On 12.02.2026 19:29, Alejandro Vallejo wrote: > On Wed Jan 28, 2026 at 3:35 PM CET, Jason Andryuk wrote: >> On 2025-04-01 06:58, Jan Beulich wrote: >>> Leverage the new infrastructure in xen/linkage.h to also switch to per- >>> function sections (when configured), deriving the specific name from the >>> "base" section in use at the time FUNC() is invoked. >>> >>> Signed-off-by: Jan Beulich <[email protected]> >>> Tested-by: Luca Fancellu <[email protected]> # arm > > I don't seem to have the original patch in my inbox, so I'll just answer here. > > About the assembly modifications on the exception entry points: > > With split sections the linker is free to reorder all of them as it sees fit, > which probably means we want int3 after every jump to prevent straight-line > speculation from allocating an XSA number for us. It's possible the linker > might > inject them, but it might also not. Better to err on the side of caution.
We're lacking such INT3 elsewhere, hence why this is the topic of separate (existing) work. See how, for example, we're also not using -mharden-sls=all. See e.g. [1] for a very old posting. Even in my outbox I can't find newer postings covering more stuff. Intermediately some of this was posted to security@ only, but there clearly was the plan to have all of this in public. > Though more generally, I'd just keep all exception entry points in the same > section. They'd never get GC'ed anyway and we're paying an extra branch in the > #PF path for no reason. Inserting a branch there was, iirc, asked for by someone independent of this work. But yes, suppressing too fine grained section splits is an option. Jan [1] https://lists.xenproject.org/archives/html/xen-devel/2020-11/msg01542.html
