lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250319150441.GB3991@breakpoint.cc>
Date: Wed, 19 Mar 2025 16:04:41 +0100
From: Florian Westphal <fw@...len.de>
To: WangYuli <wangyuli@...ontech.com>
Cc: pablo@...filter.org, kadlec@...filter.org, davem@...emloft.net,
	edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
	horms@...nel.org, netfilter-devel@...r.kernel.org,
	coreteam@...filter.org, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org, eric.dumazet@...il.com, fw@...len.de,
	zhanjun@...ontech.com, niecheng1@...ontech.com,
	Wentao Guan <guanwentao@...ontech.com>
Subject: Re: [PATCH net v2] netfilter: nf_tables: Only use
 nf_skip_indirect_calls() when MITIGATION_RETPOLINE

WangYuli <wangyuli@...ontech.com> wrote:
> 1. MITIGATION_RETPOLINE is x86-only (defined in arch/x86/Kconfig),
> so no need to AND with CONFIG_X86 when checking if enabled.
> 
> 2. Remove unused declaration of nf_skip_indirect_calls() when
> MITIGATION_RETPOLINE is disabled to avoid warnings.
> 
> 3. Declare nf_skip_indirect_calls() and nf_skip_indirect_calls_enable()
> as inline when MITIGATION_RETPOLINE is enabled, as they are called
> only once and have simple logic.
> 
> Fix follow error with clang-21 when W=1e:
>   net/netfilter/nf_tables_core.c:39:20: error: unused function 'nf_skip_indirect_calls' [-Werror,-Wunused-function]
>      39 | static inline bool nf_skip_indirect_calls(void) { return false; }
>         |                    ^~~~~~~~~~~~~~~~~~~~~~
>   1 error generated.
>   make[4]: *** [scripts/Makefile.build:207: net/netfilter/nf_tables_core.o] Error 1
>   make[3]: *** [scripts/Makefile.build:465: net/netfilter] Error 2
>   make[3]: *** Waiting for unfinished jobs....
> 
> Fixes: d8d760627855 ("netfilter: nf_tables: add static key to skip retpoline workarounds")
> Co-developed-by: Wentao Guan <guanwentao@...ontech.com>
> Signed-off-by: Wentao Guan <guanwentao@...ontech.com>
> Signed-off-by: WangYuli <wangyuli@...ontech.com>

Acked-by: Florian Westphal <fw@...len.de>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ