linux/kernel/trace
Linus Torvalds 7001052160 Add support for Intel CET-IBT, available since Tigerlake (11th gen), which is a
coarse grained, hardware based, forward edge Control-Flow-Integrity mechanism
 where any indirect CALL/JMP must target an ENDBR instruction or suffer #CP.
 
 Additionally, since Alderlake (12th gen)/Sapphire-Rapids, speculation is
 limited to 2 instructions (and typically fewer) on branch targets not starting
 with ENDBR. CET-IBT also limits speculation of the next sequential instruction
 after the indirect CALL/JMP [1].
 
 CET-IBT is fundamentally incompatible with retpolines, but provides, as
 described above, speculation limits itself.
 
 [1] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html
 -----BEGIN PGP SIGNATURE-----
 
 iQJJBAABCgAzFiEEv3OU3/byMaA0LqWJdkfhpEvA5LoFAmI/LI8VHHBldGVyekBp
 bmZyYWRlYWQub3JnAAoJEHZH4aRLwOS6ZnkP/2QCgQLTu6oRxv9O020CHwlaSEeD
 1Hoy3loum5q5hAi1Ik3dR9p0H5u64c9qbrBVxaFoNKaLt5GKrtHaDSHNk2L/CFHX
 urpH65uvTLxbyZzcahkAahoJ71XU+m7PcrHLWMunw9sy10rExYVsUOlFyoyG6XCF
 BDCNZpdkC09ZM3vwlWGMZd5Pp+6HcZNPyoV9tpvWAS2l+WYFWAID7mflbpQ+tA8b
 y/hM6b3Ud0rT2ubuG1iUpopgNdwqQZ+HisMPGprh+wKZkYwS2l8pUTrz0MaBkFde
 go7fW16kFy2HQzGm6aIEBmfcg0palP/mFVaWP0zS62LwhJSWTn5G6xWBr3yxSsht
 9gWCiI0oDZuTg698MedWmomdG2SK6yAuZuqmdKtLLoWfWgviPEi7TDFG/cKtZdAW
 ag8GM8T4iyYZzpCEcWO9GWbjo6TTGq30JBQefCBG47GjD0csv2ubXXx0Iey+jOwT
 x3E8wnv9dl8V9FSd/tMpTFmje8ges23yGrWtNpb5BRBuWTeuGiBPZED2BNyyIf+T
 dmewi2ufNMONgyNp27bDKopY81CPAQq9cVxqNm9Cg3eWPFnpOq2KGYEvisZ/rpEL
 EjMQeUBsy/C3AUFAleu1vwNnkwP/7JfKYpN00gnSyeQNZpqwxXBCKnHNgOMTXyJz
 beB/7u2KIUbKEkSN
 =jZfK
 -----END PGP SIGNATURE-----

Merge tag 'x86_core_for_5.18_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 CET-IBT (Control-Flow-Integrity) support from Peter Zijlstra:
 "Add support for Intel CET-IBT, available since Tigerlake (11th gen),
  which is a coarse grained, hardware based, forward edge
  Control-Flow-Integrity mechanism where any indirect CALL/JMP must
  target an ENDBR instruction or suffer #CP.

  Additionally, since Alderlake (12th gen)/Sapphire-Rapids, speculation
  is limited to 2 instructions (and typically fewer) on branch targets
  not starting with ENDBR. CET-IBT also limits speculation of the next
  sequential instruction after the indirect CALL/JMP [1].

  CET-IBT is fundamentally incompatible with retpolines, but provides,
  as described above, speculation limits itself"

[1] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html

* tag 'x86_core_for_5.18_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (53 commits)
  kvm/emulate: Fix SETcc emulation for ENDBR
  x86/Kconfig: Only allow CONFIG_X86_KERNEL_IBT with ld.lld >= 14.0.0
  x86/Kconfig: Only enable CONFIG_CC_HAS_IBT for clang >= 14.0.0
  kbuild: Fixup the IBT kbuild changes
  x86/Kconfig: Do not allow CONFIG_X86_X32_ABI=y with llvm-objcopy
  x86: Remove toolchain check for X32 ABI capability
  x86/alternative: Use .ibt_endbr_seal to seal indirect calls
  objtool: Find unused ENDBR instructions
  objtool: Validate IBT assumptions
  objtool: Add IBT/ENDBR decoding
  objtool: Read the NOENDBR annotation
  x86: Annotate idtentry_df()
  x86,objtool: Move the ASM_REACHABLE annotation to objtool.h
  x86: Annotate call_on_stack()
  objtool: Rework ASM_REACHABLE
  x86: Mark __invalid_creds() __noreturn
  exit: Mark do_group_exit() __noreturn
  x86: Mark stop_this_cpu() __noreturn
  objtool: Ignore extra-symbol code
  objtool: Rename --duplicate to --lto
  ...
2022-03-27 10:17:23 -07:00
..
blktrace.c SCSI misc on 20220324 2022-03-24 19:37:53 -07:00
bpf_trace.c Networking changes for 5.18. 2022-03-24 13:13:26 -07:00
bpf_trace.h
error_report-traces.c
fgraph.c sched/tracing: Don't re-read p->state when emitting sched_switch event 2022-03-01 16:18:39 +01:00
fprobe.c fprobe: Introduce FPROBE_FL_KPROBE_SHARED flag for fprobe 2022-03-17 20:17:02 -07:00
ftrace_internal.h
ftrace.c Add support for Intel CET-IBT, available since Tigerlake (11th gen), which is a 2022-03-27 10:17:23 -07:00
Kconfig Networking changes for 5.18. 2022-03-24 13:13:26 -07:00
kprobe_event_gen_test.c
Makefile Networking changes for 5.18. 2022-03-24 13:13:26 -07:00
pid_list.c tracing: Initialize upper and lower vars in pid_list_refill_irq() 2021-10-07 09:56:38 -04:00
pid_list.h tracing: Create a sparse bitmask for pid filtering 2021-10-05 17:38:45 -04:00
power-traces.c
preemptirq_delay_test.c
rethook.c rethook: Add a generic return hook 2022-03-17 20:16:29 -07:00
ring_buffer_benchmark.c
ring_buffer.c ring-buffer: make use of the helper function kthread_run_on_cpu() 2022-01-15 16:30:23 +02:00
rpm-traces.c
synth_event_gen_test.c
trace_benchmark.c
trace_benchmark.h
trace_boot.c tracing: Fix missing trace_boot_init_histograms kstrdup NULL checks 2021-10-26 09:18:10 -04:00
trace_branch.c
trace_clock.c
trace_dynevent.c tracing: Disable "other" permission bits in the tracefs files 2021-10-08 18:08:43 -04:00
trace_dynevent.h tracing: Add DYNAMIC flag for dynamic events 2021-08-18 18:10:32 -04:00
trace_entries.h
trace_eprobe.c eprobes: Remove redundant event type information 2022-02-25 12:07:01 -05:00
trace_event_perf.c tracing: Show size of requested perf buffer 2021-10-27 12:25:09 -04:00
trace_events_filter_test.h
trace_events_filter.c tracing: Add ustring operation to filtering string pointers 2022-01-14 03:42:24 -05:00
trace_events_hist.c Tracing updates for 5.18: 2022-03-23 11:40:25 -07:00
trace_events_inject.c tracing: Support __rel_loc relative dynamic data location attribute 2021-12-06 15:37:21 -05:00
trace_events_synth.c tracing: Fix strncpy warning in trace_events_synth.c 2022-03-11 11:49:24 -05:00
trace_events_trigger.c tracing: Uninline trace_trigger_soft_disabled() partly 2022-02-25 12:07:01 -05:00
trace_events_user.c user_events: Add trace event call as root for low permission cases 2022-03-15 14:33:20 -04:00
trace_events.c Tracing updates for 5.18: 2022-03-23 11:40:25 -07:00
trace_export.c
trace_functions_graph.c tracing: in_irq() cleanup 2021-10-13 18:19:41 -04:00
trace_functions.c ftrace: disable preemption when recursion locked 2021-10-27 11:21:49 -04:00
trace_hwlat.c trace/hwlat: make use of the helper function kthread_run_on_cpu() 2022-01-15 16:30:24 +02:00
trace_irqsoff.c
trace_kdb.c
trace_kprobe_selftest.c
trace_kprobe_selftest.h
trace_kprobe.c tracing: Fix return value of __setup handlers 2022-03-04 13:46:13 -05:00
trace_mmiotrace.c
trace_nop.c
trace_osnoise.c Linux 5.17-rc8 2022-03-15 10:28:12 +01:00
trace_output.c tracing: Account bottom half disabled sections. 2022-01-13 16:23:04 -05:00
trace_output.h
trace_preemptirq.c
trace_printk.c tracing: Disable "other" permission bits in the tracefs files 2021-10-08 18:08:43 -04:00
trace_probe_tmpl.h tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs 2021-08-19 09:09:03 -04:00
trace_probe.c eprobes: Remove redundant event type information 2022-02-25 12:07:01 -05:00
trace_probe.h eprobes: Remove redundant event type information 2022-02-25 12:07:01 -05:00
trace_recursion_record.c tracing: Disable "other" permission bits in the tracefs files 2021-10-08 18:08:43 -04:00
trace_sched_switch.c Tracing updates for 5.18: 2022-03-23 11:40:25 -07:00
trace_sched_wakeup.c sched/tracing: Don't re-read p->state when emitting sched_switch event 2022-03-01 16:18:39 +01:00
trace_selftest_dynamic.c
trace_selftest.c tracing: Fix selftest config check for function graph start up test 2022-02-25 21:05:29 -05:00
trace_seq.c
trace_stack.c tracing: Disable "other" permission bits in the tracefs files 2021-10-08 18:08:43 -04:00
trace_stat.c tracing: Disable "other" permission bits in the tracefs files 2021-10-08 18:08:43 -04:00
trace_stat.h
trace_synth.h tracing: synth events: increase max fields count 2021-09-08 15:29:16 -04:00
trace_syscalls.c tracing: Have syscall trace events use trace_event_buffer_lock_reserve() 2022-01-13 16:23:05 -05:00
trace_uprobe.c Tracing updates for 5.17: 2022-01-16 10:15:32 +02:00
trace.c Trace event fix of string verifier 2022-03-26 14:54:41 -07:00
trace.h Tracing updates for 5.18: 2022-03-23 11:40:25 -07:00
tracing_map.c tracing: Fix a kmemleak false positive in tracing_map 2021-12-01 21:04:34 -05:00
tracing_map.h