On Sun, Jan 07, 2018 at 10:11:16PM +0000, David Woodhouse wrote:
> +#ifdef __ASSEMBLY__
> +
> +/*
> + * These are the bare retpoline primitives for indirect jmp and call.
> + * Do not use these directly; they only exist to make the ALTERNATIVE
> + * invocation below less ugly.
> + */
> +.macro RETPOLINE_JMP reg:req
> + call 1112f
> +1111: pause
> + jmp 1111b
> +1112: mov \reg, (%_ASM_SP)
> + ret
> +.endm
Should this not use local name labels instead?
.macro RETPOLINE_JMP reg:req
call .Ldo_rop_\@
.Lspec_trap_\@:
pause
jmp .Lspec_trap_\@
.Ldo_rop_\@:
mov \reg, (%_ASM_SP)
ret
.endm
And I suppose it might be nice to put a little comment with them
explaining how they work.
> +/*
> + * For i386 we use the original ret-equivalent retpoline, because
> + * otherwise we'll run out of registers. We don't care about CET
> + * here, anyway.
> + */
> +# define NOSPEC_CALL ALTERNATIVE( \
> + "call *%[thunk_target]\n", \
> + " jmp 1113f; " \
> + "1110: call 1112f; " \
> + "1111: pause; " \
> + " jmp 1111b; " \
> + "1112: addl $4, %%esp; " \
> + " pushl %[thunk_target]; " \
> + " ret; " \
> + "1113: call 1110b;\n", \
> + X86_FEATURE_RETPOLINE)
Ideally this would too, just not sure that works in inline asm.
