5.15-stable patches

added patches:
	objtool-x86-fix-srso-mess.patch
	series

diff --git a/queue-5.15/objtool-x86-fix-srso-mess.patch b/queue-5.15/objtool-x86-fix-srso-mess.patch
new file mode 100644 (file)
index 0000000..b605c49
--- /dev/null
+++ b/queue-5.15/objtool-x86-fix-srso-mess.patch
@@ -0,0 +1,144 @@
+From 4ae68b26c3ab5a82aa271e6e9fc9b1a06e1d6b40 Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Mon, 14 Aug 2023 13:44:29 +0200
+Subject: objtool/x86: Fix SRSO mess
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit 4ae68b26c3ab5a82aa271e6e9fc9b1a06e1d6b40 upstream.
+
+Objtool --rethunk does two things:
+
+ - it collects all (tail) call's of __x86_return_thunk and places them
+   into .return_sites. These are typically compiler generated, but
+   RET also emits this same.
+
+ - it fudges the validation of the __x86_return_thunk symbol; because
+   this symbol is inside another instruction, it can't actually find
+   the instruction pointed to by the symbol offset and gets upset.
+
+Because these two things pertained to the same symbol, there was no
+pressing need to separate these two separate things.
+
+However, alas, along comes SRSO and more crazy things to deal with
+appeared.
+
+The SRSO patch itself added the following symbol names to identify as
+rethunk:
+
+  'srso_untrain_ret', 'srso_safe_ret' and '__ret'
+
+Where '__ret' is the old retbleed return thunk, 'srso_safe_ret' is a
+new similarly embedded return thunk, and 'srso_untrain_ret' is
+completely unrelated to anything the above does (and was only included
+because of that INT3 vs UD2 issue fixed previous).
+
+Clear things up by adding a second category for the embedded instruction
+thing.
+
+Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation")
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
+Link: https://lore.kernel.org/r/20230814121148.704502245@infradead.org
+Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ tools/objtool/arch/x86/decode.c      |   11 +++++++----
+ tools/objtool/check.c                |   22 +++++++++++++++++++++-
+ tools/objtool/include/objtool/arch.h |    1 +
+ tools/objtool/include/objtool/elf.h  |    1 +
+ 4 files changed, 30 insertions(+), 5 deletions(-)
+
+--- a/tools/objtool/arch/x86/decode.c
++++ b/tools/objtool/arch/x86/decode.c
+@@ -725,8 +725,11 @@ bool arch_is_retpoline(struct symbol *sy
+ 
+ bool arch_is_rethunk(struct symbol *sym)
+ {
+-      return !strcmp(sym->name, "__x86_return_thunk") ||
+-             !strcmp(sym->name, "srso_untrain_ret") ||
+-             !strcmp(sym->name, "srso_safe_ret") ||
+-             !strcmp(sym->name, "retbleed_return_thunk");
++      return !strcmp(sym->name, "__x86_return_thunk");
++}
++
++bool arch_is_embedded_insn(struct symbol *sym)
++{
++      return !strcmp(sym->name, "retbleed_return_thunk") ||
++             !strcmp(sym->name, "srso_safe_ret");
+ }
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -990,16 +990,33 @@ static int add_ignore_alternatives(struc
+       return 0;
+ }
+ 
++/*
++ * Symbols that replace INSN_CALL_DYNAMIC, every (tail) call to such a symbol
++ * will be added to the .retpoline_sites section.
++ */
+ __weak bool arch_is_retpoline(struct symbol *sym)
+ {
+       return false;
+ }
+ 
++/*
++ * Symbols that replace INSN_RETURN, every (tail) call to such a symbol
++ * will be added to the .return_sites section.
++ */
+ __weak bool arch_is_rethunk(struct symbol *sym)
+ {
+       return false;
+ }
+ 
++/*
++ * Symbols that are embedded inside other instructions, because sometimes crazy
++ * code exists. These are mostly ignored for validation purposes.
++ */
++__weak bool arch_is_embedded_insn(struct symbol *sym)
++{
++      return false;
++}
++
+ #define NEGATIVE_RELOC        ((void *)-1L)
+ 
+ static struct reloc *insn_reloc(struct objtool_file *file, struct instruction *insn)
+@@ -1235,7 +1252,7 @@ static int add_jump_destinations(struct
+                        * middle of another instruction.  Objtool only
+                        * knows about the outer instruction.
+                        */
+-                      if (sym && sym->return_thunk) {
++                      if (sym && sym->embedded_insn) {
+                               add_return_call(file, insn, false);
+                               continue;
+                       }
+@@ -2066,6 +2083,9 @@ static int classify_symbols(struct objto
+                       if (arch_is_rethunk(func))
+                               func->return_thunk = true;
+ 
++                      if (arch_is_embedded_insn(func))
++                              func->embedded_insn = true;
++
+                       if (!strcmp(func->name, "__fentry__"))
+                               func->fentry = true;
+ 
+--- a/tools/objtool/include/objtool/arch.h
++++ b/tools/objtool/include/objtool/arch.h
+@@ -89,6 +89,7 @@ int arch_decode_hint_reg(u8 sp_reg, int
+ 
+ bool arch_is_retpoline(struct symbol *sym);
+ bool arch_is_rethunk(struct symbol *sym);
++bool arch_is_embedded_insn(struct symbol *sym);
+ 
+ int arch_rewrite_retpolines(struct objtool_file *file);
+ 
+--- a/tools/objtool/include/objtool/elf.h
++++ b/tools/objtool/include/objtool/elf.h
+@@ -60,6 +60,7 @@ struct symbol {
+       u8 return_thunk      : 1;
+       u8 fentry            : 1;
+       u8 kcov              : 1;
++      u8 embedded_insn     : 1;
+ };
+ 
+ struct reloc {

diff --git a/queue-5.15/series b/queue-5.15/series
new file mode 100644 (file)
index 0000000..20944b7
--- /dev/null
+++ b/queue-5.15/series
@@ -0,0 +1 @@
+objtool-x86-fix-srso-mess.patch