[thirdparty/kernel/stable-queue.git] / releases / 4.15.10 / objtool-retpolines-integrate-objtool-with-retpoline-support-more-closely.patch

From d5028ba8ee5a18c9d0bb926d883c28b370f89009 Mon Sep 17 00:00:00 2001
From: Peter Zijlstra <peterz@infradead.org>
Date: Tue, 6 Feb 2018 09:46:13 +0100
Subject: objtool, retpolines: Integrate objtool with retpoline support more closely

From: Peter Zijlstra <peterz@infradead.org>

commit d5028ba8ee5a18c9d0bb926d883c28b370f89009 upstream.

Disable retpoline validation in objtool if your compiler sucks, and otherwise
select the validation stuff for CONFIG_RETPOLINE=y (most builds would already
have it set due to ORC).

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 Makefile               |    5 +++++
 arch/x86/Kconfig       |    1 +
 arch/x86/Makefile      |   10 +++-------
 scripts/Makefile.build |    2 ++
 4 files changed, 11 insertions(+), 7 deletions(-)

--- a/Makefile
+++ b/Makefile
@@ -487,6 +487,11 @@ KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG
 KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
 endif
 
+RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register
+RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk
+RETPOLINE_CFLAGS := $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG)))
+export RETPOLINE_CFLAGS
+
 ifeq ($(config-targets),1)
 # ===========================================================================
 # *config targets only - make sure prerequisites are updated, and descend
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -432,6 +432,7 @@ config GOLDFISH
 config RETPOLINE
 	bool "Avoid speculative indirect branches in kernel"
 	default y
+	select STACK_VALIDATION if HAVE_STACK_VALIDATION
 	help
 	  Compile kernel with the retpoline compiler options to guard against
 	  kernel-to-user data leaks by avoiding speculative indirect
--- a/arch/x86/Makefile
+++ b/arch/x86/Makefile
@@ -232,13 +232,9 @@ KBUILD_CFLAGS += -fno-asynchronous-unwin
 
 # Avoid indirect branches in kernel to deal with Spectre
 ifdef CONFIG_RETPOLINE
-    RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register
-    RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk
-
-    RETPOLINE_CFLAGS += $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG)))
-    ifneq ($(RETPOLINE_CFLAGS),)
-        KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
-    endif
+ifneq ($(RETPOLINE_CFLAGS),)
+  KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
+endif
 endif
 
 archscripts: scripts_basic
--- a/scripts/Makefile.build
+++ b/scripts/Makefile.build
@@ -267,8 +267,10 @@ else
 objtool_args += $(call cc-ifversion, -lt, 0405, --no-unreachable)
 endif
 ifdef CONFIG_RETPOLINE
+ifneq ($(RETPOLINE_CFLAGS),)
   objtool_args += --retpoline
 endif
+endif
 
 
 ifdef CONFIG_MODVERSIONS
Commit	Line	Data
8107aff4 GKH	1	From d5028ba8ee5a18c9d0bb926d883c28b370f89009 Mon Sep 17 00:00:00 2001
	2	From: Peter Zijlstra <peterz@infradead.org>
	3	Date: Tue, 6 Feb 2018 09:46:13 +0100
	4	Subject: objtool, retpolines: Integrate objtool with retpoline support more closely
	5
	6	From: Peter Zijlstra <peterz@infradead.org>
	7
	8	commit d5028ba8ee5a18c9d0bb926d883c28b370f89009 upstream.
	9
	10	Disable retpoline validation in objtool if your compiler sucks, and otherwise
	11	select the validation stuff for CONFIG_RETPOLINE=y (most builds would already
	12	have it set due to ORC).
	13
	14	Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
	15	Acked-by: Thomas Gleixner <tglx@linutronix.de>
	16	Cc: Andy Lutomirski <luto@kernel.org>
	17	Cc: Arjan van de Ven <arjan@linux.intel.com>
	18	Cc: Borislav Petkov <bp@alien8.de>
	19	Cc: Dan Williams <dan.j.williams@intel.com>
	20	Cc: Dave Hansen <dave.hansen@linux.intel.com>
	21	Cc: David Woodhouse <dwmw2@infradead.org>
	22	Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	23	Cc: Josh Poimboeuf <jpoimboe@redhat.com>
	24	Cc: Linus Torvalds <torvalds@linux-foundation.org>
	25	Cc: Peter Zijlstra <peterz@infradead.org>
	26	Signed-off-by: Ingo Molnar <mingo@kernel.org>
	27	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	28
	29	---
	30	Makefile \| 5 +++++
	31	arch/x86/Kconfig \| 1 +
	32	arch/x86/Makefile \| 10 +++-------
	33	scripts/Makefile.build \| 2 ++
	34	4 files changed, 11 insertions(+), 7 deletions(-)
	35
	36	--- a/Makefile
	37	+++ b/Makefile
	38	@@ -487,6 +487,11 @@ KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG
	39	KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
	40	endif
	41
	42	+RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register
	43	+RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk
	44	+RETPOLINE_CFLAGS := $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG)))
	45	+export RETPOLINE_CFLAGS
	46	+
	47	ifeq ($(config-targets),1)
	48	# ===========================================================================
	49	# *config targets only - make sure prerequisites are updated, and descend
	50	--- a/arch/x86/Kconfig
	51	+++ b/arch/x86/Kconfig
	52	@@ -432,6 +432,7 @@ config GOLDFISH
	53	config RETPOLINE
	54	bool "Avoid speculative indirect branches in kernel"
	55	default y
	56	+ select STACK_VALIDATION if HAVE_STACK_VALIDATION
	57	help
	58	Compile kernel with the retpoline compiler options to guard against
	59	kernel-to-user data leaks by avoiding speculative indirect
	60	--- a/arch/x86/Makefile
	61	+++ b/arch/x86/Makefile
	62	@@ -232,13 +232,9 @@ KBUILD_CFLAGS += -fno-asynchronous-unwin
	63
	64	# Avoid indirect branches in kernel to deal with Spectre
65	ifdef CONFIG_RETPOLINE
66	- RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register
67	- RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk
68	-
69	- RETPOLINE_CFLAGS += $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG)))
70	- ifneq ($(RETPOLINE_CFLAGS),)
71	- KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
72	- endif
73	+ifneq ($(RETPOLINE_CFLAGS),)
74	+ KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
75	+endif
76	endif
77
78	archscripts: scripts_basic
79	--- a/scripts/Makefile.build
80	+++ b/scripts/Makefile.build
81	@@ -267,8 +267,10 @@ else
82	objtool_args += $(call cc-ifversion, -lt, 0405, --no-unreachable)
83	endif
84	ifdef CONFIG_RETPOLINE
85	+ifneq ($(RETPOLINE_CFLAGS),)
86	objtool_args += --retpoline
87	endif
88	+endif
89
90
91	ifdef CONFIG_MODVERSIONS