x86-its-align-rets-in-bhb-clear-sequence-to-avoid-thunking.patch
x86-ibt-keep-ibt-disabled-during-alternative-patching.patch
x86-its-use-dynamic-thunks-for-indirect-branches.patch
+x86-its-fix-build-errors-when-config_modules-n.patch
+x86-alternative-optimize-returns-patching.patch
+x86-alternatives-remove-faulty-optimization.patch
--- /dev/null
+From d2408e043e7296017420aa5929b3bba4d5e61013 Mon Sep 17 00:00:00 2001
+From: "Borislav Petkov (AMD)" <bp@alien8.de>
+Date: Fri, 12 May 2023 14:05:11 +0200
+Subject: x86/alternative: Optimize returns patching
+
+From: Borislav Petkov (AMD) <bp@alien8.de>
+
+commit d2408e043e7296017420aa5929b3bba4d5e61013 upstream.
+
+Instead of decoding each instruction in the return sites range only to
+realize that that return site is a jump to the default return thunk
+which is needed - X86_FEATURE_RETHUNK is enabled - lift that check
+before the loop and get rid of that loop overhead.
+
+Add comments about what gets patched, while at it.
+
+Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
+Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Link: https://lore.kernel.org/r/20230512120952.7924-1-bp@alien8.de
+Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kernel/alternative.c | 13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
+
+--- a/arch/x86/kernel/alternative.c
++++ b/arch/x86/kernel/alternative.c
+@@ -775,13 +775,12 @@ static int patch_return(void *addr, stru
+ {
+ int i = 0;
+
++ /* Patch the custom return thunks... */
+ if (cpu_wants_rethunk_at(addr)) {
+- if (x86_return_thunk == __x86_return_thunk)
+- return -1;
+-
+ i = JMP32_INSN_SIZE;
+ __text_gen_insn(bytes, JMP32_INSN_OPCODE, addr, x86_return_thunk, i);
+ } else {
++ /* ... or patch them out if not needed. */
+ bytes[i++] = RET_INSN_OPCODE;
+ }
+
+@@ -794,6 +793,14 @@ void __init_or_module noinline apply_ret
+ {
+ s32 *s;
+
++ /*
++ * Do not patch out the default return thunks if those needed are the
++ * ones generated by the compiler.
++ */
++ if (cpu_feature_enabled(X86_FEATURE_RETHUNK) &&
++ (x86_return_thunk == __x86_return_thunk))
++ return;
++
+ for (s = start; s < end; s++) {
+ void *dest = NULL, *addr = (void *)s + *s;
+ struct insn insn;
--- /dev/null
+From 4ba89dd6ddeca2a733bdaed7c9a5cbe4e19d9124 Mon Sep 17 00:00:00 2001
+From: Josh Poimboeuf <jpoimboe@kernel.org>
+Date: Mon, 4 Sep 2023 22:04:54 -0700
+Subject: x86/alternatives: Remove faulty optimization
+
+From: Josh Poimboeuf <jpoimboe@kernel.org>
+
+commit 4ba89dd6ddeca2a733bdaed7c9a5cbe4e19d9124 upstream.
+
+The following commit
+
+ 095b8303f383 ("x86/alternative: Make custom return thunk unconditional")
+
+made '__x86_return_thunk' a placeholder value. All code setting
+X86_FEATURE_RETHUNK also changes the value of 'x86_return_thunk'. So
+the optimization at the beginning of apply_returns() is dead code.
+
+Also, before the above-mentioned commit, the optimization actually had a
+bug It bypassed __static_call_fixup(), causing some raw returns to
+remain unpatched in static call trampolines. Thus the 'Fixes' tag.
+
+Fixes: d2408e043e72 ("x86/alternative: Optimize returns patching")
+Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
+Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
+Link: https://lore.kernel.org/r/16d19d2249d4485d8380fb215ffaae81e6b8119e.1693889988.git.jpoimboe@kernel.org
+Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kernel/alternative.c | 8 --------
+ 1 file changed, 8 deletions(-)
+
+--- a/arch/x86/kernel/alternative.c
++++ b/arch/x86/kernel/alternative.c
+@@ -793,14 +793,6 @@ void __init_or_module noinline apply_ret
+ {
+ s32 *s;
+
+- /*
+- * Do not patch out the default return thunks if those needed are the
+- * ones generated by the compiler.
+- */
+- if (cpu_feature_enabled(X86_FEATURE_RETHUNK) &&
+- (x86_return_thunk == __x86_return_thunk))
+- return;
+-
+ for (s = start; s < end; s++) {
+ void *dest = NULL, *addr = (void *)s + *s;
+ struct insn insn;
--- /dev/null
+From 9f35e33144ae5377d6a8de86dd3bd4d995c6ac65 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Mon, 12 May 2025 19:58:39 -0700
+Subject: x86/its: Fix build errors when CONFIG_MODULES=n
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 9f35e33144ae5377d6a8de86dd3bd4d995c6ac65 upstream.
+
+Fix several build errors when CONFIG_MODULES=n, including the following:
+
+../arch/x86/kernel/alternative.c:195:25: error: incomplete definition of type 'struct module'
+ 195 | for (int i = 0; i < mod->its_num_pages; i++) {
+
+Fixes: 872df34d7c51 ("x86/its: Use dynamic thunks for indirect branches")
+Cc: stable@vger.kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Acked-by: Dave Hansen <dave.hansen@intel.com>
+Tested-by: Steven Rostedt (Google) <rostedt@goodmis.org>
+Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kernel/alternative.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/arch/x86/kernel/alternative.c
++++ b/arch/x86/kernel/alternative.c
+@@ -402,7 +402,9 @@ static int emit_indirect(int op, int reg
+
+ #ifdef CONFIG_MITIGATION_ITS
+
++#ifdef CONFIG_MODULES
+ static struct module *its_mod;
++#endif
+ static void *its_page;
+ static unsigned int its_offset;
+
+@@ -423,6 +425,7 @@ static void *its_init_thunk(void *thunk,
+ return thunk;
+ }
+
++#ifdef CONFIG_MODULES
+ void its_init_mod(struct module *mod)
+ {
+ if (!cpu_feature_enabled(X86_FEATURE_INDIRECT_THUNK_ITS))
+@@ -462,6 +465,7 @@ void its_free_mod(struct module *mod)
+ }
+ kfree(mod->its_page_array);
+ }
++#endif /* CONFIG_MODULES */
+
+ DEFINE_FREE(its_execmem, void *, if (_T) module_memfree(_T));
+
+@@ -472,6 +476,7 @@ static void *its_alloc(void)
+ if (!page)
+ return NULL;
+
++#ifdef CONFIG_MODULES
+ if (its_mod) {
+ void *tmp = krealloc(its_mod->its_page_array,
+ (its_mod->its_num_pages+1) * sizeof(void *),
+@@ -482,6 +487,7 @@ static void *its_alloc(void)
+ its_mod->its_page_array = tmp;
+ its_mod->its_page_array[its_mod->its_num_pages++] = page;
+ }
++#endif /* CONFIG_MODULES */
+
+ return no_free_ptr(page);
+ }
projects / thirdparty / kernel / stable-queue.git / commitdiff
