[PATCH] arm64: Unconditionally select CONFIG_JUMP_LABEL

[Will Deacon]

On Fri, Jun 13, 2025 at 03:47:31PM +0100, Mark Rutland wrote:
> On Fri, Jun 13, 2025 at 03:19:36PM +0100, Marc Zyngier wrote:
> > Aneesh reports that his kernel fails to boot in nVHE mode with
> > KVM's protected mode enabled. Further investigation by Mostafa
> > reveals that this fails because CONFIG_JUMP_LABEL=n and that
> > we have static keys shared between EL1 and EL2.
> > 
> > While this can be worked around, it is obvious that we have long
> > relied on having CONFIG_JUMP_LABEL enabled at all times, as all
> > supported compilers now have 'asm goto' (which is the basic block
> > for jump labels).
> > 
> > Let's simplify our lives once and for all by mandating jump labels.
> > It's not like anyone else is testing anything without them, and
> > we already rely on them for other things (kfence, xfs, preempt).
> > 
> > Link: https://lore.kernel.org/r/yq5ah60pkq03.fsf@kernel.org
> > Reported-by: "Aneesh Kumar K.V" <aneesh.kumar at kernel.org>
> > Reported-by: Mostafa Saleh <smostafa at google.com>
> > Signed-off-by: Marc Zyngier <maz at kernel.org>
> > Cc: Will Deacon <will at kernel.org>
> > Cc: Catalin marinas <catalin.marinas at arm.com>
> > Cc: Mark Rutland <mark.rutland at arm.com>
> > Cc: Ard Biesheuvel <ardb at kernel.org>
> 
> Acked-by: Mark Rutland <mark.rutland at arm.com>
> 
> It might be worth noting that even with this, we still need to take care
> to not use arbitrary static keys in hyp code (since we don't to consume
> anything that can legitimately be flipped after hyp initialization), but
> that aspect should be dealt with by reviewing additions to image-vars.h.

Right, we should probably try to re-use the static key sealing mechanism
used for the handling of __ro_after_init keys so that the host doesn't
try to patch the hyp text after de-privilege (which will result in a
panic).

Will