x86/ibt, objtool: Add IBT_NOSEAL()
authorJosh Poimboeuf <jpoimboe@kernel.org>
Thu, 18 Aug 2022 21:39:27 +0000 (14:39 -0700)
committerPaolo Bonzini <pbonzini@redhat.com>
Fri, 19 Aug 2022 08:05:42 +0000 (04:05 -0400)
Add a macro which prevents a function from getting sealed if there are
no compile-time references to it.

Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Message-Id: <20220818213927.e44fmxkoq4yj6ybn@treble>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
arch/x86/include/asm/ibt.h
tools/objtool/check.c

index 689880eca9bab4eb79d2b414047ca501ce16458f..9b08082a5d9f564bf3a765e9e52b2b4db9866de5 100644 (file)
 
 #define __noendbr      __attribute__((nocf_check))
 
+/*
+ * Create a dummy function pointer reference to prevent objtool from marking
+ * the function as needing to be "sealed" (i.e. ENDBR converted to NOP by
+ * apply_ibt_endbr()).
+ */
+#define IBT_NOSEAL(fname)                              \
+       ".pushsection .discard.ibt_endbr_noseal\n\t"    \
+       _ASM_PTR fname "\n\t"                           \
+       ".popsection\n\t"
+
 static inline __attribute_const__ u32 gen_endbr(void)
 {
        u32 endbr;
@@ -84,6 +94,7 @@ extern __noendbr void ibt_restore(u64 save);
 #ifndef __ASSEMBLY__
 
 #define ASM_ENDBR
+#define IBT_NOSEAL(name)
 
 #define __noendbr
 
index 0cec74da7ffea42da25d5423207995e1a0579ad0..91678252a9b6740b2463181bd8094d796f38bcb0 100644 (file)
@@ -4096,7 +4096,8 @@ static int validate_ibt(struct objtool_file *file)
                 * These sections can reference text addresses, but not with
                 * the intent to indirect branch to them.
                 */
-               if (!strncmp(sec->name, ".discard", 8)                  ||
+               if ((!strncmp(sec->name, ".discard", 8) &&
+                    strcmp(sec->name, ".discard.ibt_endbr_noseal"))    ||
                    !strncmp(sec->name, ".debug", 6)                    ||
                    !strcmp(sec->name, ".altinstructions")              ||
                    !strcmp(sec->name, ".ibt_endbr_seal")               ||