Fixes for 6.8

[thirdparty/kernel/stable-queue.git] / queue-6.8 / x86-vdso-fix-rethunk-patching-for-vdso-image-32-64-..patch

From 454f1055b2e80e8f94177e88d6178ba68682f669 Mon Sep 17 00:00:00 2001
From: Sasha Levin <sashal@kernel.org>
Date: Mon, 19 Feb 2024 21:57:18 -0800
Subject: x86/vdso: Fix rethunk patching for vdso-image-{32,64}.o

From: Josh Poimboeuf <jpoimboe@kernel.org>

[ Upstream commit b388e57d4628eb22782bdad4cd5b83ca87a1b7c9 ]

For CONFIG_RETHUNK kernels, objtool annotates all the function return
sites so they can be patched during boot.  By design, after
apply_returns() is called, all tail-calls to the compiler-generated
default return thunk (__x86_return_thunk) should be patched out and
replaced with whatever's needed for any mitigations (or lack thereof).

The commit

  4461438a8405 ("x86/retpoline: Ensure default return thunk isn't used at runtime")

adds a runtime check and a WARN_ONCE() if the default return thunk ever
gets executed after alternatives have been applied.  This warning is
a sanity check to make sure objtool and apply_returns() are doing their
job.

As Nathan reported, that check found something:

  Unpatched return thunk in use. This should not happen!
  WARNING: CPU: 0 PID: 1 at arch/x86/kernel/cpu/bugs.c:2856 __warn_thunk+0x27/0x40
  RIP: 0010:__warn_thunk+0x27/0x40
  Call Trace:
   <TASK>
   ? show_regs
   ? __warn
   ? __warn_thunk
   ? report_bug
   ? console_unlock
   ? handle_bug
   ? exc_invalid_op
   ? asm_exc_invalid_op
   ? ia32_binfmt_init
   ? __warn_thunk
   warn_thunk_thunk
   do_one_initcall
   kernel_init_freeable
   ? __pfx_kernel_init
   kernel_init
   ret_from_fork
   ? __pfx_kernel_init
   ret_from_fork_asm
   </TASK>

Boris debugged to find that the unpatched return site was in
init_vdso_image_64(), and its translation unit wasn't being analyzed by
objtool, so it never got annotated.  So it got ignored by
apply_returns().

This is only a minor issue, as this function is only called during boot.
Still, objtool needs full visibility to the kernel.  Fix it by enabling
objtool on vdso-image-{32,64}.o.

Note this problem can only be seen with !CONFIG_X86_KERNEL_IBT, as that
requires objtool to run individually on all translation units rather on
vmlinux.o.

  [ bp: Massage commit message. ]

Reported-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20240215032049.GA3944823@dev-arch.thelio-3990X
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 arch/x86/entry/vdso/Makefile | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile
index b1b8dd1608f7e..4ee59121b9053 100644
--- a/arch/x86/entry/vdso/Makefile
+++ b/arch/x86/entry/vdso/Makefile
@@ -34,8 +34,12 @@ obj-y                                        += vma.o extable.o
 KASAN_SANITIZE_vma.o                   := y
 UBSAN_SANITIZE_vma.o                   := y
 KCSAN_SANITIZE_vma.o                   := y
-OBJECT_FILES_NON_STANDARD_vma.o                := n
-OBJECT_FILES_NON_STANDARD_extable.o    := n
+
+OBJECT_FILES_NON_STANDARD_extable.o            := n
+OBJECT_FILES_NON_STANDARD_vdso-image-32.o      := n
+OBJECT_FILES_NON_STANDARD_vdso-image-64.o      := n
+OBJECT_FILES_NON_STANDARD_vdso32-setup.o       := n
+OBJECT_FILES_NON_STANDARD_vma.o                        := n
 
 # vDSO images to build
 vdso_img-$(VDSO64-y)           += 64
@@ -43,7 +47,6 @@ vdso_img-$(VDSOX32-y)         += x32
 vdso_img-$(VDSO32-y)           += 32
 
 obj-$(VDSO32-y)                                 += vdso32-setup.o
-OBJECT_FILES_NON_STANDARD_vdso32-setup.o := n
 
 vobjs := $(foreach F,$(vobjs-y),$(obj)/$F)
 vobjs32 := $(foreach F,$(vobjs32-y),$(obj)/$F)
-- 
2.43.0