search for: __x86_indirect_thunk

Quick response to a detail, I'll respond to more of this when i have more time. On Wed, Feb 7, 2018 at 1:55 PM David Woodhouse <dwmw2 at infradead.org> wrote: > OK... which __x86_indirect_thunk* symbols *are* being used by Clang in > 32-bit mode? __x86_indirect_thunk __x86_indirect_thunk_eax __x86_indirect_thunk_ecx __x86_indirect_thunk_edx > I've added __x86_indirect_thunk for 32-bit now, and if > that's *all* the Clang is using then I'll possibly switch GCC int...

...doesn't boot. Built without CONFIG_RETPOLINE and with Clang 5.0 > (and the above patch) it does. I'm rebuilding a Release build of > llvm/clang so that experimental kernel builds hopefully take less than > an hour, and will prod further in the morning. What is the intended ABI of __x86_indirect_thunk which I have been calling the "ret-equivalent" retpoline? I see this happening (I ♥ 'qemu -d in_asm')... ---------------- IN:  0xc136feea:  89 d8                    movl     %ebx, %eax 0xc136feec:  89 f2                    movl     %esi, %edx 0xc136feee:  8b 75 f0                ...

On Wed, 2018-02-07 at 22:00 +0000, Chandler Carruth wrote: > > On Wed, Feb 7, 2018 at 1:55 PM David Woodhouse <dwmw2 at infradead.org> > wrote: > > OK... which __x86_indirect_thunk* symbols *are* being used by Clang > > in > > 32-bit mode? > __x86_indirect_thunk > __x86_indirect_thunk_eax > __x86_indirect_thunk_ecx > __x86_indirect_thunk_edx Thanks. And you'll *never* do __x86_indirect_thunk (the ret-equivalent one) on 64-bit, right? -------------...

...0, David Woodhouse wrote: > > > Hm, please could we also have the %V asm constraint modifier? That > > > allows us to emit calls to the thunks from inline asm using the > > > register that the compiler chose for us: > > > > > >  asm volatile ("call __x86_indirect_thunk_%V[thunk_target]" : : > > > [thunk_target] "r" (the_function));  > > > > > > Other than that, I get the following errors with LLVM+Clang master, and > > > my tree at > > > http://git.infradead.org/users/dwmw2/linux-retpoline.git/shortlo...

...nvalid output size for > > > constraint '=q'" happens all over the place. Ultimately this means > > > that I can not really test a 32-bit build, though it would not build > > > anyway because it requires the following symbols > > > > > > U __x86_indirect_thunk_esp > > > U __x86_indirect_thunk > > > > The latter I can live with, as discussed, for 32-bit only. We don't > > care about CET compatibility there, so I'm OK to implement the bare > > ret-equivalent __x86_indirect_thunk. > > > > The former......

On Fri, 2018-02-09 at 01:18 +0000, David Woodhouse wrote: > > For now I'm just going to attempt to work around it like this in the > kernel, so I can concentrate on the retpoline bits: >  http://david.woodhou.se/clang-percpu-hack.patch 32-bit doesn't boot. Built without CONFIG_RETPOLINE and with Clang 5.0 (and the above patch) it does. I'm rebuilding a Release build of

..., 2018 at 10:49:25AM +0000, David Woodhouse wrote: > > Hm, please could we also have the %V asm constraint modifier? That > > allows us to emit calls to the thunks from inline asm using the > > register that the compiler chose for us: > > > >  asm volatile ("call __x86_indirect_thunk_%V[thunk_target]" : : > > [thunk_target] "r" (the_function));  > > > > Other than that, I get the following errors with LLVM+Clang master, and > > my tree at > > http://git.infradead.org/users/dwmw2/linux-retpoline.git/shortlog/refs/heads/ibpb > &g...

...gt; > > What name do we use for when the target address is pushed onto the > stack? What are the semantics? Is there a spec anywheere? > > LLVM only needs this on 32-bit x86, but we do kind of need an answer > before we update all of our branches with new names.... That would be __x86_indirect_thunk but the kernel doesn't use it. We use -mindirect-branch-register and only ever expect the compiler to use the register versions which are CET-compatible. However, in at least one case in the 32-bit kernel we do emit the old ret-equivalent retpoline inline, because there literally wasn't a s...

...without CONFIG_RETPOLINE and with Clang 5.0 > > (and the above patch) it does. I'm rebuilding a Release build of > > llvm/clang so that experimental kernel builds hopefully take less than > > an hour, and will prod further in the morning. > > What is the intended ABI of __x86_indirect_thunk which I have been > calling the "ret-equivalent" retpoline? I see this happening > (I ♥ 'qemu -d in_asm')... > > ---------------- > IN: > 0xc136feea: 89 d8 movl %ebx, %eax > 0xc136feec: 89 f2 movl %esi, %edx >...

On Wed, 2018-02-07 at 00:36 +0000, Chandler Carruth wrote: > > > > That would be __x86_indirect_thunk but the kernel doesn't use it. > > We use -mindirect-branch-register and only ever expect the compiler > > to use the register versions which are CET-compatible. > > > > However, in at least one case in the 32-bit kernel we do emit the > > old ret-equivalent retpo...

...18 at 4:56 PM Chandler Carruth <chandlerc at google.com> wrote: > On Tue, Feb 6, 2018 at 4:46 PM David Woodhouse <dwmw2 at infradead.org> > wrote: > >> On Wed, 2018-02-07 at 00:36 +0000, Chandler Carruth wrote: >> >> > > >> > > That would be __x86_indirect_thunk but the kernel doesn't use it. >> > > We use -mindirect-branch-register and only ever expect the compiler >> > > to use the register versions which are CET-compatible. >> > > >> > > However, in at least one case in the 32-bit kernel we do emit the...

...What name do we use for when the target address is pushed onto the stack? > What are the semantics? Is there a spec anywheere? > > LLVM only needs this on 32-bit x86, but we do kind of need an answer > before we update all of our branches with new names.... > > > That would be __x86_indirect_thunk but the kernel doesn't use it. We use > -mindirect-branch-register and only ever expect the compiler to use the > register versions which are CET-compatible. > > However, in at least one case in the 32-bit kernel we do emit the old > ret-equivalent retpoline inline, because there...

I haven't read the all the emails in full detail, but it seems pretty clear that __x86_indirect_thunk and __llvm_retpoline_push do not do the same things. It sounds like __llvm_retpoline_push is equivalent to __x86_indirect_thunk except first it swaps the two words on the top of the stack. I arranged it this way because the x86 call instruction puts the intended return address on the top of the st...

...reat. Alternatively, Guenter or > > someone else here can help. > > Hm, please could we also have the %V asm constraint modifier? That > allows us to emit calls to the thunks from inline asm using the > register that the compiler chose for us: > > asm volatile ("call __x86_indirect_thunk_%V[thunk_target]" : : > [thunk_target] "r" (the_function)); > > Other than that, I get the following errors with LLVM+Clang master, and > my tree at > http://git.infradead.org/users/dwmw2/linux-retpoline.git/shortlog/refs/heads/ibpb > I tried ToT clang with Li...

On Fri, 2018-02-09 at 11:24 -0800, Reid Kleckner wrote: > I haven't read the all the emails in full detail, but it seems pretty > clear that  __x86_indirect_thunk and __llvm_retpoline_push do not do > the same things. It sounds like __llvm_retpoline_push is equivalent > to __x86_indirect_thunk except first it swaps the two words on the > top of the stack. > > I arranged it this way because the x86 call instruction puts the > intended retur...

On Tue, Feb 6, 2018 at 4:46 PM David Woodhouse <dwmw2 at infradead.org> wrote: > On Wed, 2018-02-07 at 00:36 +0000, Chandler Carruth wrote: > > > > > > > That would be __x86_indirect_thunk but the kernel doesn't use it. > > > We use -mindirect-branch-register and only ever expect the compiler > > > to use the register versions which are CET-compatible. > > > > > > However, in at least one case in the 32-bit kernel we do emit the > > >...

...andlerc at google.com> > wrote: > >> On Tue, Feb 6, 2018 at 4:46 PM David Woodhouse <dwmw2 at infradead.org> >> wrote: >> >>> On Wed, 2018-02-07 at 00:36 +0000, Chandler Carruth wrote: >>> >>> > > >>> > > That would be __x86_indirect_thunk but the kernel doesn't use it. >>> > > We use -mindirect-branch-register and only ever expect the compiler >>> > > to use the register versions which are CET-compatible. >>> > > >>> > > However, in at least one case in the 32-bit kerne...

...up copying and pasting the retpoline thunk. So, looking at the retpoline version... gsi_base is in %edi, and gets spilled to the stack at about .Ltmp22 which is at line 412 right after the printk call: .Ltmp22: addl $12, %esp movl %edi, 12(%esp)          # 4-byte Spill At .Ltmp28 we then call __x86_indirect_thunk which *does* look like it's doing the right thing (and using the LLVM-emitted thunk instead of my own behaves the same; I don't think it's my copy-paste at fault). At .Ltmp29 we call bad_ioapic_register() and then when returns zero (it does) we je to .LBB0_10 aka .Ltmp34. At which poin...

On Fri, 2018-02-09 at 10:36 +0000, David Woodhouse wrote: > > Did you get anywhere with the function attribute? Having isolated the > next boot failure to "it goes away if I compile io_apic.c without > retpoline", bisecting it per-function would help to further delay the > bit where I actually have to start *thinking*... It's mp_register_ioapic(), and only when

...l command line used to compile io_apic_b.i? On Fri, Feb 9, 2018 at 11:38 AM, David Woodhouse <dwmw2 at infradead.org> wrote: > On Fri, 2018-02-09 at 11:24 -0800, Reid Kleckner wrote: > > I haven't read the all the emails in full detail, but it seems pretty > > clear that __x86_indirect_thunk and __llvm_retpoline_push do not do > > the same things. It sounds like __llvm_retpoline_push is equivalent > > to __x86_indirect_thunk except first it swaps the two words on the > > top of the stack. > > > > I arranged it this way because the x86 call instruction puts...