On 11.11.2020 15:19, Roger Pau Monné wrote:
> On Wed, Nov 11, 2020 at 02:33:34PM +0100, Jan Beulich wrote:
>> On 11.11.2020 12:15, Roger Pau Monné wrote:
>>> On Fri, Oct 23, 2020 at 10:38:04AM +0200, Jan Beulich wrote:
>>>> Under certain conditions CPUs can speculate into the instruction stream
>>>> past a RET instruction. Guard against this just like 3b7dab93f240
>>>> ("x86/spec-ctrl: Protect against CALL/JMP straight-line speculation")
>>>> did - by inserting an "INT $3" insn. It's merely the mechanics of how to
>>>> achieve this that differ: A set of macros gets introduced to post-
>>>> process RET insns issued by the compiler (or living in assembly files).
>>>>
>>>> Unfortunately for clang this requires further features their built-in
>>>> assembler doesn't support: We need to be able to override insn mnemonics
>>>> produced by the compiler (which may be impossible, if internally
>>>> assembly mnemonics never get generated), and we want to use \(text)
>>>> escaping / quoting in the auxiliary macro.
>>>>
>>>> Signed-off-by: Jan Beulich <jbeul...@suse.com>
>>>> Acked-by: Roger Pau Monné <roger....@citrix.com>
>>>> ---
>>>> TBD: Would be nice to avoid the additions in .init.text, but a query to
>>>> the binutils folks regarding the ability to identify the section
>>>> stuff is in (by Peter Zijlstra over a year ago:
>>>> https://sourceware.org/pipermail/binutils/2019-July/107528.html)
>>>> has been left without helpful replies.
>>>> ---
>>>> v3: Use .byte 0xc[23] instead of the nested macros.
>>>> v2: Fix build with newer clang. Use int3 mnemonic. Also override retq.
>>>>
>>>> --- a/xen/Makefile
>>>> +++ b/xen/Makefile
>>>> @@ -145,7 +145,15 @@ t2 = $(call as-insn,$(CC) -I$(BASEDIR)/i
>>>> # https://bugs.llvm.org/show_bug.cgi?id=36110
>>>> t3 = $(call as-insn,$(CC),".macro FOO;.endm"$(close); asm volatile
>>>> $(open)".macro FOO;.endm",-no-integrated-as)
>>>>
>>>> -CLANG_FLAGS += $(call or,$(t1),$(t2),$(t3))
>>>> +# Check whether \(text) escaping in macro bodies is supported.
>>>> +t4 = $(call as-insn,$(CC),".macro m ret:req; \\(ret) $$\\ret; .endm; m
>>>> 8",,-no-integrated-as)
>>>> +
>>>> +# Check whether macros can override insn mnemonics in inline assembly.
>>>> +t5 = $(call as-insn,$(CC),".macro ret; .error; .endm; .macro retq;
>>>> .error; .endm",-no-integrated-as)
>>>
>>> I was going over this to post a bug report to LLVM, but it seems like
>>> gcc also doesn't overwrite ret when using the above snippet:
>>>
>>> https://godbolt.org/z/oqsPTv
>>
>> I can't see what's different from
>>
>> void test(void) {
>> asm volatile (".macro ret; .error; .endm; .macro retq; .error; .endm");
>> }
>>
>> but this one produces "Error: .error directive invoked in source file"
>> for me with both old and new gcc.
>
> You are right, I think godbolt is somehow busted?
Or maybe they really only compile to assembly, while the error results
from the assembler?
Jan
