Commit 351076ee authored by Peter Zijlstra's avatar Peter Zijlstra Committed by Zheng Zengkai
Browse files

objtool: Only rewrite unconditional retpoline thunk calls 

stable inclusion
from stable-v5.10.133
commit e32542e9ed362bf8ea48941d965495e1593b5cef
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I5PTAS
CVE: CVE-2022-29900,CVE-2022-23816,CVE-2022-29901

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e32542e9ed362bf8ea48941d965495e1593b5cef



--------------------------------

commit 2d49b721 upstream.

It turns out that the compilers generate conditional branches to the
retpoline thunks like:

  5d5:   0f 85 00 00 00 00       jne    5db <cpuidle_reflect+0x22>
	5d7: R_X86_64_PLT32     __x86_indirect_thunk_r11-0x4

while the rewrite can only handle JMP/CALL to the thunks. The result
is the alternative wrecking the code. Make sure to skip writing the
alternatives for conditional branches.

Fixes: 9bc0bb50 ("objtool/x86: Rewrite retpoline thunk calls")
Reported-by: default avatarLukasz Majczak <lma@semihalf.com>
Reported-by: default avatarNathan Chancellor <nathan@kernel.org>
Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: default avatarNathan Chancellor <nathan@kernel.org>
Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarLin Yujun <linyujun809@huawei.com>
Reviewed-by: default avatarZhang Jianhua <chris.zjh@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 88af262c
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment