commit 837bdc6eb2df796e832302347f363afc820694fe
Author: Andrew Cooper <andrew.cooper3@citrix.com>
AuthorDate: Fri Mar 3 08:00:04 2023 +0100
Commit: Jan Beulich <jbeulich@suse.com>
CommitDate: Fri Mar 3 08:00:04 2023 +0100
xen: Work around Clang-IAS macro \@ expansion bug
https://github.com/llvm/llvm-project/issues/60792
It turns out that Clang-IAS does not expand \@ uniquely in a translaition
unit, and the XSA-426 change tickles this bug:
<instantiation>:4:1: error: invalid symbol redefinition
.L1_fill_rsb_loop:
^
make[3]: *** [Rules.mk:247: arch/x86/acpi/cpu_idle.o] Error 1
Extend DO_OVERWRITE_RSB with an optional parameter so C callers can mix %= in
too, which Clang does seem to expand properly.
Fixes: 63305e5392ec ("x86/spec-ctrl: Mitigate Cross-Thread Return Address Predictions")
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
master commit: a2adacff0b91cc7b977abb209dc419a2ef15963f
master date: 2023-02-24 17:44:29 +0000
---
xen/arch/x86/include/asm/spec_ctrl.h | 4 ++--
xen/arch/x86/include/asm/spec_ctrl_asm.h | 19 ++++++++++++-------
2 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/xen/arch/x86/include/asm/spec_ctrl.h b/xen/arch/x86/include/asm/spec_ctrl.h
index 391973ef6a..a431fea587 100644
--- a/xen/arch/x86/include/asm/spec_ctrl.h
+++ b/xen/arch/x86/include/asm/spec_ctrl.h
@@ -83,7 +83,7 @@ static always_inline void spec_ctrl_new_guest_context(void)
wrmsrl(MSR_PRED_CMD, PRED_CMD_IBPB);
/* (ab)use alternative_input() to specify clobbers. */
- alternative_input("", "DO_OVERWRITE_RSB", X86_BUG_IBPB_NO_RET,
+ alternative_input("", "DO_OVERWRITE_RSB xu=%=", X86_BUG_IBPB_NO_RET,
: "rax", "rcx");
}
@@ -172,7 +172,7 @@ static always_inline void spec_ctrl_enter_idle(struct cpu_info *info)
*
* (ab)use alternative_input() to specify clobbers.
*/
- alternative_input("", "DO_OVERWRITE_RSB", X86_FEATURE_SC_RSB_IDLE,
+ alternative_input("", "DO_OVERWRITE_RSB xu=%=", X86_FEATURE_SC_RSB_IDLE,
: "rax", "rcx");
}
diff --git a/xen/arch/x86/include/asm/spec_ctrl_asm.h b/xen/arch/x86/include/asm/spec_ctrl_asm.h
index fab27ff553..f23bb105c5 100644
--- a/xen/arch/x86/include/asm/spec_ctrl_asm.h
+++ b/xen/arch/x86/include/asm/spec_ctrl_asm.h
@@ -117,11 +117,16 @@
.L\@_done:
.endm
-.macro DO_OVERWRITE_RSB tmp=rax
+.macro DO_OVERWRITE_RSB tmp=rax xu
/*
* Requires nothing
* Clobbers \tmp (%rax by default), %rcx
*
+ * xu is an optional parameter to add eXtra Uniqueness. It is intended for
+ * passing %= in from an asm() block, in order to work around
+ * https://github.com/llvm/llvm-project/issues/60792 where Clang-IAS doesn't
+ * expand \@ uniquely.
+ *
* Requires 256 bytes of {,shadow}stack space, but %rsp/SSP has no net
* change. Based on Google's performance numbers, the loop is unrolled to 16
* iterations and two calls per iteration.
@@ -136,27 +141,27 @@
mov $16, %ecx /* 16 iterations, two calls per loop */
mov %rsp, %\tmp /* Store the current %rsp */
-.L\@_fill_rsb_loop:
+.L\@_fill_rsb_loop\xu:
.irp n, 1, 2 /* Unrolled twice. */
- call .L\@_insert_rsb_entry_\n /* Create an RSB entry. */
+ call .L\@_insert_rsb_entry\xu\n /* Create an RSB entry. */
int3 /* Halt rogue speculation. */
-.L\@_insert_rsb_entry_\n:
+.L\@_insert_rsb_entry\xu\n:
.endr
sub $1, %ecx
- jnz .L\@_fill_rsb_loop
+ jnz .L\@_fill_rsb_loop\xu
mov %\tmp, %rsp /* Restore old %rsp */
#ifdef CONFIG_XEN_SHSTK
mov $1, %ecx
rdsspd %ecx
cmp $1, %ecx
- je .L\@_shstk_done
+ je .L\@_shstk_done\xu
mov $64, %ecx /* 64 * 4 bytes, given incsspd */
incsspd %ecx /* Restore old SSP */
-.L\@_shstk_done:
+.L\@_shstk_done\xu:
#endif
.endm
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.17
Author: Andrew Cooper <andrew.cooper3@citrix.com>
AuthorDate: Fri Mar 3 08:00:04 2023 +0100
Commit: Jan Beulich <jbeulich@suse.com>
CommitDate: Fri Mar 3 08:00:04 2023 +0100
xen: Work around Clang-IAS macro \@ expansion bug
https://github.com/llvm/llvm-project/issues/60792
It turns out that Clang-IAS does not expand \@ uniquely in a translaition
unit, and the XSA-426 change tickles this bug:
<instantiation>:4:1: error: invalid symbol redefinition
.L1_fill_rsb_loop:
^
make[3]: *** [Rules.mk:247: arch/x86/acpi/cpu_idle.o] Error 1
Extend DO_OVERWRITE_RSB with an optional parameter so C callers can mix %= in
too, which Clang does seem to expand properly.
Fixes: 63305e5392ec ("x86/spec-ctrl: Mitigate Cross-Thread Return Address Predictions")
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
master commit: a2adacff0b91cc7b977abb209dc419a2ef15963f
master date: 2023-02-24 17:44:29 +0000
---
xen/arch/x86/include/asm/spec_ctrl.h | 4 ++--
xen/arch/x86/include/asm/spec_ctrl_asm.h | 19 ++++++++++++-------
2 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/xen/arch/x86/include/asm/spec_ctrl.h b/xen/arch/x86/include/asm/spec_ctrl.h
index 391973ef6a..a431fea587 100644
--- a/xen/arch/x86/include/asm/spec_ctrl.h
+++ b/xen/arch/x86/include/asm/spec_ctrl.h
@@ -83,7 +83,7 @@ static always_inline void spec_ctrl_new_guest_context(void)
wrmsrl(MSR_PRED_CMD, PRED_CMD_IBPB);
/* (ab)use alternative_input() to specify clobbers. */
- alternative_input("", "DO_OVERWRITE_RSB", X86_BUG_IBPB_NO_RET,
+ alternative_input("", "DO_OVERWRITE_RSB xu=%=", X86_BUG_IBPB_NO_RET,
: "rax", "rcx");
}
@@ -172,7 +172,7 @@ static always_inline void spec_ctrl_enter_idle(struct cpu_info *info)
*
* (ab)use alternative_input() to specify clobbers.
*/
- alternative_input("", "DO_OVERWRITE_RSB", X86_FEATURE_SC_RSB_IDLE,
+ alternative_input("", "DO_OVERWRITE_RSB xu=%=", X86_FEATURE_SC_RSB_IDLE,
: "rax", "rcx");
}
diff --git a/xen/arch/x86/include/asm/spec_ctrl_asm.h b/xen/arch/x86/include/asm/spec_ctrl_asm.h
index fab27ff553..f23bb105c5 100644
--- a/xen/arch/x86/include/asm/spec_ctrl_asm.h
+++ b/xen/arch/x86/include/asm/spec_ctrl_asm.h
@@ -117,11 +117,16 @@
.L\@_done:
.endm
-.macro DO_OVERWRITE_RSB tmp=rax
+.macro DO_OVERWRITE_RSB tmp=rax xu
/*
* Requires nothing
* Clobbers \tmp (%rax by default), %rcx
*
+ * xu is an optional parameter to add eXtra Uniqueness. It is intended for
+ * passing %= in from an asm() block, in order to work around
+ * https://github.com/llvm/llvm-project/issues/60792 where Clang-IAS doesn't
+ * expand \@ uniquely.
+ *
* Requires 256 bytes of {,shadow}stack space, but %rsp/SSP has no net
* change. Based on Google's performance numbers, the loop is unrolled to 16
* iterations and two calls per iteration.
@@ -136,27 +141,27 @@
mov $16, %ecx /* 16 iterations, two calls per loop */
mov %rsp, %\tmp /* Store the current %rsp */
-.L\@_fill_rsb_loop:
+.L\@_fill_rsb_loop\xu:
.irp n, 1, 2 /* Unrolled twice. */
- call .L\@_insert_rsb_entry_\n /* Create an RSB entry. */
+ call .L\@_insert_rsb_entry\xu\n /* Create an RSB entry. */
int3 /* Halt rogue speculation. */
-.L\@_insert_rsb_entry_\n:
+.L\@_insert_rsb_entry\xu\n:
.endr
sub $1, %ecx
- jnz .L\@_fill_rsb_loop
+ jnz .L\@_fill_rsb_loop\xu
mov %\tmp, %rsp /* Restore old %rsp */
#ifdef CONFIG_XEN_SHSTK
mov $1, %ecx
rdsspd %ecx
cmp $1, %ecx
- je .L\@_shstk_done
+ je .L\@_shstk_done\xu
mov $64, %ecx /* 64 * 4 bytes, given incsspd */
incsspd %ecx /* Restore old SSP */
-.L\@_shstk_done:
+.L\@_shstk_done\xu:
#endif
.endm
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.17