On Wed, Jul 1, 2026 at 1:31 AM Peter Zijlstra <[email protected]> wrote: > > On Wed, Jul 01, 2026 at 12:58:12AM -0700, H. Peter Anvin wrote: > > On July 1, 2026 12:48:34 AM PDT, Peter Zijlstra <[email protected]> > > wrote: > > >On Wed, Jul 01, 2026 at 09:27:47AM +0200, Peter Zijlstra wrote: > > >> On Mon, Jun 29, 2026 at 03:29:50PM -0700, Dave Hansen wrote: > > >> > > >> > But, really, if ENTER is so evil and nobody uses it, shouldn't we just > > >> > have an MSR bit somewhere to tell the CPU to #UD for it rather than > > >> > playing these stack games? > > >> > > >> For supervisor mode only, I suppose. We can't ever get rid of userspace > > >> ENTER because legacy I suppose. But we can make sure the kernel is > > >> clean. > > >> > > >> So yeah, having a knob to make supervisor-ENTER trap would be useful I > > >> suppose. > > > > > >x86_64-defconfig builds clean with the below :-) > > > > > > > > >diff --git a/tools/objtool/arch/x86/decode.c > > >b/tools/objtool/arch/x86/decode.c > > >index 1b387d5a195b..9e53db863203 100644 > > >--- a/tools/objtool/arch/x86/decode.c > > >+++ b/tools/objtool/arch/x86/decode.c > > >@@ -642,6 +642,10 @@ int arch_decode_instruction(struct objtool_file > > >*file, const struct section *sec > > > > > > break; > > > > > >+ case 0xc8: > > >+ WARN("ENTER instruction at %s:%lx", sec->name, offset); > > >+ break; > > >+ > > > case 0xc9: > > > /* > > > * leave > > > > The problem is that it being a single byte long it can appear in the middle > > of another instruction. > > I understand; this was in response to Dave's suggestion to make > (supervisor) ENTER #UD, in which case we'd have to ensure no legit > ENTERs exist.
Peter's explanation is correct: this technique makes CFH->ACE easier. I think both ways can mitigate it, but I would like to hear your (maintainers') idea of which one we should proceed: 1. supervisor-ENTER-#UD + Peter's objtool check. Cleanest for ENTER, but it needs a new bit from Intel/AMD, so future CPUs only. 2. Kill the landing zone with a 0x11-page guard area. Thanks, Xiang

