--- /dev/null
+From ca41b97ed9124fd62323a162de5852f6e28f94b8 Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Wed, 31 Jan 2018 10:18:28 +0100
+Subject: objtool: Add module specific retpoline rules
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit ca41b97ed9124fd62323a162de5852f6e28f94b8 upstream.
+
+David allowed retpolines in .init.text, except for modules, which will
+trip up objtool retpoline validation, fix that.
+
+Requested-by: David Woodhouse <dwmw2@infradead.org>
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Arjan van de Ven <arjan@linux.intel.com>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dan Williams <dan.j.williams@intel.com>
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Cc: David Woodhouse <dwmw2@infradead.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ scripts/Makefile.build | 2 ++
+ tools/objtool/builtin-check.c | 3 ++-
+ tools/objtool/builtin.h | 2 +-
+ tools/objtool/check.c | 9 +++++++++
+ 4 files changed, 14 insertions(+), 2 deletions(-)
+
+--- a/scripts/Makefile.build
++++ b/scripts/Makefile.build
+@@ -256,6 +256,8 @@ __objtool_obj := $(objtree)/tools/objtoo
+
+ objtool_args = $(if $(CONFIG_UNWINDER_ORC),orc generate,check)
+
++objtool_args += $(if $(part-of-module), --module,)
++
+ ifndef CONFIG_FRAME_POINTER
+ objtool_args += --no-fp
+ endif
+--- a/tools/objtool/builtin-check.c
++++ b/tools/objtool/builtin-check.c
+@@ -29,7 +29,7 @@
+ #include "builtin.h"
+ #include "check.h"
+
+-bool no_fp, no_unreachable, retpoline;
++bool no_fp, no_unreachable, retpoline, module;
+
+ static const char * const check_usage[] = {
+ "objtool check [<options>] file.o",
+@@ -40,6 +40,7 @@ const struct option check_options[] = {
+ OPT_BOOLEAN('f', "no-fp", &no_fp, "Skip frame pointer validation"),
+ OPT_BOOLEAN('u', "no-unreachable", &no_unreachable, "Skip 'unreachable instruction' warnings"),
+ OPT_BOOLEAN('r', "retpoline", &retpoline, "Validate retpoline assumptions"),
++ OPT_BOOLEAN('m', "module", &module, "Indicates the object will be part of a kernel module"),
+ OPT_END(),
+ };
+
+--- a/tools/objtool/builtin.h
++++ b/tools/objtool/builtin.h
+@@ -20,7 +20,7 @@
+ #include <subcmd/parse-options.h>
+
+ extern const struct option check_options[];
+-extern bool no_fp, no_unreachable, retpoline;
++extern bool no_fp, no_unreachable, retpoline, module;
+
+ extern int cmd_check(int argc, const char **argv);
+ extern int cmd_orc(int argc, const char **argv);
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -1957,6 +1957,15 @@ static int validate_retpoline(struct obj
+ if (insn->retpoline_safe)
+ continue;
+
++ /*
++ * .init.text code is ran before userspace and thus doesn't
++ * strictly need retpolines, except for modules which are
++ * loaded late, they very much do need retpoline in their
++ * .init.text
++ */
++ if (!strcmp(insn->sec->name, ".init.text") && !module)
++ continue;
++
+ WARN_FUNC("indirect %s found in RETPOLINE build",
+ insn->sec, insn->offset,
+ insn->type == INSN_JUMP_DYNAMIC ? "jump" : "call");
--- /dev/null
+From b5bc2231b8ad4387c9641f235ca0ad8cd300b6df Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Tue, 16 Jan 2018 10:24:06 +0100
+Subject: objtool: Add retpoline validation
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit b5bc2231b8ad4387c9641f235ca0ad8cd300b6df upstream.
+
+David requested a objtool validation pass for CONFIG_RETPOLINE=y enabled
+builds, where it validates no unannotated indirect jumps or calls are
+left.
+
+Add an additional .discard.retpoline_safe section to allow annotating
+the few indirect sites that are required and safe.
+
+Requested-by: David Woodhouse <dwmw2@infradead.org>
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Arjan van de Ven <arjan@linux.intel.com>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dan Williams <dan.j.williams@intel.com>
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ scripts/Makefile.build | 4 +
+ tools/objtool/builtin-check.c | 3 -
+ tools/objtool/builtin.h | 2
+ tools/objtool/check.c | 86 +++++++++++++++++++++++++++++++++++++++++-
+ tools/objtool/check.h | 1
+ 5 files changed, 93 insertions(+), 3 deletions(-)
+
+--- a/scripts/Makefile.build
++++ b/scripts/Makefile.build
+@@ -264,6 +264,10 @@ objtool_args += --no-unreachable
+ else
+ objtool_args += $(call cc-ifversion, -lt, 0405, --no-unreachable)
+ endif
++ifdef CONFIG_RETPOLINE
++ objtool_args += --retpoline
++endif
++
+
+ ifdef CONFIG_MODVERSIONS
+ objtool_o = $(@D)/.tmp_$(@F)
+--- a/tools/objtool/builtin-check.c
++++ b/tools/objtool/builtin-check.c
+@@ -29,7 +29,7 @@
+ #include "builtin.h"
+ #include "check.h"
+
+-bool no_fp, no_unreachable;
++bool no_fp, no_unreachable, retpoline;
+
+ static const char * const check_usage[] = {
+ "objtool check [<options>] file.o",
+@@ -39,6 +39,7 @@ static const char * const check_usage[]
+ const struct option check_options[] = {
+ OPT_BOOLEAN('f', "no-fp", &no_fp, "Skip frame pointer validation"),
+ OPT_BOOLEAN('u', "no-unreachable", &no_unreachable, "Skip 'unreachable instruction' warnings"),
++ OPT_BOOLEAN('r', "retpoline", &retpoline, "Validate retpoline assumptions"),
+ OPT_END(),
+ };
+
+--- a/tools/objtool/builtin.h
++++ b/tools/objtool/builtin.h
+@@ -20,7 +20,7 @@
+ #include <subcmd/parse-options.h>
+
+ extern const struct option check_options[];
+-extern bool no_fp, no_unreachable;
++extern bool no_fp, no_unreachable, retpoline;
+
+ extern int cmd_check(int argc, const char **argv);
+ extern int cmd_orc(int argc, const char **argv);
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -496,6 +496,7 @@ static int add_jump_destinations(struct
+ * disguise, so convert them accordingly.
+ */
+ insn->type = INSN_JUMP_DYNAMIC;
++ insn->retpoline_safe = true;
+ continue;
+ } else {
+ /* sibling call */
+@@ -547,7 +548,8 @@ static int add_call_destinations(struct
+ if (!insn->call_dest && !insn->ignore) {
+ WARN_FUNC("unsupported intra-function call",
+ insn->sec, insn->offset);
+- WARN("If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE.");
++ if (retpoline)
++ WARN("If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE.");
+ return -1;
+ }
+
+@@ -1107,6 +1109,54 @@ static int read_unwind_hints(struct objt
+ return 0;
+ }
+
++static int read_retpoline_hints(struct objtool_file *file)
++{
++ struct section *sec, *relasec;
++ struct instruction *insn;
++ struct rela *rela;
++ int i;
++
++ sec = find_section_by_name(file->elf, ".discard.retpoline_safe");
++ if (!sec)
++ return 0;
++
++ relasec = sec->rela;
++ if (!relasec) {
++ WARN("missing .rela.discard.retpoline_safe section");
++ return -1;
++ }
++
++ if (sec->len % sizeof(unsigned long)) {
++ WARN("retpoline_safe size mismatch: %d %ld", sec->len, sizeof(unsigned long));
++ return -1;
++ }
++
++ for (i = 0; i < sec->len / sizeof(unsigned long); i++) {
++ rela = find_rela_by_dest(sec, i * sizeof(unsigned long));
++ if (!rela) {
++ WARN("can't find rela for retpoline_safe[%d]", i);
++ return -1;
++ }
++
++ insn = find_insn(file, rela->sym->sec, rela->addend);
++ if (!insn) {
++ WARN("can't find insn for retpoline_safe[%d]", i);
++ return -1;
++ }
++
++ if (insn->type != INSN_JUMP_DYNAMIC &&
++ insn->type != INSN_CALL_DYNAMIC) {
++ WARN_FUNC("retpoline_safe hint not a indirect jump/call",
++ insn->sec, insn->offset);
++ return -1;
++ }
++
++ insn->retpoline_safe = true;
++ }
++
++ return 0;
++}
++
+ static int decode_sections(struct objtool_file *file)
+ {
+ int ret;
+@@ -1145,6 +1195,10 @@ static int decode_sections(struct objtoo
+ if (ret)
+ return ret;
+
++ ret = read_retpoline_hints(file);
++ if (ret)
++ return ret;
++
+ return 0;
+ }
+
+@@ -1890,6 +1944,29 @@ static int validate_unwind_hints(struct
+ return warnings;
+ }
+
++static int validate_retpoline(struct objtool_file *file)
++{
++ struct instruction *insn;
++ int warnings = 0;
++
++ for_each_insn(file, insn) {
++ if (insn->type != INSN_JUMP_DYNAMIC &&
++ insn->type != INSN_CALL_DYNAMIC)
++ continue;
++
++ if (insn->retpoline_safe)
++ continue;
++
++ WARN_FUNC("indirect %s found in RETPOLINE build",
++ insn->sec, insn->offset,
++ insn->type == INSN_JUMP_DYNAMIC ? "jump" : "call");
++
++ warnings++;
++ }
++
++ return warnings;
++}
++
+ static bool is_kasan_insn(struct instruction *insn)
+ {
+ return (insn->type == INSN_CALL &&
+@@ -2050,6 +2127,13 @@ int check(const char *_objname, bool orc
+ if (list_empty(&file.insn_list))
+ goto out;
+
++ if (retpoline) {
++ ret = validate_retpoline(&file);
++ if (ret < 0)
++ return ret;
++ warnings += ret;
++ }
++
+ ret = validate_functions(&file);
+ if (ret < 0)
+ goto out;
+--- a/tools/objtool/check.h
++++ b/tools/objtool/check.h
+@@ -45,6 +45,7 @@ struct instruction {
+ unsigned char type;
+ unsigned long immediate;
+ bool alt_group, visited, dead_end, ignore, hint, save, restore, ignore_alts;
++ bool retpoline_safe;
+ struct symbol *call_dest;
+ struct instruction *jump_dest;
+ struct instruction *first_jump_src;
--- /dev/null
+From 63474dc4ac7ed3848a4786b9592dd061901f606d Mon Sep 17 00:00:00 2001
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+Date: Tue, 6 Mar 2018 17:58:15 -0600
+Subject: objtool: Fix 32-bit build
+
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+
+commit 63474dc4ac7ed3848a4786b9592dd061901f606d upstream.
+
+Fix the objtool build when cross-compiling a 64-bit kernel on a 32-bit
+host. This also simplifies read_retpoline_hints() a bit and makes its
+implementation similar to most of the other annotation reading
+functions.
+
+Reported-by: Sven Joachim <svenjoac@gmx.de>
+Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Fixes: b5bc2231b8ad ("objtool: Add retpoline validation")
+Link: http://lkml.kernel.org/r/2ca46c636c23aa9c9d57d53c75de4ee3ddf7a7df.1520380691.git.jpoimboe@redhat.com
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/objtool/check.c | 27 +++++++--------------------
+ 1 file changed, 7 insertions(+), 20 deletions(-)
+
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -1115,42 +1115,29 @@ static int read_unwind_hints(struct objt
+
+ static int read_retpoline_hints(struct objtool_file *file)
+ {
+- struct section *sec, *relasec;
++ struct section *sec;
+ struct instruction *insn;
+ struct rela *rela;
+- int i;
+
+- sec = find_section_by_name(file->elf, ".discard.retpoline_safe");
++ sec = find_section_by_name(file->elf, ".rela.discard.retpoline_safe");
+ if (!sec)
+ return 0;
+
+- relasec = sec->rela;
+- if (!relasec) {
+- WARN("missing .rela.discard.retpoline_safe section");
+- return -1;
+- }
+-
+- if (sec->len % sizeof(unsigned long)) {
+- WARN("retpoline_safe size mismatch: %d %ld", sec->len, sizeof(unsigned long));
+- return -1;
+- }
+-
+- for (i = 0; i < sec->len / sizeof(unsigned long); i++) {
+- rela = find_rela_by_dest(sec, i * sizeof(unsigned long));
+- if (!rela) {
+- WARN("can't find rela for retpoline_safe[%d]", i);
++ list_for_each_entry(rela, &sec->rela_list, list) {
++ if (rela->sym->type != STT_SECTION) {
++ WARN("unexpected relocation symbol type in %s", sec->name);
+ return -1;
+ }
+
+ insn = find_insn(file, rela->sym->sec, rela->addend);
+ if (!insn) {
+- WARN("can't find insn for retpoline_safe[%d]", i);
++ WARN("bad .discard.retpoline_safe entry");
+ return -1;
+ }
+
+ if (insn->type != INSN_JUMP_DYNAMIC &&
+ insn->type != INSN_CALL_DYNAMIC) {
+- WARN_FUNC("retpoline_safe hint not a indirect jump/call",
++ WARN_FUNC("retpoline_safe hint not an indirect jump/call",
+ insn->sec, insn->offset);
+ return -1;
+ }
--- /dev/null
+From 1402fd8ed7e5bda1b3e7613b70780b0db392d1e6 Mon Sep 17 00:00:00 2001
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+Date: Wed, 28 Feb 2018 07:19:21 -0600
+Subject: objtool: Fix another switch table detection issue
+
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+
+commit 1402fd8ed7e5bda1b3e7613b70780b0db392d1e6 upstream.
+
+Continue the switch table detection whack-a-mole. Add a check to
+distinguish KASAN data reads from switch data reads. The switch jump
+tables in .rodata have relocations associated with them.
+
+This fixes the following warning:
+
+ crypto/asymmetric_keys/x509_cert_parser.o: warning: objtool: x509_note_pkey_algo()+0xa4: sibling call from callable instruction with modified stack frame
+
+Reported-by: Arnd Bergmann <arnd@arndb.de>
+Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Tested-by: Arnd Bergmann <arnd@arndb.de>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Link: https://lkml.kernel.org/r/d7c8853022ad47d158cb81e953a40469fc08a95e.1519784382.git.jpoimboe@redhat.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/objtool/check.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -924,7 +924,11 @@ static struct rela *find_switch_table(st
+ if (find_symbol_containing(file->rodata, text_rela->addend))
+ continue;
+
+- return find_rela_by_dest(file->rodata, text_rela->addend);
++ rodata_rela = find_rela_by_dest(file->rodata, text_rela->addend);
++ if (!rodata_rela)
++ continue;
++
++ return rodata_rela;
+ }
+
+ return NULL;
--- /dev/null
+From d5028ba8ee5a18c9d0bb926d883c28b370f89009 Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Tue, 6 Feb 2018 09:46:13 +0100
+Subject: objtool, retpolines: Integrate objtool with retpoline support more closely
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit d5028ba8ee5a18c9d0bb926d883c28b370f89009 upstream.
+
+Disable retpoline validation in objtool if your compiler sucks, and otherwise
+select the validation stuff for CONFIG_RETPOLINE=y (most builds would already
+have it set due to ORC).
+
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Arjan van de Ven <arjan@linux.intel.com>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dan Williams <dan.j.williams@intel.com>
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Cc: David Woodhouse <dwmw2@infradead.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Makefile | 5 +++++
+ arch/x86/Kconfig | 1 +
+ arch/x86/Makefile | 10 +++-------
+ scripts/Makefile.build | 2 ++
+ 4 files changed, 11 insertions(+), 7 deletions(-)
+
+--- a/Makefile
++++ b/Makefile
+@@ -487,6 +487,11 @@ KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG
+ KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
+ endif
+
++RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register
++RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk
++RETPOLINE_CFLAGS := $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG)))
++export RETPOLINE_CFLAGS
++
+ ifeq ($(config-targets),1)
+ # ===========================================================================
+ # *config targets only - make sure prerequisites are updated, and descend
+--- a/arch/x86/Kconfig
++++ b/arch/x86/Kconfig
+@@ -432,6 +432,7 @@ config GOLDFISH
+ config RETPOLINE
+ bool "Avoid speculative indirect branches in kernel"
+ default y
++ select STACK_VALIDATION if HAVE_STACK_VALIDATION
+ help
+ Compile kernel with the retpoline compiler options to guard against
+ kernel-to-user data leaks by avoiding speculative indirect
+--- a/arch/x86/Makefile
++++ b/arch/x86/Makefile
+@@ -232,13 +232,9 @@ KBUILD_CFLAGS += -fno-asynchronous-unwin
+
+ # Avoid indirect branches in kernel to deal with Spectre
+ ifdef CONFIG_RETPOLINE
+- RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register
+- RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk
+-
+- RETPOLINE_CFLAGS += $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG)))
+- ifneq ($(RETPOLINE_CFLAGS),)
+- KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
+- endif
++ifneq ($(RETPOLINE_CFLAGS),)
++ KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
++endif
+ endif
+
+ archscripts: scripts_basic
+--- a/scripts/Makefile.build
++++ b/scripts/Makefile.build
+@@ -267,8 +267,10 @@ else
+ objtool_args += $(call cc-ifversion, -lt, 0405, --no-unreachable)
+ endif
+ ifdef CONFIG_RETPOLINE
++ifneq ($(RETPOLINE_CFLAGS),)
+ objtool_args += --retpoline
+ endif
++endif
+
+
+ ifdef CONFIG_MODVERSIONS
--- /dev/null
+From 43a4525f80534530077683f6472d8971646b0ace Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Tue, 16 Jan 2018 17:16:32 +0100
+Subject: objtool: Use existing global variables for options
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit 43a4525f80534530077683f6472d8971646b0ace upstream.
+
+Use the existing global variables instead of passing them around and
+creating duplicate global variables.
+
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Arjan van de Ven <arjan@linux.intel.com>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dan Williams <dan.j.williams@intel.com>
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Cc: David Woodhouse <dwmw2@infradead.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/objtool/builtin-check.c | 2 +-
+ tools/objtool/builtin-orc.c | 6 +-----
+ tools/objtool/builtin.h | 5 +++++
+ tools/objtool/check.c | 5 ++---
+ tools/objtool/check.h | 2 +-
+ 5 files changed, 10 insertions(+), 10 deletions(-)
+
+--- a/tools/objtool/builtin-check.c
++++ b/tools/objtool/builtin-check.c
+@@ -53,5 +53,5 @@ int cmd_check(int argc, const char **arg
+
+ objname = argv[0];
+
+- return check(objname, no_fp, no_unreachable, false);
++ return check(objname, false);
+ }
+--- a/tools/objtool/builtin-orc.c
++++ b/tools/objtool/builtin-orc.c
+@@ -25,7 +25,6 @@
+ */
+
+ #include <string.h>
+-#include <subcmd/parse-options.h>
+ #include "builtin.h"
+ #include "check.h"
+
+@@ -36,9 +35,6 @@ static const char *orc_usage[] = {
+ NULL,
+ };
+
+-extern const struct option check_options[];
+-extern bool no_fp, no_unreachable;
+-
+ int cmd_orc(int argc, const char **argv)
+ {
+ const char *objname;
+@@ -54,7 +50,7 @@ int cmd_orc(int argc, const char **argv)
+
+ objname = argv[0];
+
+- return check(objname, no_fp, no_unreachable, true);
++ return check(objname, true);
+ }
+
+ if (!strcmp(argv[0], "dump")) {
+--- a/tools/objtool/builtin.h
++++ b/tools/objtool/builtin.h
+@@ -17,6 +17,11 @@
+ #ifndef _BUILTIN_H
+ #define _BUILTIN_H
+
++#include <subcmd/parse-options.h>
++
++extern const struct option check_options[];
++extern bool no_fp, no_unreachable;
++
+ extern int cmd_check(int argc, const char **argv);
+ extern int cmd_orc(int argc, const char **argv);
+
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -18,6 +18,7 @@
+ #include <string.h>
+ #include <stdlib.h>
+
++#include "builtin.h"
+ #include "check.h"
+ #include "elf.h"
+ #include "special.h"
+@@ -33,7 +34,6 @@ struct alternative {
+ };
+
+ const char *objname;
+-static bool no_fp;
+ struct cfi_state initial_func_cfi;
+
+ struct instruction *find_insn(struct objtool_file *file,
+@@ -2021,13 +2021,12 @@ static void cleanup(struct objtool_file
+ elf_close(file->elf);
+ }
+
+-int check(const char *_objname, bool _no_fp, bool no_unreachable, bool orc)
++int check(const char *_objname, bool orc)
+ {
+ struct objtool_file file;
+ int ret, warnings = 0;
+
+ objname = _objname;
+- no_fp = _no_fp;
+
+ file.elf = elf_open(objname, orc ? O_RDWR : O_RDONLY);
+ if (!file.elf)
+--- a/tools/objtool/check.h
++++ b/tools/objtool/check.h
+@@ -63,7 +63,7 @@ struct objtool_file {
+ bool ignore_unreachables, c_file, hints;
+ };
+
+-int check(const char *objname, bool no_fp, bool no_unreachable, bool orc);
++int check(const char *objname, bool orc);
+
+ struct instruction *find_insn(struct objtool_file *file,
+ struct section *sec, unsigned long offset);
x86-paravirt-objtool-annotate-indirect-calls.patch
x86-boot-objtool-annotate-indirect-jump-in-secondary_startup_64.patch
x86-mm-sme-objtool-annotate-indirect-call-in-sme_encrypt_execute.patch
+objtool-use-existing-global-variables-for-options.patch
+objtool-add-retpoline-validation.patch
+objtool-add-module-specific-retpoline-rules.patch
+objtool-retpolines-integrate-objtool-with-retpoline-support-more-closely.patch
+objtool-fix-another-switch-table-detection-issue.patch
+objtool-fix-32-bit-build.patch
+x86-kprobes-fix-kernel-crash-when-probing-.entry_trampoline-code.patch
--- /dev/null
+From c07a8f8b08ba683ea24f3ac9159f37ae94daf47f Mon Sep 17 00:00:00 2001
+From: Francis Deslauriers <francis.deslauriers@efficios.com>
+Date: Thu, 8 Mar 2018 22:18:12 -0500
+Subject: x86/kprobes: Fix kernel crash when probing .entry_trampoline code
+
+From: Francis Deslauriers <francis.deslauriers@efficios.com>
+
+commit c07a8f8b08ba683ea24f3ac9159f37ae94daf47f upstream.
+
+Disable the kprobe probing of the entry trampoline:
+
+.entry_trampoline is a code area that is used to ensure page table
+isolation between userspace and kernelspace.
+
+At the beginning of the execution of the trampoline, we load the
+kernel's CR3 register. This has the effect of enabling the translation
+of the kernel virtual addresses to physical addresses. Before this
+happens most kernel addresses can not be translated because the running
+process' CR3 is still used.
+
+If a kprobe is placed on the trampoline code before that change of the
+CR3 register happens the kernel crashes because int3 handling pages are
+not accessible.
+
+To fix this, add the .entry_trampoline section to the kprobe blacklist
+to prohibit the probing of code before all the kernel pages are
+accessible.
+
+Signed-off-by: Francis Deslauriers <francis.deslauriers@efficios.com>
+Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Brian Gerst <brgerst@gmail.com>
+Cc: Denys Vlasenko <dvlasenk@redhat.com>
+Cc: H. Peter Anvin <hpa@zytor.com>
+Cc: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: mathieu.desnoyers@efficios.com
+Cc: mhiramat@kernel.org
+Link: http://lkml.kernel.org/r/1520565492-4637-2-git-send-email-francis.deslauriers@efficios.com
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/include/asm/sections.h | 1 +
+ arch/x86/kernel/kprobes/core.c | 10 +++++++++-
+ arch/x86/kernel/vmlinux.lds.S | 2 ++
+ 3 files changed, 12 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/include/asm/sections.h
++++ b/arch/x86/include/asm/sections.h
+@@ -10,6 +10,7 @@ extern struct exception_table_entry __st
+
+ #if defined(CONFIG_X86_64)
+ extern char __end_rodata_hpage_align[];
++extern char __entry_trampoline_start[], __entry_trampoline_end[];
+ #endif
+
+ #endif /* _ASM_X86_SECTIONS_H */
+--- a/arch/x86/kernel/kprobes/core.c
++++ b/arch/x86/kernel/kprobes/core.c
+@@ -1168,10 +1168,18 @@ NOKPROBE_SYMBOL(longjmp_break_handler);
+
+ bool arch_within_kprobe_blacklist(unsigned long addr)
+ {
++ bool is_in_entry_trampoline_section = false;
++
++#ifdef CONFIG_X86_64
++ is_in_entry_trampoline_section =
++ (addr >= (unsigned long)__entry_trampoline_start &&
++ addr < (unsigned long)__entry_trampoline_end);
++#endif
+ return (addr >= (unsigned long)__kprobes_text_start &&
+ addr < (unsigned long)__kprobes_text_end) ||
+ (addr >= (unsigned long)__entry_text_start &&
+- addr < (unsigned long)__entry_text_end);
++ addr < (unsigned long)__entry_text_end) ||
++ is_in_entry_trampoline_section;
+ }
+
+ int __init arch_init_kprobes(void)
+--- a/arch/x86/kernel/vmlinux.lds.S
++++ b/arch/x86/kernel/vmlinux.lds.S
+@@ -118,9 +118,11 @@ SECTIONS
+
+ #ifdef CONFIG_X86_64
+ . = ALIGN(PAGE_SIZE);
++ VMLINUX_SYMBOL(__entry_trampoline_start) = .;
+ _entry_trampoline = .;
+ *(.entry_trampoline)
+ . = ALIGN(PAGE_SIZE);
++ VMLINUX_SYMBOL(__entry_trampoline_end) = .;
+ ASSERT(. - _entry_trampoline == PAGE_SIZE, "entry trampoline is too big");
+ #endif
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
