A set of objtool fixes:

- Handle __ubsan_handle_builtin_unreachable() correctly and treat it as
     noreturn.
 
   - Allow architectures to select uaccess validation
 
   - Use the non-instrumented bit test for test_cpu_has() to prevent escape
     from non-instrumentable regions.
 
   - Use arch_ prefixed atomics for JUMP_LABEL=n builds to prevent escape
     from non-instrumentable regions.
 
   - Mark a few tiny inline as __always_inline to prevent GCC from bringing
     them out of line and instrumenting them.
 
   - Mark the empty stub context_tracking_enabled() as always inline as GCC
     brings them out of line and instruments the empty shell.
 
   - Annotate ex_handler_msr_mce() as dead end
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCgAxFiEEQp8+kY+LLUocC4bMphj1TA10mKEFAmKccvMTHHRnbHhAbGlu
 dXRyb25peC5kZQAKCRCmGPVMDXSYoW39EAC1w/mSwn3b1lYkzOUcoe4EOMXzao2U
 my0ThnPNpa5k14Xfp6tOIpWRGTuW6mcVi4g+x4+LJo9V5tt5BxmMO1VFrTCQKn7H
 iJ1sWZNGq503aXldIT+pC0Zz67CIVnbGiz0D67aEYQ7w4ACdkubx8kcx5Of7BNbm
 KyQllP8XFXy7b+wgc8MrX1h/wPXNV9PBJwRAFrBw52c4s5euYui7iUNUm4RtKRem
 OpI3RFholAITLzvV8j+Xs9EmfUDjvmU3e1NEEas2n3MHm7tkYo5aSOSYX/Z7C5YD
 MvpMS3UAgwRGdaXvRVJK7eWcwayjODGGYrW9x9w9RMKM492uB4vAzfr4PE3Lru5G
 mnOxDjEP4QRK7Jl8bC0Idc5G6bxmw4DnQl7vkoaNYn3EyxKaEvREUokFKy5eWp3U
 klFQZXgQreUGSEkVA8VW7yT6knzVNsBk2WSFDUPdQZ0PV7JAVLyGZX8gEbhDyyim
 czkmI21A3hmGR97FKxyQ0I1N6q8eKSodZWbquPdOW52Jdt6pkpzUqPok9r74PK/p
 83ip/bNthbaR8FccNCHbnCLd8kvp6lsjqLqnMQHhMtUju6uRPRTzW1rxKik3Cbfh
 8VmqP6ltNGD7MkQW/jW+Vq7GIM+9onnEHbA/aEntH/ZKDHEefYtE66T0BjSrS6YK
 5dMr/vz4Jx1bwg==
 =eNVp
 -----END PGP SIGNATURE-----

Merge tag 'objtool-urgent-2022-06-05' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull objtool fixes from Thomas Gleixner:

 - Handle __ubsan_handle_builtin_unreachable() correctly and treat it as
   noreturn

 - Allow architectures to select uaccess validation

 - Use the non-instrumented bit test for test_cpu_has() to prevent
   escape from non-instrumentable regions

 - Use arch_ prefixed atomics for JUMP_LABEL=n builds to prevent escape
   from non-instrumentable regions

 - Mark a few tiny inline as __always_inline to prevent GCC from
   bringing them out of line and instrumenting them

 - Mark the empty stub context_tracking_enabled() as always inline as
   GCC brings them out of line and instruments the empty shell

 - Annotate ex_handler_msr_mce() as dead end

* tag 'objtool-urgent-2022-06-05' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/extable: Annotate ex_handler_msr_mce() as a dead end
  context_tracking: Always inline empty stubs
  x86: Always inline on_thread_stack() and current_top_of_stack()
  jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds
  x86/cpu: Elide KCSAN for cpu_has() and friends
  objtool: Mark __ubsan_handle_builtin_unreachable() as noreturn
  objtool: Add CONFIG_HAVE_UACCESS_VALIDATION
This commit is contained in:
Linus Torvalds 2022-06-05 09:45:27 -07:00
commit 44688ffd11
9 changed files with 24 additions and 13 deletions

View File

@ -1048,6 +1048,10 @@ config HAVE_NOINSTR_HACK
config HAVE_NOINSTR_VALIDATION config HAVE_NOINSTR_VALIDATION
bool bool
config HAVE_UACCESS_VALIDATION
bool
select OBJTOOL
config HAVE_STACK_VALIDATION config HAVE_STACK_VALIDATION
bool bool
help help

View File

@ -258,6 +258,7 @@ config X86
select HAVE_PREEMPT_DYNAMIC_CALL select HAVE_PREEMPT_DYNAMIC_CALL
select HAVE_RSEQ select HAVE_RSEQ
select HAVE_SYSCALL_TRACEPOINTS select HAVE_SYSCALL_TRACEPOINTS
select HAVE_UACCESS_VALIDATION if HAVE_OBJTOOL
select HAVE_UNSTABLE_SCHED_CLOCK select HAVE_UNSTABLE_SCHED_CLOCK
select HAVE_USER_RETURN_NOTIFIER select HAVE_USER_RETURN_NOTIFIER
select HAVE_GENERIC_VDSO select HAVE_GENERIC_VDSO

View File

@ -54,7 +54,7 @@ extern const char * const x86_power_flags[32];
extern const char * const x86_bug_flags[NBUGINTS*32]; extern const char * const x86_bug_flags[NBUGINTS*32];
#define test_cpu_cap(c, bit) \ #define test_cpu_cap(c, bit) \
test_bit(bit, (unsigned long *)((c)->x86_capability)) arch_test_bit(bit, (unsigned long *)((c)->x86_capability))
/* /*
* There are 32 bits/features in each mask word. The high bits * There are 32 bits/features in each mask word. The high bits

View File

@ -42,9 +42,13 @@ extern int ex_get_fixup_type(unsigned long ip);
extern void early_fixup_exception(struct pt_regs *regs, int trapnr); extern void early_fixup_exception(struct pt_regs *regs, int trapnr);
#ifdef CONFIG_X86_MCE #ifdef CONFIG_X86_MCE
extern void ex_handler_msr_mce(struct pt_regs *regs, bool wrmsr); extern void __noreturn ex_handler_msr_mce(struct pt_regs *regs, bool wrmsr);
#else #else
static inline void ex_handler_msr_mce(struct pt_regs *regs, bool wrmsr) { } static inline void __noreturn ex_handler_msr_mce(struct pt_regs *regs, bool wrmsr)
{
for (;;)
cpu_relax();
}
#endif #endif
#if defined(CONFIG_BPF_JIT) && defined(CONFIG_X86_64) #if defined(CONFIG_BPF_JIT) && defined(CONFIG_X86_64)

View File

@ -559,7 +559,7 @@ static __always_inline void native_swapgs(void)
#endif #endif
} }
static inline unsigned long current_top_of_stack(void) static __always_inline unsigned long current_top_of_stack(void)
{ {
/* /*
* We can't read directly from tss.sp0: sp0 on x86_32 is special in * We can't read directly from tss.sp0: sp0 on x86_32 is special in
@ -569,7 +569,7 @@ static inline unsigned long current_top_of_stack(void)
return this_cpu_read_stable(cpu_current_top_of_stack); return this_cpu_read_stable(cpu_current_top_of_stack);
} }
static inline bool on_thread_stack(void) static __always_inline bool on_thread_stack(void)
{ {
return (unsigned long)(current_top_of_stack() - return (unsigned long)(current_top_of_stack() -
current_stack_pointer) < THREAD_SIZE; current_stack_pointer) < THREAD_SIZE;

View File

@ -46,10 +46,10 @@ static __always_inline bool context_tracking_in_user(void)
return __this_cpu_read(context_tracking.state) == CONTEXT_USER; return __this_cpu_read(context_tracking.state) == CONTEXT_USER;
} }
#else #else
static inline bool context_tracking_in_user(void) { return false; } static __always_inline bool context_tracking_in_user(void) { return false; }
static inline bool context_tracking_enabled(void) { return false; } static __always_inline bool context_tracking_enabled(void) { return false; }
static inline bool context_tracking_enabled_cpu(int cpu) { return false; } static __always_inline bool context_tracking_enabled_cpu(int cpu) { return false; }
static inline bool context_tracking_enabled_this_cpu(void) { return false; } static __always_inline bool context_tracking_enabled_this_cpu(void) { return false; }
#endif /* CONFIG_CONTEXT_TRACKING */ #endif /* CONFIG_CONTEXT_TRACKING */
#endif #endif

View File

@ -256,9 +256,9 @@ extern void static_key_disable_cpuslocked(struct static_key *key);
#include <linux/atomic.h> #include <linux/atomic.h>
#include <linux/bug.h> #include <linux/bug.h>
static inline int static_key_count(struct static_key *key) static __always_inline int static_key_count(struct static_key *key)
{ {
return atomic_read(&key->enabled); return arch_atomic_read(&key->enabled);
} }
static __always_inline void jump_label_init(void) static __always_inline void jump_label_init(void)

View File

@ -239,7 +239,7 @@ objtool_args = \
$(if $(CONFIG_SLS), --sls) \ $(if $(CONFIG_SLS), --sls) \
$(if $(CONFIG_STACK_VALIDATION), --stackval) \ $(if $(CONFIG_STACK_VALIDATION), --stackval) \
$(if $(CONFIG_HAVE_STATIC_CALL_INLINE), --static-call) \ $(if $(CONFIG_HAVE_STATIC_CALL_INLINE), --static-call) \
--uaccess \ $(if $(CONFIG_HAVE_UACCESS_VALIDATION), --uaccess) \
$(if $(delay-objtool), --link) \ $(if $(delay-objtool), --link) \
$(if $(part-of-module), --module) \ $(if $(part-of-module), --module) \
$(if $(CONFIG_GCOV_KERNEL), --no-unreachable) $(if $(CONFIG_GCOV_KERNEL), --no-unreachable)

View File

@ -186,6 +186,8 @@ static bool __dead_end_function(struct objtool_file *file, struct symbol *func,
"stop_this_cpu", "stop_this_cpu",
"__invalid_creds", "__invalid_creds",
"cpu_startup_entry", "cpu_startup_entry",
"__ubsan_handle_builtin_unreachable",
"ex_handler_msr_mce",
}; };
if (!func) if (!func)