File 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch of Package xen.8005
# Commit 3659f0f4bcc6ca08103d1a7ae4e97535ecc978be
# Date 2018-01-16 17:45:50 +0000
# Author Andrew Cooper <andrew.cooper3@citrix.com>
# Committer Andrew Cooper <andrew.cooper3@citrix.com>
x86: Support compiling with indirect branch thunks
Use -mindirect-branch=thunk-extern/-mindirect-branch-register when available.
To begin with, use the retpoline thunk. Later work will add alternative
thunks which can be selected at boot time.
This is part of XSA-254.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/Makefile
+++ b/xen/arch/x86/Makefile
@@ -28,6 +28,7 @@ obj-y += i387.o
obj-y += i8259.o
obj-y += io_apic.o
obj-y += msi.o
+obj-$(CONFIG_INDIRECT_THUNK) += indirect-thunk.o
obj-y += ioport_emulate.o
obj-y += irq.o
obj-y += microcode_amd.o
--- a/xen/arch/x86/Rules.mk
+++ b/xen/arch/x86/Rules.mk
@@ -47,3 +47,10 @@ CFLAGS += -fno-asynchronous-unwind-table
ifneq ($(call cc-option,$(CC),-fvisibility=hidden,n),n)
CFLAGS += -DGCC_HAS_VISIBILITY_ATTRIBUTE
endif
+
+# Compile with thunk-extern, indirect-branch-register if avaiable.
+ifneq ($(call cc-option,$(CC),-mindirect-branch-register,n),n)
+CFLAGS += -mindirect-branch=thunk-extern -mindirect-branch-register
+CFLAGS += -DCONFIG_INDIRECT_THUNK
+export CONFIG_INDIRECT_THUNK=y
+endif
--- /dev/null
+++ b/xen/arch/x86/indirect-thunk.S
@@ -0,0 +1,38 @@
+/*
+ * Implement __x86_indirect_thunk_* symbols for use with compatbile compilers
+ * and the -mindirect-branch=thunk-extern -mindirect-branch-register options.
+ *
+ * Copyright (c) 2017-2018 Citrix Systems Ltd.
+ *
+ * This source code is licensed under the GNU General Public License,
+ * Version 2. See the file COPYING for more details.
+ */
+ .file __FILE__
+
+#include <asm/asm_defns.h>
+
+.macro IND_THUNK_RETPOLINE reg:req
+ call 2f
+1:
+ lfence
+ jmp 1b
+2:
+ mov %\reg, (%rsp)
+ ret
+.endm
+
+/*
+ * Build the __x86_indirect_thunk_* symbols. Currently implement the
+ * retpoline thunk only.
+ */
+.macro GEN_INDIRECT_THUNK reg:req
+ .section .text.__x86_indirect_thunk_\reg, "ax", @progbits
+
+ENTRY(__x86_indirect_thunk_\reg)
+ IND_THUNK_RETPOLINE \reg
+.endm
+
+/* Instantiate GEN_INDIRECT_THUNK for each register except %rsp. */
+.irp reg, ax, cx, dx, bx, bp, si, di, 8, 9, 10, 11, 12, 13, 14, 15
+ GEN_INDIRECT_THUNK reg=r\reg
+.endr
--- a/xen/arch/x86/xen.lds.S
+++ b/xen/arch/x86/xen.lds.S
@@ -43,6 +43,7 @@ SECTIONS
.text : {
_stext = .; /* Text and read-only data */
*(.text)
+ *(.text.__x86_indirect_thunk_*)
*(.text.cold)
*(.text.unlikely)
*(.fixup)
