From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web10.31889.1679914904893707799
 for <devel@edk2.groups.io>;
 Mon, 27 Mar 2023 04:01:44 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=QnjPJIx6;
 spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 69B14611B0;
	Mon, 27 Mar 2023 11:01:44 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 506E7C4339E;
	Mon, 27 Mar 2023 11:01:41 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1679914903;
	bh=IzqaEeuB1UQWZJ91jnb6SBjUJnle3dli8BvkQ6S+V/A=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=QnjPJIx6K4FhsPtSPPlJLAgpfmMYdA2mLws9NqojZv742Ris8SuvcEGCU5ayrKlQr
	 zOQHuRgCASkEa6XTUT8eKOE6dh1c5p0wFBfSReTPcA9239PFghbUufO2YPMTZo+l1G
	 p0V4MyOxoSNvOCXLIs/3ccXIIkvactW7FpFCmDDUw3coA3aGyel7QEuhkt08KRypO4
	 EY0zS0mJAMJx//Gy/6x59FZGlV/rlFMHfDECtIVZetdHi6RUy9MGJJJDTaV3OR+Jxh
	 O5vMR2Utlqm/z3C3VRGsVpReIwcgbg7qW8opx+xSVw7jrCe52V/ubQ99SBcY/+SF4L
	 BTGreSXefeU2w==
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Michael Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Michael Kubacki <michael.kubacki@microsoft.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Rebecca Cran <quic_rcran@quicinc.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Taylor Beebe <t@taylorbeebe.com>,
	=?UTF-8?q?Marvin=20H=C3=A4user?= <mhaeuser@posteo.de>,
	Bob Feng <bob.c.feng@intel.com>
Subject: [PATCH v2 04/17] MdePkg/BaseLib AARCH64: Make LongJump() BTI compatible
Date: Mon, 27 Mar 2023 13:00:59 +0200
Message-Id: <20230327110112.262503-5-ardb@kernel.org>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20230327110112.262503-1-ardb@kernel.org>
References: <20230327110112.262503-1-ardb@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Currently, the AArch64 implementation of LongJump() avoids using the RET
instruction to perform the jump, even though the target address is held
in the link register X30, as the nature of a long jump implies that the
ordinary return address prediction machinery will not be able to make a
correct prediction.

However, LongJump() is rarely used, and the return stack will be out of
sync in any case, so this optimization has little value in practice, and
given that indirect calls other than function returns require a BTI
landing pad at the call site, this optimization is not compatible with
BTI. So let's just use RET instead.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S b/MdePkg/Libr=
ary/BaseLib/AArch64/SetJumpLongJump.S
index deefdf526b95ca93..1d5cfbf64470452f 100644
--- a/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S
+++ b/MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S
@@ -85,7 +85,6 @@ ASM_PFX(InternalLongJump):
         cmp     w1, #0=0D
         mov     w0, #1=0D
         csel    w0, w1, w0, ne=0D
-        // use br not ret, as ret is guaranteed to mispredict=0D
-        br      x30=0D
+        ret=0D
 =0D
 ASM_FUNCTION_REMOVE_IF_UNREFERENCED=0D
--=20
2.39.2