Merge tag 'x86_core_for_v6.18_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...

Pull more x86 updates from Borislav Petkov:

 - Remove a bunch of asm implementing condition flags testing in KVM's
   emulator in favor of int3_emulate_jcc() which is written in C

 - Replace KVM fastops with C-based stubs which avoids problems with the
   fastop infra related to latter not adhering to the C ABI due to their
   special calling convention and, more importantly, bypassing compiler
   control-flow integrity checking because they're written in asm

 - Remove wrongly used static branches and other ugliness accumulated
   over time in hyperv's hypercall implementation with a proper static
   function call to the correct hypervisor call variant

 - Add some fixes and modifications to allow running FRED-enabled
   kernels in KVM even on non-FRED hardware

 - Add kCFI improvements like validating indirect calls and prepare for
   enabling kCFI with GCC. Add cmdline params documentation and other
   code cleanups

 - Use the single-byte 0xd6 insn as the official #UD single-byte
   undefined opcode instruction as agreed upon by both x86 vendors

 - Other smaller cleanups and touchups all over the place

* tag 'x86_core_for_v6.18_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (24 commits)
  x86,retpoline: Optimize patch_retpoline()
  x86,ibt: Use UDB instead of 0xEA
  x86/cfi: Remove __noinitretpoline and __noretpoline
  x86/cfi: Add "debug" option to "cfi=" bootparam
  x86/cfi: Standardize on common "CFI:" prefix for CFI reports
  x86/cfi: Document the "cfi=" bootparam options
  x86/traps: Clarify KCFI instruction layout
  compiler_types.h: Move __nocfi out of compiler-specific header
  objtool: Validate kCFI calls
  x86/fred: KVM: VMX: Always use FRED for IRQs when CONFIG_X86_FRED=y
  x86/fred: Play nice with invoking asm_fred_entry_from_kvm() on non-FRED hardware
  x86/fred: Install system vector handlers even if FRED isn't fully enabled
  x86/hyperv: Use direct call to hypercall-page
  x86/hyperv: Clean up hv_do_hypercall()
  KVM: x86: Remove fastops
  KVM: x86: Convert em_salc() to C
  KVM: x86: Introduce EM_ASM_3WCL
  KVM: x86: Introduce EM_ASM_1SRC2
  KVM: x86: Introduce EM_ASM_2CL
  KVM: x86: Introduce EM_ASM_2W
  ...

diff --cc Documentation/admin-guide/kernel-parameters.txt
Simple merge

diff --cc arch/x86/entry/entry_64_fred.S
Simple merge

diff --cc arch/x86/hyperv/ivm.c
Simple merge

diff --cc arch/x86/include/asm/cfi.h
Simple merge

diff --cc arch/x86/kernel/alternative.c
Simple merge

diff --cc arch/x86/kernel/cpu/mshyperv.c
Simple merge

diff --cc arch/x86/kernel/machine_kexec_64.c
Simple merge

diff --cc arch/x86/kvm/Kconfig
index 67d4f23bab660b0b943c5af593f71450cc2d82d6,b92ef117f355c9a0c21665cecbad255c9322c274..278f08194ec87b9481500b8b800c3ccec1c2dc76
--- 1/arch/x86/kvm/Kconfig
--- 2/arch/x86/kvm/Kconfig
+++ b/arch/x86/kvm/Kconfig
@@@ -96,6 -95,9 +96,7 @@@ config KVM_SW_PROTECTED_V
  config KVM_INTEL
        tristate "KVM for Intel (and compatible) processors support"
        depends on KVM && IA32_FEAT_CTL
 -      select KVM_GENERIC_PRIVATE_MEM if INTEL_TDX_HOST
 -      select KVM_GENERIC_MEMORY_ATTRIBUTES if INTEL_TDX_HOST
+       select X86_FRED if X86_64
        help
          Provides support for KVM on processors equipped with Intel's VT
          extensions, a.k.a. Virtual Machine Extensions (VMX).

diff --cc arch/x86/kvm/emulate.c
index 59f93f68718a0a77716378424e5ed104afe6bd58,796d0c64f9baf4e6ca1273255634a9553f7e5dbc..4e3da5b497b85c32ab9de1cff9b941252ad8699e
--- 1/arch/x86/kvm/emulate.c
--- 2/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@@ -4102,10 -4001,10 +4037,10 @@@ static const struct opcode group4[] = 
  };
  
  static const struct opcode group5[] = {
-       F(DstMem | SrcNone | Lock,              em_inc),
-       F(DstMem | SrcNone | Lock,              em_dec),
+       I(DstMem | SrcNone | Lock,              em_inc),
+       I(DstMem | SrcNone | Lock,              em_dec),
 -      I(SrcMem | NearBranch | IsBranch,       em_call_near_abs),
 -      I(SrcMemFAddr | ImplicitOps | IsBranch, em_call_far),
 +      I(SrcMem | NearBranch | IsBranch | ShadowStack, em_call_near_abs),
 +      I(SrcMemFAddr | ImplicitOps | IsBranch | ShadowStack, em_call_far),
        I(SrcMem | NearBranch | IsBranch,       em_jmp_abs),
        I(SrcMemFAddr | ImplicitOps | IsBranch, em_jmp_far),
        I(SrcMem | Stack | TwoMemOp,            em_push), D(Undefined),

diff --cc arch/x86/kvm/vmx/vmx.c
Simple merge

diff --cc arch/x86/lib/retpoline.S
index f513d33b6d370461ffb232e56515bb37f6361c1a,24b7aca454ec5cae8b7546f0c25390431494ae24..8f1fed0c3b83f4f437d8cb359b90c4e2ebcff689
--- 1/arch/x86/lib/retpoline.S
--- 2/arch/x86/lib/retpoline.S
+++ b/arch/x86/lib/retpoline.S
@@@ -126,45 -126,7 +126,45 @@@ SYM_CODE_END(__x86_indirect_jump_thunk_
  #define GEN(reg) __EXPORT_THUNK(__x86_indirect_jump_thunk_ ## reg)
  #include <asm/GEN-for-each-reg.h>
  #undef GEN
 -#endif
 +
 +#endif /* CONFIG_MITIGATION_CALL_DEPTH_TRACKING */
 +
 +#ifdef CONFIG_MITIGATION_ITS
 +
 +.macro ITS_THUNK reg
 +
 +/*
-  * If CFI paranoid is used then the ITS thunk starts with opcodes (0xea; jne 1b)
++ * If CFI paranoid is used then the ITS thunk starts with opcodes (1: udb; jne 1b)
 + * that complete the fineibt_paranoid caller sequence.
 + */
- 1:    .byte 0xea
++1:    ASM_UDB
 +SYM_INNER_LABEL(__x86_indirect_paranoid_thunk_\reg, SYM_L_GLOBAL)
 +      UNWIND_HINT_UNDEFINED
 +      ANNOTATE_NOENDBR
 +      jne 1b
 +SYM_INNER_LABEL(__x86_indirect_its_thunk_\reg, SYM_L_GLOBAL)
 +      UNWIND_HINT_UNDEFINED
 +      ANNOTATE_NOENDBR
 +      ANNOTATE_RETPOLINE_SAFE
 +      jmp *%\reg
 +      int3
 +      .align 32, 0xcc         /* fill to the end of the line */
 +      .skip  32 - (__x86_indirect_its_thunk_\reg - 1b), 0xcc /* skip to the next upper half */
 +.endm
 +
 +/* ITS mitigation requires thunks be aligned to upper half of cacheline */
 +.align 64, 0xcc
 +.skip 29, 0xcc
 +
 +#define GEN(reg) ITS_THUNK reg
 +#include <asm/GEN-for-each-reg.h>
 +#undef GEN
 +
 +      .align 64, 0xcc
 +SYM_FUNC_ALIAS(__x86_indirect_its_thunk_array, __x86_indirect_its_thunk_rax)
 +SYM_CODE_END(__x86_indirect_its_thunk_array)
 +
 +#endif /* CONFIG_MITIGATION_ITS */
  
  #ifdef CONFIG_MITIGATION_RETHUNK
  

diff --cc arch/x86/net/bpf_jit_comp.c
Simple merge

diff --cc include/linux/compiler-clang.h
Simple merge

diff --cc include/linux/compiler_types.h
index 2f3e80bf9f3574621ce8616c4c1d2d925b718d77,a910f9fa5341732ef403a9f58b65755c16e54f30..59288a2c1ad27700af5edafd89a0db82e85ce296
--- 1/include/linux/compiler_types.h
--- 2/include/linux/compiler_types.h
+++ b/include/linux/compiler_types.h
@@@ -455,7 -432,9 +455,9 @@@ struct ftrace_likely_data 
  # define __noscs
  #endif
  
- #ifndef __nocfi
 -#if defined(CONFIG_CFI_CLANG)
++#if defined(CONFIG_CFI)
+ # define __nocfi              __attribute__((__no_sanitize__("kcfi")))
+ #else
  # define __nocfi
  #endif
  

diff --cc tools/objtool/check.c
Simple merge