| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1518040338-9476-1-git-send-email-linux@roeck-us.net>
Date: Wed, 7 Feb 2018 13:52:18 -0800
From: Guenter Roeck <linux@...ck-us.net>
To: Thomas Gleixner <tglx@...utronix.de>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
Guenter Roeck <linux@...ck-us.net>,
David Woodhouse <dwmw@...zon.co.uk>,
Ingo Molnar <mingo@...nel.org>, gnomes@...rguk.ukuu.org.uk,
Rik van Riel <riel@...hat.com>,
Andi Kleen <ak@...ux.intel.com>,
Josh Poimboeuf <jpoimboe@...hat.com>, thomas.lendacky@....com,
Peter Zijlstra <peterz@...radead.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Jiri Kosina <jikos@...nel.org>,
Andy Lutomirski <luto@...capital.net>,
Dave Hansen <dave.hansen@...el.com>,
Kees Cook <keescook@...gle.com>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Greg Kroah-Hartman <gregkh@...ux-foundation.org>,
Paul Turner <pjt@...gle.com>
Subject: [PATCH v2] x86/retpoline: Add clang support
clang has its own set of compiler options for retpoline support.
Link: https://github.com/llvm-mirror/clang/commit/0d816739a82da29748caf88570affb9715e18b69
Link: https://github.com/llvm-mirror/llvm/commit/fd5a8723ce9f2a6b250e85972ef859e4253ea95d
Link: https://github.com/llvm-mirror/llvm/commit/59b64490fda69d29bb42cfdf7eec37bcc31ff833
Cc: David Woodhouse <dwmw@...zon.co.uk>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Ingo Molnar <mingo@...nel.org>
Cc: gnomes@...rguk.ukuu.org.uk
Cc: Rik van Riel <riel@...hat.com>
Cc: Andi Kleen <ak@...ux.intel.com>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>
Cc: thomas.lendacky@....com
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Jiri Kosina <jikos@...nel.org>
Cc: Andy Lutomirski <luto@...capital.net>
Cc: Dave Hansen <dave.hansen@...el.com>
Cc: Kees Cook <keescook@...gle.com>
Cc: Tim Chen <tim.c.chen@...ux.intel.com>
Cc: Greg Kroah-Hartman <gregkh@...ux-foundation.org>
Cc: Paul Turner <pjt@...gle.com>
Signed-off-by: Guenter Roeck <linux@...ck-us.net>
---
v2: llvm has been updated to use the same thunk names as gcc.
Tested with:
clang version 7.0.0
(https://git.llvm.org/git/clang.git/
848874aed95a913fb45f363120500cebfe54e2ef)
(https://git.llvm.org/git/llvm.git/
3afd566557f3616881505db0d69f5d19bf55ae14)
cross-checked with gcc 7.3.0 (x86_64-linux-gcc.br_real (Buildroot
2018.02-rc1) 7.3.0).
Tested with 64-bit builds only; 32-bit images fail to build with clang
with various unrelated errors and are difficult to test.
I had to change '+=' to '=' below since make otherwise sets
RETPOLINE_CFLAGS to " ", and the subsequent ifneq would always match.
This is also the reason for the "ifeq ($(RETPOLINE_CFLAGS),)".
If there is another/different/better way to handle this, please let
me know.
There are curently lots of warnings when building an image with clang.
./include/linux/init.h:134:6: warning:
unknown attribute 'indirect_branch' ignored
I was inclined to add "&& !defined(__clang__)" to the condition for the
__noretpoline define to fix the problem, but concluded that this should
be a separate patch unless it can be addressed in clang.
arch/x86/Makefile | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Makefile b/arch/x86/Makefile
index fad55160dcb9..c1a35cea88e1 100644
--- a/arch/x86/Makefile
+++ b/arch/x86/Makefile
@@ -232,7 +232,12 @@ KBUILD_CFLAGS += -fno-asynchronous-unwind-tables
# Avoid indirect branches in kernel to deal with Spectre
ifdef CONFIG_RETPOLINE
- RETPOLINE_CFLAGS += $(call cc-option,-mindirect-branch=thunk-extern -mindirect-branch-register)
+ # gcc
+ RETPOLINE_CFLAGS = $(call cc-option,-mindirect-branch=thunk-extern -mindirect-branch-register)
+ ifeq ($(RETPOLINE_CFLAGS),)
+ # clang
+ RETPOLINE_CFLAGS = $(call cc-option,-mretpoline-external-thunk)
+ endif
ifneq ($(RETPOLINE_CFLAGS),)
KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
endif
--
2.7.4
Powered by blists - more mailing lists