From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web10.31889.1679914904893707799 for ; Mon, 27 Mar 2023 04:01:44 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=QnjPJIx6; spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 69B14611B0; Mon, 27 Mar 2023 11:01:44 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 506E7C4339E; Mon, 27 Mar 2023 11:01:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1679914903; bh=IzqaEeuB1UQWZJ91jnb6SBjUJnle3dli8BvkQ6S+V/A=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QnjPJIx6K4FhsPtSPPlJLAgpfmMYdA2mLws9NqojZv742Ris8SuvcEGCU5ayrKlQr zOQHuRgCASkEa6XTUT8eKOE6dh1c5p0wFBfSReTPcA9239PFghbUufO2YPMTZo+l1G p0V4MyOxoSNvOCXLIs/3ccXIIkvactW7FpFCmDDUw3coA3aGyel7QEuhkt08KRypO4 EY0zS0mJAMJx//Gy/6x59FZGlV/rlFMHfDECtIVZetdHi6RUy9MGJJJDTaV3OR+Jxh O5vMR2Utlqm/z3C3VRGsVpReIwcgbg7qW8opx+xSVw7jrCe52V/ubQ99SBcY/+SF4L BTGreSXefeU2w== From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe , =?UTF-8?q?Marvin=20H=C3=A4user?= , Bob Feng Subject: [PATCH v2 04/17] MdePkg/BaseLib AARCH64: Make LongJump() BTI compatible Date: Mon, 27 Mar 2023 13:00:59 +0200 Message-Id: <20230327110112.262503-5-ardb@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230327110112.262503-1-ardb@kernel.org> References: <20230327110112.262503-1-ardb@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Currently, the AArch64 implementation of LongJump() avoids using the RET instruction to perform the jump, even though the target address is held in the link register X30, as the nature of a long jump implies that the ordinary return address prediction machinery will not be able to make a correct prediction. However, LongJump() is rarely used, and the return stack will be out of sync in any case, so this optimization has little value in practice, and given that indirect calls other than function returns require a BTI landing pad at the call site, this optimization is not compatible with BTI. So let's just use RET instead. Signed-off-by: Ard Biesheuvel --- MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S b/MdePkg/Libr= ary/BaseLib/AArch64/SetJumpLongJump.S index deefdf526b95ca93..1d5cfbf64470452f 100644 --- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S +++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S @@ -85,7 +85,6 @@ ASM_PFX(InternalLongJump): cmp w1, #0=0D mov w0, #1=0D csel w0, w1, w0, ne=0D - // use br not ret, as ret is guaranteed to mispredict=0D - br x30=0D + ret=0D =0D ASM_FUNCTION_REMOVE_IF_UNREFERENCED=0D --=20 2.39.2