x86: Kernel IBT

From:		Peter Zijlstra <peterz-AT-infradead.org>
To:		x86-AT-kernel.org, joao-AT-overdrivepizza.com, hjl.tools-AT-gmail.com, jpoimboe-AT-redhat.com, andrew.cooper3-AT-citrix.com
Subject:		[PATCH v3 00/39] x86: Kernel IBT
Date:		Thu, 03 Mar 2022 12:23:21 +0100
Message-ID:		<20220303112321.422525803@infradead.org>
Cc:		linux-kernel-AT-vger.kernel.org, peterz-AT-infradead.org, ndesaulniers-AT-google.com, keescook-AT-chromium.org, samitolvanen-AT-google.com, mark.rutland-AT-arm.com, alyssa.milburn-AT-intel.com, mbenes-AT-suse.cz, rostedt-AT-goodmis.org, mhiramat-AT-kernel.org, alexei.starovoitov-AT-gmail.com
Archive-link:		Article

Hi, another week, another series.

Since last time:

 - fixed and tested kexec (redgecomb)
 - s/4*HAS_KERNEL_IBT/ENDBR_INSN_SIZE/ (jpoimboe)
 - re-arranged Xen patches to avoid churn (andyhpp)
 - folded IBT_SEAL Kconfig and objtool options (jpoimboe)
 - dropped direct call/jmp rewrite from objtool (jpoimboe)
 - dropped UD1 poison (jpoimboe)
 - fixed kprobe selftests (masami,naveen)
 - fixed ftrace selftests (rostedt)
 - simplified CET/INT3 selftests (jpoimboe)
 - boot time msg on IBT (kees)
 - objtool WARN_FUNC sym+off fallback (jpoimboe)
 - picked up tags for unchanged patches
 - probably more

Supposedly clang-14-rc2 will work on this series, I'll validate the moment the
Debian package gets updated.

Patches go on top of tip/master + arm64/for-next/linkage. Also available here:

  git://git.kernel.org/pub/scm/linux/kernel/git/peterz/queue.git x86/wip.ibt

Enjoy!

---
 arch/powerpc/include/asm/livepatch.h        |  10 -
 arch/powerpc/kernel/kprobes.c               |  34 +--
 arch/um/kernel/um_arch.c                    |   4 +
 arch/x86/Kconfig                            |  27 +++
 arch/x86/Makefile                           |   7 +-
 arch/x86/crypto/crc32c-pcl-intel-asm_64.S   |   3 +
 arch/x86/entry/entry_64.S                   |  27 ++-
 arch/x86/entry/entry_64_compat.S            |   5 +
 arch/x86/include/asm/alternative.h          |   1 +
 arch/x86/include/asm/cpu.h                  |   4 +
 arch/x86/include/asm/cpufeatures.h          |   1 +
 arch/x86/include/asm/efi.h                  |   9 +-
 arch/x86/include/asm/ibt.h                  |  92 ++++++++
 arch/x86/include/asm/idtentry.h             |  25 +-
 arch/x86/include/asm/irqflags.h             |   5 -
 arch/x86/include/asm/linkage.h              |  39 ++++
 arch/x86/include/asm/msr-index.h            |  20 +-
 arch/x86/include/asm/paravirt.h             |   1 +
 arch/x86/include/asm/paravirt_types.h       |   1 -
 arch/x86/include/asm/qspinlock_paravirt.h   |   3 +
 arch/x86/include/asm/segment.h              |   5 +-
 arch/x86/include/asm/setup.h                |   3 +-
 arch/x86/include/asm/text-patching.h        |  30 ++-
 arch/x86/include/asm/traps.h                |   2 +
 arch/x86/include/uapi/asm/processor-flags.h |   2 +
 arch/x86/kernel/alternative.c               |  57 ++++-
 arch/x86/kernel/apm_32.c                    |   7 +
 arch/x86/kernel/cpu/bugs.c                  |  13 ++
 arch/x86/kernel/cpu/common.c                |  59 ++++-
 arch/x86/kernel/ftrace.c                    |   9 +-
 arch/x86/kernel/ftrace_64.S                 |  23 +-
 arch/x86/kernel/head_64.S                   |  14 +-
 arch/x86/kernel/idt.c                       |   9 +-
 arch/x86/kernel/kprobes/core.c              |  29 ++-
 arch/x86/kernel/kvm.c                       |   3 +-
 arch/x86/kernel/machine_kexec_64.c          |   2 +
 arch/x86/kernel/module.c                    |  21 +-
 arch/x86/kernel/paravirt.c                  |  29 +--
 arch/x86/kernel/relocate_kernel_64.S        |  10 +
 arch/x86/kernel/traps.c                     |  61 +++++
 arch/x86/kernel/vmlinux.lds.S               |   9 +
 arch/x86/kvm/emulate.c                      |   6 +-
 arch/x86/lib/error-inject.c                 |   2 +
 arch/x86/lib/retpoline.S                    |   1 +
 arch/x86/net/bpf_jit_comp.c                 |  16 +-
 arch/x86/xen/enlighten_pv.c                 |  10 +-
 arch/x86/xen/xen-asm.S                      |  10 +
 arch/x86/xen/xen-head.S                     |   8 +-
 include/asm-generic/vmlinux.lds.h           |   4 +
 include/linux/cfi.h                         |  11 +-
 include/linux/kprobes.h                     |   3 +-
 include/linux/objtool.h                     |  16 ++
 kernel/bpf/trampoline.c                     |  20 +-
 kernel/kprobes.c                            |  66 ++++--
 kernel/livepatch/patch.c                    |  19 +-
 kernel/trace/ftrace.c                       |  34 ++-
 samples/ftrace/ftrace-direct-modify.c       |   5 +
 samples/ftrace/ftrace-direct-multi-modify.c |  10 +-
 samples/ftrace/ftrace-direct-multi.c        |   5 +-
 samples/ftrace/ftrace-direct-too.c          |   3 +
 samples/ftrace/ftrace-direct.c              |   3 +
 scripts/Makefile.build                      |  44 +---
 scripts/Makefile.lib                        |  56 +++++
 scripts/Makefile.modfinal                   |   1 +
 scripts/link-vmlinux.sh                     |  12 +-
 tools/objtool/arch/x86/decode.c             |  34 ++-
 tools/objtool/builtin-check.c               |   8 +-
 tools/objtool/check.c                       | 346 +++++++++++++++++++++++++++-
 tools/objtool/elf.c                         |   3 +
 tools/objtool/include/objtool/arch.h        |   1 +
 tools/objtool/include/objtool/builtin.h     |   3 +-
 tools/objtool/include/objtool/check.h       |  14 +-
 tools/objtool/include/objtool/objtool.h     |   4 +
 tools/objtool/include/objtool/warn.h        |   2 +
 tools/objtool/objtool.c                     |   1 +
 75 files changed, 1254 insertions(+), 242 deletions(-)