Re: Patch "drm/vmwgfx: Add unwind hints around RBP clobber" has been added to the 6.4-stable tree
From: Greg KH
Date: Sun Jul 09 2023 - 05:27:00 EST
On Sun, Jul 09, 2023 at 01:03:10AM -0400, Sasha Levin wrote:
> This is a note to let you know that I've just added the patch titled
>
> drm/vmwgfx: Add unwind hints around RBP clobber
>
> to the 6.4-stable tree which can be found at:
> http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
>
> The filename of the patch is:
> drm-vmwgfx-add-unwind-hints-around-rbp-clobber.patch
> and it can be found in the queue-6.4 subdirectory.
>
> If you, or anyone else, feels it should not be added to the stable tree,
> please let <stable@xxxxxxxxxxxxxxx> know about it.
>
>
>
> commit aeb6b7c6b6ef84ab496189cdbc698426092aa46c
> Author: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> Date: Mon Jun 5 09:12:22 2023 -0700
>
> drm/vmwgfx: Add unwind hints around RBP clobber
>
> [ Upstream commit a9da8247627eefc73f909bf945031a5431a53993 ]
>
> VMware high-bandwidth hypercalls take the RBP register as input. This
> breaks basic frame pointer convention, as RBP should never be clobbered.
>
> So frame pointer unwinding is broken for the instructions surrounding
> the hypercalls. Fortunately this doesn't break live patching with
> CONFIG_FRAME_POINTER, as it only unwinds from blocking tasks, and stack
> traces from preempted tasks are already marked unreliable anyway.
>
> However, for live patching with ORC, this could actually be a
> theoretical problem if vmw_port_hb_{in,out}() were still compiled with a
> frame pointer due to having an aligned stack. In practice that hasn't
> seemed to be an issue since the objtool warnings have only been seen
> with CONFIG_FRAME_POINTER.
>
> Add unwind hint annotations to tell the ORC unwinder to mark stack
> traces as unreliable.
>
> Fixes the following warnings:
>
> vmlinux.o: warning: objtool: vmw_port_hb_in+0x1df: return with modified stack frame
> vmlinux.o: warning: objtool: vmw_port_hb_out+0x1dd: return with modified stack frame
>
> Fixes: 89da76fde68d ("drm/vmwgfx: Add VMWare host messaging capability")
> Reported-by: kernel test robot <lkp@xxxxxxxxx>
> Link: https://lore.kernel.org/oe-kbuild-all/202305160135.97q0Elax-lkp@xxxxxxxxx/
> Link: https://lore.kernel.org/r/4c795f2d87bc0391cf6543bcb224fa540b55ce4b.1685981486.git.jpoimboe@xxxxxxxxxx
> Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
>
> diff --git a/arch/x86/include/asm/unwind_hints.h b/arch/x86/include/asm/unwind_hints.h
> index 01cb9692b160a..85cc57cb65392 100644
> --- a/arch/x86/include/asm/unwind_hints.h
> +++ b/arch/x86/include/asm/unwind_hints.h
> @@ -76,9 +76,18 @@
>
> #else
>
> +#define UNWIND_HINT_UNDEFINED \
> + UNWIND_HINT(UNWIND_HINT_TYPE_UNDEFINED, 0, 0, 0)
> +
> #define UNWIND_HINT_FUNC \
> UNWIND_HINT(UNWIND_HINT_TYPE_FUNC, ORC_REG_SP, 8, 0)
>
> +#define UNWIND_HINT_SAVE \
> + UNWIND_HINT(UNWIND_HINT_TYPE_SAVE, 0, 0, 0)
> +
> +#define UNWIND_HINT_RESTORE \
> + UNWIND_HINT(UNWIND_HINT_TYPE_RESTORE, 0, 0, 0)
> +
> #endif /* __ASSEMBLY__ */
>
> #endif /* _ASM_X86_UNWIND_HINTS_H */
> diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_msg_x86.h b/drivers/gpu/drm/vmwgfx/vmwgfx_msg_x86.h
> index 0b74ca2dfb7bd..23899d743a903 100644
> --- a/drivers/gpu/drm/vmwgfx/vmwgfx_msg_x86.h
> +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_msg_x86.h
> @@ -105,10 +105,14 @@
> flags, magic, bp, \
> eax, ebx, ecx, edx, si, di) \
> ({ \
> - asm volatile ("push %%rbp;" \
> + asm volatile ( \
> + UNWIND_HINT_SAVE \
> + "push %%rbp;" \
> + UNWIND_HINT_UNDEFINED \
> "mov %12, %%rbp;" \
> VMWARE_HYPERCALL_HB_OUT \
> - "pop %%rbp;" : \
> + "pop %%rbp;" \
> + UNWIND_HINT_RESTORE : \
> "=a"(eax), \
> "=b"(ebx), \
> "=c"(ecx), \
> @@ -130,10 +134,14 @@
> flags, magic, bp, \
> eax, ebx, ecx, edx, si, di) \
> ({ \
> - asm volatile ("push %%rbp;" \
> + asm volatile ( \
> + UNWIND_HINT_SAVE \
> + "push %%rbp;" \
> + UNWIND_HINT_UNDEFINED \
> "mov %12, %%rbp;" \
> VMWARE_HYPERCALL_HB_IN \
> - "pop %%rbp" : \
> + "pop %%rbp;" \
> + UNWIND_HINT_RESTORE : \
> "=a"(eax), \
> "=b"(ebx), \
> "=c"(ecx), \
This adds build warnings to the build, so I am going to drop this one
for now, sorry.
greg k-h