On Thu, Feb 28, 2019 at 08:01:11PM +0100, Peter Zijlstra wrote: > On Thu, Feb 28, 2019 at 10:29:25AM -0800, Linus Torvalds wrote: > > On Thu, Feb 28, 2019 at 10:02 AM Peter Zijlstra <pet...@infradead.org> > > wrote: > > > > > > Weird, that jump is from C, not from a .fixup table. objtool _should_ > > > see that and complain if there is a AC=1 path that reaches RET. > > > > No, unsafe_put_user() actually does the "asm goto" thing, so the jump > > is literally hidden as an exception entry. And apparently objtool > > doesn't follow exceptions (which *normally* doesn't matter for code > > liveness analysis since they normally jump back to right after the > > excepting instruction, but maybe it misses some exception handling > > code because of it?). > > > > You may have looked at unsafe_get_user(), which does indeed make the > > branch as C code, because gcc currently does not allow outputs from > > "asm goto" statements (which "get" obviously needs). > > Indeed I did. But it looks like objtool actually does parse .fixup. What > appears to go wrong is the 'visited' marker for backward jumps. > > If we've been there with AC=0 first, and then backjump with AC=1, things > go missing. > > I've also now confused myself on how it branches from alternatives. It > looks like it now considers paths that take the STAC alternative, and > exit through the NOP alternative (which should be CLAC) and then hit > RET with AC=1. > > I'll get this sorted, eventually..
Ha! Original file: CC drivers/gpu/drm/i915/i915_gem_execbuffer.o drivers/gpu/drm/i915/i915_gem_execbuffer.o: warning: objtool: .altinstr_replacement+0x3c: redundant UACCESS disable drivers/gpu/drm/i915/i915_gem_execbuffer.o: warning: objtool: .altinstr_replacement+0x66: redundant UACCESS disable With the dodgy patch: CC drivers/gpu/drm/i915/i915_gem_execbuffer.o drivers/gpu/drm/i915/i915_gem_execbuffer.o: warning: objtool: eb_relocate_slow()+0x1f9: call to kvfree() with UACCESS enabled drivers/gpu/drm/i915/i915_gem_execbuffer.o: warning: objtool: i915_gem_execbuffer2_ioctl()+0x315: call to kvfree() with UACCESS enabled Let me do an allmodconfig build to see how much pain is caused by that redundant CLAC warning.