From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 16 Feb 2021 08:27:34 +0000 (+0100)
Subject: 4.19-stable patches
X-Git-Tag: v5.4.99~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4e9a0f149aafc3f112d5e6752c39c15b2829ca58;p=thirdparty%2Fkernel%2Fstable-queue.git

4.19-stable patches

added patches:
	x86-build-disable-cet-instrumentation-in-the-kernel-for-32-bit-too.patch
---

diff --git a/queue-4.19/series b/queue-4.19/series
index 8600d39f4c8..0a769d3333e 100644
--- a/queue-4.19/series
+++ b/queue-4.19/series
@@ -34,3 +34,4 @@ vsock-fix-locking-in-vsock_shutdown.patch
 net-rds-restrict-iovecs-length-for-rds_cmsg_rdma_args.patch
 net-qrtr-restrict-user-controlled-length-in-qrtr_tun_write_iter.patch
 ovl-expand-warning-in-ovl_d_real.patch
+x86-build-disable-cet-instrumentation-in-the-kernel-for-32-bit-too.patch
diff --git a/queue-4.19/x86-build-disable-cet-instrumentation-in-the-kernel-for-32-bit-too.patch b/queue-4.19/x86-build-disable-cet-instrumentation-in-the-kernel-for-32-bit-too.patch
new file mode 100644
index 00000000000..08619740020
--- /dev/null
+++ b/queue-4.19/x86-build-disable-cet-instrumentation-in-the-kernel-for-32-bit-too.patch
@@ -0,0 +1,51 @@
+From 256b92af784d5043eeb7d559b6d5963dcc2ecb10 Mon Sep 17 00:00:00 2001
+From: Borislav Petkov <bp@suse.de>
+Date: Mon, 8 Feb 2021 16:43:30 +0100
+Subject: x86/build: Disable CET instrumentation in the kernel for 32-bit too
+
+From: Borislav Petkov <bp@suse.de>
+
+commit 256b92af784d5043eeb7d559b6d5963dcc2ecb10 upstream.
+
+Commit
+
+  20bf2b378729 ("x86/build: Disable CET instrumentation in the kernel")
+
+disabled CET instrumentation which gets added by default by the Ubuntu
+gcc9 and 10 by default, but did that only for 64-bit builds. It would
+still fail when building a 32-bit target. So disable CET for all x86
+builds.
+
+Fixes: 20bf2b378729 ("x86/build: Disable CET instrumentation in the kernel")
+Reported-by: AC <achirvasub@gmail.com>
+Signed-off-by: Borislav Petkov <bp@suse.de>
+Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Tested-by: AC <achirvasub@gmail.com>
+Link: https://lkml.kernel.org/r/YCCIgMHkzh/xT4ex@arch-chirva.localdomain
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/Makefile |    6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/arch/x86/Makefile
++++ b/arch/x86/Makefile
+@@ -61,6 +61,9 @@ endif
+ KBUILD_CFLAGS += -mno-sse -mno-mmx -mno-sse2 -mno-3dnow
+ KBUILD_CFLAGS += $(call cc-option,-mno-avx,)
+ 
++# Intel CET isn't enabled in the kernel
++KBUILD_CFLAGS += $(call cc-option,-fcf-protection=none)
++
+ ifeq ($(CONFIG_X86_32),y)
+         BITS := 32
+         UTS_MACHINE := i386
+@@ -132,9 +135,6 @@ else
+         KBUILD_CFLAGS += -mno-red-zone
+         KBUILD_CFLAGS += -mcmodel=kernel
+ 
+-	# Intel CET isn't enabled in the kernel
+-	KBUILD_CFLAGS += $(call cc-option,-fcf-protection=none)
+-
+         # -funit-at-a-time shrinks the kernel .text considerably
+         # unfortunately it makes reading oopses harder.
+         KBUILD_CFLAGS += $(call cc-option,-funit-at-a-time)