Commit 5b2fc515 authored by Peter Zijlstra's avatar Peter Zijlstra
Browse files

x86/ibt,xen: Sprinkle the ENDBR 



Even though Xen currently doesn't advertise IBT, prepare for when it
will eventually do so and sprinkle the ENDBR dust accordingly.

Even though most of the entry points are IRET like, the CPL0
Hypervisor can set WAIT-FOR-ENDBR and demand ENDBR at these sites.

Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
Link: https://lore.kernel.org/r/20220308154317.873919996@infradead.org
parent 8b87d8ce

arch/x86/entry/entry_64.S

+1 −0
Original line number Diff line number Diff line
@@ -809,6 +809,7 @@ SYM_CODE_END(exc_xen_hypervisor_callback) 
 */

SYM_CODE_START(xen_failsafe_callback)

	UNWIND_HINT_EMPTY

	ENDBR

	movl	%ds, %ecx

	cmpw	%cx, 0x10(%rsp)

	jne	1f

arch/x86/include/asm/segment.h

+1 −1
Original line number Diff line number Diff line
@@ -283,7 +283,7 @@ static inline void vdso_read_cpunode(unsigned *cpu, unsigned *node) 
 * pop %rcx; pop %r11; jmp early_idt_handler_array[i]; summing up to

 * max 8 bytes.

 */

#define XEN_EARLY_IDT_HANDLER_SIZE 8

#define XEN_EARLY_IDT_HANDLER_SIZE (8 + ENDBR_INSN_SIZE)



#ifndef __ASSEMBLY__

arch/x86/kernel/head_64.S

+1 −0
Original line number Diff line number Diff line
@@ -383,6 +383,7 @@ SYM_CODE_START(early_idt_handler_array) 
	.endr

	UNWIND_HINT_IRET_REGS offset=16

SYM_CODE_END(early_idt_handler_array)

	ANNOTATE_NOENDBR // early_idt_handler_array[NUM_EXCEPTION_VECTORS]



SYM_CODE_START_LOCAL(early_idt_handler_common)

	/*

arch/x86/xen/enlighten_pv.c

+3 −0
Original line number Diff line number Diff line
@@ -624,6 +624,9 @@ static struct trap_array_entry trap_array[] = { 
	TRAP_ENTRY(exc_coprocessor_error,		false ),

	TRAP_ENTRY(exc_alignment_check,			false ),

	TRAP_ENTRY(exc_simd_coprocessor_error,		false ),

#ifdef CONFIG_X86_KERNEL_IBT

	TRAP_ENTRY(exc_control_protection,		false ),

#endif

};



static bool __ref get_trap_addr(void **addr, unsigned int ist)

arch/x86/xen/xen-asm.S

+9 −0
Original line number Diff line number Diff line
@@ -122,6 +122,7 @@ SYM_FUNC_END(xen_read_cr2_direct); 
.macro xen_pv_trap name

SYM_CODE_START(xen_\name)

	UNWIND_HINT_EMPTY

	ENDBR

	pop %rcx

	pop %r11

	jmp  \name
@@ -147,6 +148,9 @@ xen_pv_trap asm_exc_page_fault 
xen_pv_trap asm_exc_spurious_interrupt_bug

xen_pv_trap asm_exc_coprocessor_error

xen_pv_trap asm_exc_alignment_check

#ifdef CONFIG_X86_KERNEL_IBT

xen_pv_trap asm_exc_control_protection

#endif

#ifdef CONFIG_X86_MCE

xen_pv_trap asm_xenpv_exc_machine_check

#endif /* CONFIG_X86_MCE */
@@ -162,6 +166,7 @@ SYM_CODE_START(xen_early_idt_handler_array) 
	i = 0

	.rept NUM_EXCEPTION_VECTORS

	UNWIND_HINT_EMPTY

	ENDBR

	pop %rcx

	pop %r11

	jmp early_idt_handler_array + i*EARLY_IDT_HANDLER_SIZE
@@ -231,6 +236,7 @@ SYM_CODE_END(xenpv_restore_regs_and_return_to_usermode) 
/* Normal 64-bit system call target */

SYM_CODE_START(xen_syscall_target)

	UNWIND_HINT_EMPTY

	ENDBR

	popq %rcx

	popq %r11
@@ -250,6 +256,7 @@ SYM_CODE_END(xen_syscall_target) 
/* 32-bit compat syscall target */

SYM_CODE_START(xen_syscall32_target)

	UNWIND_HINT_EMPTY

	ENDBR

	popq %rcx

	popq %r11
@@ -267,6 +274,7 @@ SYM_CODE_END(xen_syscall32_target) 
/* 32-bit compat sysenter target */

SYM_CODE_START(xen_sysenter_target)

	UNWIND_HINT_EMPTY

	ENDBR

	/*

	 * NB: Xen is polite and clears TF from EFLAGS for us.  This means

	 * that we don't need to guard against single step exceptions here.
@@ -290,6 +298,7 @@ SYM_CODE_END(xen_sysenter_target) 
SYM_CODE_START(xen_syscall32_target)

SYM_CODE_START(xen_sysenter_target)

	UNWIND_HINT_EMPTY

	ENDBR

	lea 16(%rsp), %rsp	/* strip %rcx, %r11 */

	mov $-ENOSYS, %rax

	pushq $0