.com>, xen-devel@...ts.xenproject.org,
        linux-kernel@...r.kernel.org
Subject: Re: Build warnings in Xen 5.15.y and 5.10.y with retbleed backports


On 7/12/22 12:38 PM, Greg KH wrote:
> Hi all,
>
> I'm seeing the following build warning:
> 	arch/x86/kernel/head_64.o: warning: objtool: xen_hypercall_mmu_update(): can't find starting instruction
> in the 5.15.y and 5.10.y retbleed backports.
>
> I don't know why just this one hypercall is being called out by objtool,
> and this warning isn't in 5.18 and Linus's tree due to I think commit
> 5b2fc51576ef ("x86/ibt,xen: Sprinkle the ENDBR") being there.
>
> But, is this a ret call that we "forgot" here?  It's a "real" ret in
> Linus's branch:
>
> .pushsection .noinstr.text, "ax"
> 	.balign PAGE_SIZE
> SYM_CODE_START(hypercall_page)
> 	.rept (PAGE_SIZE / 32)
> 		UNWIND_HINT_FUNC
> 		ANNOTATE_NOENDBR
> 		ANNOTATE_UNRET_SAFE
> 		ret
> 		/*
> 		 * Xen will write the hypercall page, and sort out ENDBR.
> 		 */
> 		.skip 31, 0xcc
> 	.endr
>
> while 5.15.y and older has:
> .pushsection .text
> 	.balign PAGE_SIZE
> SYM_CODE_START(hypercall_page)
> 	.rept (PAGE_SIZE / 32)
> 		UNWIND_HINT_FUNC
> 		.skip 31, 0x90
> 		ANNOTATE_UNRET_SAFE
> 		RET
> 	.endr
>
> So should the "ret" remain or be turned into "RET" in mainline right
> now?


It doesn't matter --- this is overwritten by the hypervisor during initialization when Xen fills in actual hypercall code.


So f4b4bc10b0b85ec66f1a9bf5dddf475e6695b6d2 added 'ret' to make objtool happy and then 14b476e07fab6 replaced 'ret' with RET as part of SLS fixes. The latter was not really necessary but harmless.


So it can be 'ret', RET, or anything else that tools don't complain about. It will not be executed.


-boris

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ