--- /dev/null
+From cfe17c9bbe6a673fdafdab179c32b355ed447f66 Mon Sep 17 00:00:00 2001
+From: Masahiro Yamada <yamada.masahiro@socionext.com>
+Date: Mon, 27 Nov 2017 21:15:13 +0900
+Subject: kbuild: move cc-option and cc-disable-warning after incl. arch Makefile
+
+From: Masahiro Yamada <yamada.masahiro@socionext.com>
+
+commit cfe17c9bbe6a673fdafdab179c32b355ed447f66 upstream.
+
+Geert reported commit ae6b289a3789 ("kbuild: Set KBUILD_CFLAGS before
+incl. arch Makefile") broke cross-compilation using a cross-compiler
+that supports less compiler options than the host compiler.
+
+For example,
+
+ cc1: error: unrecognized command line option "-Wno-unused-but-set-variable"
+
+This problem happens on architectures that setup CROSS_COMPILE in their
+arch/*/Makefile.
+
+Move the cc-option and cc-disable-warning back to the original position,
+but keep the Clang target options untouched.
+
+Fixes: ae6b289a3789 ("kbuild: Set KBUILD_CFLAGS before incl. arch Makefile")
+Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
+Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
+Tested-by: Geert Uytterhoeven <geert@linux-m68k.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Makefile | 43 +++++++++++++++++++++++--------------------
+ 1 file changed, 23 insertions(+), 20 deletions(-)
+
+--- a/Makefile
++++ b/Makefile
+@@ -492,26 +492,6 @@ CLANG_GCC_TC := --gcc-toolchain=$(GCC_TO
+ endif
+ KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
+ KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
+-KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,)
+-KBUILD_CFLAGS += $(call cc-disable-warning, unused-variable)
+-KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier)
+-KBUILD_CFLAGS += $(call cc-disable-warning, gnu)
+-KBUILD_CFLAGS += $(call cc-disable-warning, address-of-packed-member)
+-# Quiet clang warning: comparison of unsigned expression < 0 is always false
+-KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare)
+-# CLANG uses a _MergedGlobals as optimization, but this breaks modpost, as the
+-# source of a reference will be _MergedGlobals and not on of the whitelisted names.
+-# See modpost pattern 2
+-KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,)
+-KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior)
+-KBUILD_CFLAGS += $(call cc-option, -no-integrated-as)
+-KBUILD_AFLAGS += $(call cc-option, -no-integrated-as)
+-else
+-
+-# These warnings generated too much noise in a regular build.
+-# Use make W=1 to enable them (see scripts/Makefile.extrawarn)
+-KBUILD_CFLAGS += $(call cc-disable-warning, unused-but-set-variable)
+-KBUILD_CFLAGS += $(call cc-disable-warning, unused-const-variable)
+ endif
+
+ ifeq ($(config-targets),1)
+@@ -724,6 +704,29 @@ ifdef CONFIG_CC_STACKPROTECTOR
+ endif
+ KBUILD_CFLAGS += $(stackp-flag)
+
++ifeq ($(cc-name),clang)
++KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,)
++KBUILD_CFLAGS += $(call cc-disable-warning, unused-variable)
++KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier)
++KBUILD_CFLAGS += $(call cc-disable-warning, gnu)
++KBUILD_CFLAGS += $(call cc-disable-warning, address-of-packed-member)
++# Quiet clang warning: comparison of unsigned expression < 0 is always false
++KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare)
++# CLANG uses a _MergedGlobals as optimization, but this breaks modpost, as the
++# source of a reference will be _MergedGlobals and not on of the whitelisted names.
++# See modpost pattern 2
++KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,)
++KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior)
++KBUILD_CFLAGS += $(call cc-option, -no-integrated-as)
++KBUILD_AFLAGS += $(call cc-option, -no-integrated-as)
++else
++
++# These warnings generated too much noise in a regular build.
++# Use make W=1 to enable them (see scripts/Makefile.extrawarn)
++KBUILD_CFLAGS += $(call cc-disable-warning, unused-but-set-variable)
++KBUILD_CFLAGS += $(call cc-disable-warning, unused-const-variable)
++endif
++
+ ifdef CONFIG_FRAME_POINTER
+ KBUILD_CFLAGS += -fno-omit-frame-pointer -fno-optimize-sibling-calls
+ else
--- /dev/null
+From 2c1f4f125159f10521944cea23e33a00fcf85ede Mon Sep 17 00:00:00 2001
+From: Masahiro Yamada <yamada.masahiro@socionext.com>
+Date: Wed, 4 Oct 2017 12:56:06 +0900
+Subject: kbuild: re-order the code to not parse unnecessary variables
+
+From: Masahiro Yamada <yamada.masahiro@socionext.com>
+
+commit 2c1f4f125159f10521944cea23e33a00fcf85ede upstream.
+
+The top Makefile is divided into some sections such as mixed targets,
+config targets, build targets, etc.
+
+When we build mixed targets, Kbuild just invokes submake to process
+them one by one. In this case, compiler-related variables like CC,
+KBUILD_CFLAGS, etc. are unneeded.
+
+Check what kind of targets we are building first, and parse variables
+for building only when necessary.
+
+Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Makefile | 233 +++++++++++++++++++++++++++++++--------------------------------
+ 1 file changed, 118 insertions(+), 115 deletions(-)
+
+--- a/Makefile
++++ b/Makefile
+@@ -187,15 +187,6 @@ ifeq ("$(origin M)", "command line")
+ KBUILD_EXTMOD := $(M)
+ endif
+
+-# If building an external module we do not care about the all: rule
+-# but instead _all depend on modules
+-PHONY += all
+-ifeq ($(KBUILD_EXTMOD),)
+-_all: all
+-else
+-_all: modules
+-endif
+-
+ ifeq ($(KBUILD_SRC),)
+ # building in the source tree
+ srctree := .
+@@ -207,6 +198,9 @@ else
+ srctree := $(KBUILD_SRC)
+ endif
+ endif
++
++export KBUILD_CHECKSRC KBUILD_EXTMOD KBUILD_SRC
++
+ objtree := .
+ src := $(srctree)
+ obj := $(objtree)
+@@ -215,6 +209,74 @@ VPATH := $(srctree)$(if $(KBUILD_EXTMOD
+
+ export srctree objtree VPATH
+
++# To make sure we do not include .config for any of the *config targets
++# catch them early, and hand them over to scripts/kconfig/Makefile
++# It is allowed to specify more targets when calling make, including
++# mixing *config targets and build targets.
++# For example 'make oldconfig all'.
++# Detect when mixed targets is specified, and make a second invocation
++# of make so .config is not included in this case either (for *config).
++
++version_h := include/generated/uapi/linux/version.h
++old_version_h := include/linux/version.h
++
++no-dot-config-targets := clean mrproper distclean \
++ cscope gtags TAGS tags help% %docs check% coccicheck \
++ $(version_h) headers_% archheaders archscripts \
++ kernelversion %src-pkg
++
++config-targets := 0
++mixed-targets := 0
++dot-config := 1
++
++ifneq ($(filter $(no-dot-config-targets), $(MAKECMDGOALS)),)
++ ifeq ($(filter-out $(no-dot-config-targets), $(MAKECMDGOALS)),)
++ dot-config := 0
++ endif
++endif
++
++ifeq ($(KBUILD_EXTMOD),)
++ ifneq ($(filter config %config,$(MAKECMDGOALS)),)
++ config-targets := 1
++ ifneq ($(words $(MAKECMDGOALS)),1)
++ mixed-targets := 1
++ endif
++ endif
++endif
++# install and modules_install need also be processed one by one
++ifneq ($(filter install,$(MAKECMDGOALS)),)
++ ifneq ($(filter modules_install,$(MAKECMDGOALS)),)
++ mixed-targets := 1
++ endif
++endif
++
++ifeq ($(mixed-targets),1)
++# ===========================================================================
++# We're called with mixed targets (*config and build targets).
++# Handle them one by one.
++
++PHONY += $(MAKECMDGOALS) __build_one_by_one
++
++$(filter-out __build_one_by_one, $(MAKECMDGOALS)): __build_one_by_one
++ @:
++
++__build_one_by_one:
++ $(Q)set -e; \
++ for i in $(MAKECMDGOALS); do \
++ $(MAKE) -f $(srctree)/Makefile $$i; \
++ done
++
++else
++
++# We need some generic definitions (do not try to remake the file).
++scripts/Kbuild.include: ;
++include scripts/Kbuild.include
++
++# Read KERNELRELEASE from include/config/kernel.release (if it exists)
++KERNELRELEASE = $(shell cat include/config/kernel.release 2> /dev/null)
++KERNELVERSION = $(VERSION)$(if $(PATCHLEVEL),.$(PATCHLEVEL)$(if $(SUBLEVEL),.$(SUBLEVEL)))$(EXTRAVERSION)
++export VERSION PATCHLEVEL SUBLEVEL KERNELRELEASE KERNELVERSION
++
+ # SUBARCH tells the usermode build what the underlying arch is. That is set
+ # first, and if a usermode build is happening, the "ARCH=um" on the command
+ # line overrides the setting of ARCH below. If a native build is happening,
+@@ -312,40 +374,6 @@ HOSTCFLAGS += -Wno-unused-value -Wno-un
+ -Wno-missing-field-initializers -fno-delete-null-pointer-checks
+ endif
+
+-# Decide whether to build built-in, modular, or both.
+-# Normally, just do built-in.
+-
+-KBUILD_MODULES :=
+-KBUILD_BUILTIN := 1
+-
+-# If we have only "make modules", don't compile built-in objects.
+-# When we're building modules with modversions, we need to consider
+-# the built-in objects during the descend as well, in order to
+-# make sure the checksums are up to date before we record them.
+-
+-ifeq ($(MAKECMDGOALS),modules)
+- KBUILD_BUILTIN := $(if $(CONFIG_MODVERSIONS),1)
+-endif
+-
+-# If we have "make <whatever> modules", compile modules
+-# in addition to whatever we do anyway.
+-# Just "make" or "make all" shall build modules as well
+-
+-ifneq ($(filter all _all modules,$(MAKECMDGOALS)),)
+- KBUILD_MODULES := 1
+-endif
+-
+-ifeq ($(MAKECMDGOALS),)
+- KBUILD_MODULES := 1
+-endif
+-
+-export KBUILD_MODULES KBUILD_BUILTIN
+-export KBUILD_CHECKSRC KBUILD_SRC KBUILD_EXTMOD
+-
+-# We need some generic definitions (do not try to remake the file).
+-scripts/Kbuild.include: ;
+-include scripts/Kbuild.include
+-
+ # Make variables (CC, etc...)
+ AS = $(CROSS_COMPILE)as
+ LD = $(CROSS_COMPILE)ld
+@@ -405,11 +433,6 @@ KBUILD_CFLAGS_MODULE := -DMODULE
+ KBUILD_LDFLAGS_MODULE := -T $(srctree)/scripts/module-common.lds
+ GCC_PLUGINS_CFLAGS :=
+
+-# Read KERNELRELEASE from include/config/kernel.release (if it exists)
+-KERNELRELEASE = $(shell cat include/config/kernel.release 2> /dev/null)
+-KERNELVERSION = $(VERSION)$(if $(PATCHLEVEL),.$(PATCHLEVEL)$(if $(SUBLEVEL),.$(SUBLEVEL)))$(EXTRAVERSION)
+-
+-export VERSION PATCHLEVEL SUBLEVEL KERNELRELEASE KERNELVERSION
+ export ARCH SRCARCH CONFIG_SHELL HOSTCC HOSTCFLAGS CROSS_COMPILE AS LD CC
+ export CPP AR NM STRIP OBJCOPY OBJDUMP HOSTLDFLAGS HOST_LOADLIBES
+ export MAKE AWK GENKSYMS INSTALLKERNEL PERL PYTHON UTS_MACHINE
+@@ -459,73 +482,6 @@ ifneq ($(KBUILD_SRC),)
+ $(srctree) $(objtree) $(VERSION) $(PATCHLEVEL)
+ endif
+
+-# Support for using generic headers in asm-generic
+-PHONY += asm-generic uapi-asm-generic
+-asm-generic: uapi-asm-generic
+- $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.asm-generic \
+- src=asm obj=arch/$(SRCARCH)/include/generated/asm
+-uapi-asm-generic:
+- $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.asm-generic \
+- src=uapi/asm obj=arch/$(SRCARCH)/include/generated/uapi/asm
+-
+-# To make sure we do not include .config for any of the *config targets
+-# catch them early, and hand them over to scripts/kconfig/Makefile
+-# It is allowed to specify more targets when calling make, including
+-# mixing *config targets and build targets.
+-# For example 'make oldconfig all'.
+-# Detect when mixed targets is specified, and make a second invocation
+-# of make so .config is not included in this case either (for *config).
+-
+-version_h := include/generated/uapi/linux/version.h
+-old_version_h := include/linux/version.h
+-
+-no-dot-config-targets := clean mrproper distclean \
+- cscope gtags TAGS tags help% %docs check% coccicheck \
+- $(version_h) headers_% archheaders archscripts \
+- kernelversion %src-pkg
+-
+-config-targets := 0
+-mixed-targets := 0
+-dot-config := 1
+-
+-ifneq ($(filter $(no-dot-config-targets), $(MAKECMDGOALS)),)
+- ifeq ($(filter-out $(no-dot-config-targets), $(MAKECMDGOALS)),)
+- dot-config := 0
+- endif
+-endif
+-
+-ifeq ($(KBUILD_EXTMOD),)
+- ifneq ($(filter config %config,$(MAKECMDGOALS)),)
+- config-targets := 1
+- ifneq ($(words $(MAKECMDGOALS)),1)
+- mixed-targets := 1
+- endif
+- endif
+-endif
+-# install and modules_install need also be processed one by one
+-ifneq ($(filter install,$(MAKECMDGOALS)),)
+- ifneq ($(filter modules_install,$(MAKECMDGOALS)),)
+- mixed-targets := 1
+- endif
+-endif
+-
+-ifeq ($(mixed-targets),1)
+-# ===========================================================================
+-# We're called with mixed targets (*config and build targets).
+-# Handle them one by one.
+-
+-PHONY += $(MAKECMDGOALS) __build_one_by_one
+-
+-$(filter-out __build_one_by_one, $(MAKECMDGOALS)): __build_one_by_one
+- @:
+-
+-__build_one_by_one:
+- $(Q)set -e; \
+- for i in $(MAKECMDGOALS); do \
+- $(MAKE) -f $(srctree)/Makefile $$i; \
+- done
+-
+-else
+ ifeq ($(config-targets),1)
+ # ===========================================================================
+ # *config targets only - make sure prerequisites are updated, and descend
+@@ -548,6 +504,44 @@ else
+ # Build targets only - this includes vmlinux, arch specific targets, clean
+ # targets and others. In general all targets except *config targets.
+
++# If building an external module we do not care about the all: rule
++# but instead _all depend on modules
++PHONY += all
++ifeq ($(KBUILD_EXTMOD),)
++_all: all
++else
++_all: modules
++endif
++
++# Decide whether to build built-in, modular, or both.
++# Normally, just do built-in.
++
++KBUILD_MODULES :=
++KBUILD_BUILTIN := 1
++
++# If we have only "make modules", don't compile built-in objects.
++# When we're building modules with modversions, we need to consider
++# the built-in objects during the descend as well, in order to
++# make sure the checksums are up to date before we record them.
++
++ifeq ($(MAKECMDGOALS),modules)
++ KBUILD_BUILTIN := $(if $(CONFIG_MODVERSIONS),1)
++endif
++
++# If we have "make <whatever> modules", compile modules
++# in addition to whatever we do anyway.
++# Just "make" or "make all" shall build modules as well
++
++ifneq ($(filter all _all modules,$(MAKECMDGOALS)),)
++ KBUILD_MODULES := 1
++endif
++
++ifeq ($(MAKECMDGOALS),)
++ KBUILD_MODULES := 1
++endif
++
++export KBUILD_MODULES KBUILD_BUILTIN
++
+ ifeq ($(KBUILD_EXTMOD),)
+ # Additional helpers built in scripts/
+ # Carefully list dependencies so we do not try to build scripts twice
+@@ -1076,6 +1070,15 @@ prepare0: archprepare gcc-plugins
+ # All the preparing..
+ prepare: prepare0 prepare-objtool
+
++# Support for using generic headers in asm-generic
++PHONY += asm-generic uapi-asm-generic
++asm-generic: uapi-asm-generic
++ $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.asm-generic \
++ src=asm obj=arch/$(SRCARCH)/include/generated/asm
++uapi-asm-generic:
++ $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.asm-generic \
++ src=uapi/asm obj=arch/$(SRCARCH)/include/generated/uapi/asm
++
+ PHONY += prepare-objtool
+ prepare-objtool: $(objtool_target)
+
--- /dev/null
+From ae6b289a37890909fea0e4a1666e19377fa0ed2c Mon Sep 17 00:00:00 2001
+From: Chris Fries <cfries@google.com>
+Date: Tue, 7 Nov 2017 11:46:13 -0800
+Subject: kbuild: Set KBUILD_CFLAGS before incl. arch Makefile
+
+From: Chris Fries <cfries@google.com>
+
+commit ae6b289a37890909fea0e4a1666e19377fa0ed2c upstream.
+
+Set the clang KBUILD_CFLAGS up before including arch/ Makefiles,
+so that ld-options (etc.) can work correctly.
+
+This fixes errors with clang such as ld-options trying to CC
+against your host architecture, but LD trying to link against
+your target architecture.
+
+Signed-off-by: Chris Fries <cfries@google.com>
+Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
+Reviewed-by: Matthias Kaehlcke <mka@chromium.org>
+Tested-by: Matthias Kaehlcke <mka@chromium.org>
+Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Makefile | 64 +++++++++++++++++++++++++++++++--------------------------------
+ 1 file changed, 32 insertions(+), 32 deletions(-)
+
+--- a/Makefile
++++ b/Makefile
+@@ -482,6 +482,38 @@ ifneq ($(KBUILD_SRC),)
+ $(srctree) $(objtree) $(VERSION) $(PATCHLEVEL)
+ endif
+
++ifeq ($(cc-name),clang)
++ifneq ($(CROSS_COMPILE),)
++CLANG_TARGET := --target=$(notdir $(CROSS_COMPILE:%-=%))
++GCC_TOOLCHAIN := $(realpath $(dir $(shell which $(LD)))/..)
++endif
++ifneq ($(GCC_TOOLCHAIN),)
++CLANG_GCC_TC := --gcc-toolchain=$(GCC_TOOLCHAIN)
++endif
++KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
++KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
++KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,)
++KBUILD_CFLAGS += $(call cc-disable-warning, unused-variable)
++KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier)
++KBUILD_CFLAGS += $(call cc-disable-warning, gnu)
++KBUILD_CFLAGS += $(call cc-disable-warning, address-of-packed-member)
++# Quiet clang warning: comparison of unsigned expression < 0 is always false
++KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare)
++# CLANG uses a _MergedGlobals as optimization, but this breaks modpost, as the
++# source of a reference will be _MergedGlobals and not on of the whitelisted names.
++# See modpost pattern 2
++KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,)
++KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior)
++KBUILD_CFLAGS += $(call cc-option, -no-integrated-as)
++KBUILD_AFLAGS += $(call cc-option, -no-integrated-as)
++else
++
++# These warnings generated too much noise in a regular build.
++# Use make W=1 to enable them (see scripts/Makefile.extrawarn)
++KBUILD_CFLAGS += $(call cc-disable-warning, unused-but-set-variable)
++KBUILD_CFLAGS += $(call cc-disable-warning, unused-const-variable)
++endif
++
+ ifeq ($(config-targets),1)
+ # ===========================================================================
+ # *config targets only - make sure prerequisites are updated, and descend
+@@ -692,38 +724,6 @@ ifdef CONFIG_CC_STACKPROTECTOR
+ endif
+ KBUILD_CFLAGS += $(stackp-flag)
+
+-ifeq ($(cc-name),clang)
+-ifneq ($(CROSS_COMPILE),)
+-CLANG_TARGET := --target=$(notdir $(CROSS_COMPILE:%-=%))
+-GCC_TOOLCHAIN := $(realpath $(dir $(shell which $(LD)))/..)
+-endif
+-ifneq ($(GCC_TOOLCHAIN),)
+-CLANG_GCC_TC := --gcc-toolchain=$(GCC_TOOLCHAIN)
+-endif
+-KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
+-KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
+-KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,)
+-KBUILD_CFLAGS += $(call cc-disable-warning, unused-variable)
+-KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier)
+-KBUILD_CFLAGS += $(call cc-disable-warning, gnu)
+-KBUILD_CFLAGS += $(call cc-disable-warning, address-of-packed-member)
+-# Quiet clang warning: comparison of unsigned expression < 0 is always false
+-KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare)
+-# CLANG uses a _MergedGlobals as optimization, but this breaks modpost, as the
+-# source of a reference will be _MergedGlobals and not on of the whitelisted names.
+-# See modpost pattern 2
+-KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,)
+-KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior)
+-KBUILD_CFLAGS += $(call cc-option, -no-integrated-as)
+-KBUILD_AFLAGS += $(call cc-option, -no-integrated-as)
+-else
+-
+-# These warnings generated too much noise in a regular build.
+-# Use make W=1 to enable them (see scripts/Makefile.extrawarn)
+-KBUILD_CFLAGS += $(call cc-disable-warning, unused-but-set-variable)
+-KBUILD_CFLAGS += $(call cc-disable-warning, unused-const-variable)
+-endif
+-
+ ifdef CONFIG_FRAME_POINTER
+ KBUILD_CFLAGS += -fno-omit-frame-pointer -fno-optimize-sibling-calls
+ else
--- /dev/null
+From ca41b97ed9124fd62323a162de5852f6e28f94b8 Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Wed, 31 Jan 2018 10:18:28 +0100
+Subject: objtool: Add module specific retpoline rules
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit ca41b97ed9124fd62323a162de5852f6e28f94b8 upstream.
+
+David allowed retpolines in .init.text, except for modules, which will
+trip up objtool retpoline validation, fix that.
+
+Requested-by: David Woodhouse <dwmw2@infradead.org>
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Arjan van de Ven <arjan@linux.intel.com>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dan Williams <dan.j.williams@intel.com>
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Cc: David Woodhouse <dwmw2@infradead.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ scripts/Makefile.build | 2 ++
+ tools/objtool/builtin-check.c | 3 ++-
+ tools/objtool/builtin.h | 2 +-
+ tools/objtool/check.c | 9 +++++++++
+ 4 files changed, 14 insertions(+), 2 deletions(-)
+
+--- a/scripts/Makefile.build
++++ b/scripts/Makefile.build
+@@ -261,6 +261,8 @@ __objtool_obj := $(objtree)/tools/objtoo
+
+ objtool_args = $(if $(CONFIG_UNWINDER_ORC),orc generate,check)
+
++objtool_args += $(if $(part-of-module), --module,)
++
+ ifndef CONFIG_FRAME_POINTER
+ objtool_args += --no-fp
+ endif
+--- a/tools/objtool/builtin-check.c
++++ b/tools/objtool/builtin-check.c
+@@ -29,7 +29,7 @@
+ #include "builtin.h"
+ #include "check.h"
+
+-bool no_fp, no_unreachable, retpoline;
++bool no_fp, no_unreachable, retpoline, module;
+
+ static const char * const check_usage[] = {
+ "objtool check [<options>] file.o",
+@@ -40,6 +40,7 @@ const struct option check_options[] = {
+ OPT_BOOLEAN('f', "no-fp", &no_fp, "Skip frame pointer validation"),
+ OPT_BOOLEAN('u', "no-unreachable", &no_unreachable, "Skip 'unreachable instruction' warnings"),
+ OPT_BOOLEAN('r', "retpoline", &retpoline, "Validate retpoline assumptions"),
++ OPT_BOOLEAN('m', "module", &module, "Indicates the object will be part of a kernel module"),
+ OPT_END(),
+ };
+
+--- a/tools/objtool/builtin.h
++++ b/tools/objtool/builtin.h
+@@ -20,7 +20,7 @@
+ #include <subcmd/parse-options.h>
+
+ extern const struct option check_options[];
+-extern bool no_fp, no_unreachable, retpoline;
++extern bool no_fp, no_unreachable, retpoline, module;
+
+ extern int cmd_check(int argc, const char **argv);
+ extern int cmd_orc(int argc, const char **argv);
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -1957,6 +1957,15 @@ static int validate_retpoline(struct obj
+ if (insn->retpoline_safe)
+ continue;
+
++ /*
++ * .init.text code is ran before userspace and thus doesn't
++ * strictly need retpolines, except for modules which are
++ * loaded late, they very much do need retpoline in their
++ * .init.text
++ */
++ if (!strcmp(insn->sec->name, ".init.text") && !module)
++ continue;
++
+ WARN_FUNC("indirect %s found in RETPOLINE build",
+ insn->sec, insn->offset,
+ insn->type == INSN_JUMP_DYNAMIC ? "jump" : "call");
--- /dev/null
+From b5bc2231b8ad4387c9641f235ca0ad8cd300b6df Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Tue, 16 Jan 2018 10:24:06 +0100
+Subject: objtool: Add retpoline validation
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit b5bc2231b8ad4387c9641f235ca0ad8cd300b6df upstream.
+
+David requested a objtool validation pass for CONFIG_RETPOLINE=y enabled
+builds, where it validates no unannotated indirect jumps or calls are
+left.
+
+Add an additional .discard.retpoline_safe section to allow annotating
+the few indirect sites that are required and safe.
+
+Requested-by: David Woodhouse <dwmw2@infradead.org>
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Arjan van de Ven <arjan@linux.intel.com>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dan Williams <dan.j.williams@intel.com>
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ scripts/Makefile.build | 4 +
+ tools/objtool/builtin-check.c | 3 -
+ tools/objtool/builtin.h | 2
+ tools/objtool/check.c | 86 +++++++++++++++++++++++++++++++++++++++++-
+ tools/objtool/check.h | 1
+ 5 files changed, 93 insertions(+), 3 deletions(-)
+
+--- a/scripts/Makefile.build
++++ b/scripts/Makefile.build
+@@ -269,6 +269,10 @@ objtool_args += --no-unreachable
+ else
+ objtool_args += $(call cc-ifversion, -lt, 0405, --no-unreachable)
+ endif
++ifdef CONFIG_RETPOLINE
++ objtool_args += --retpoline
++endif
++
+
+ ifdef CONFIG_MODVERSIONS
+ objtool_o = $(@D)/.tmp_$(@F)
+--- a/tools/objtool/builtin-check.c
++++ b/tools/objtool/builtin-check.c
+@@ -29,7 +29,7 @@
+ #include "builtin.h"
+ #include "check.h"
+
+-bool no_fp, no_unreachable;
++bool no_fp, no_unreachable, retpoline;
+
+ static const char * const check_usage[] = {
+ "objtool check [<options>] file.o",
+@@ -39,6 +39,7 @@ static const char * const check_usage[]
+ const struct option check_options[] = {
+ OPT_BOOLEAN('f', "no-fp", &no_fp, "Skip frame pointer validation"),
+ OPT_BOOLEAN('u', "no-unreachable", &no_unreachable, "Skip 'unreachable instruction' warnings"),
++ OPT_BOOLEAN('r', "retpoline", &retpoline, "Validate retpoline assumptions"),
+ OPT_END(),
+ };
+
+--- a/tools/objtool/builtin.h
++++ b/tools/objtool/builtin.h
+@@ -20,7 +20,7 @@
+ #include <subcmd/parse-options.h>
+
+ extern const struct option check_options[];
+-extern bool no_fp, no_unreachable;
++extern bool no_fp, no_unreachable, retpoline;
+
+ extern int cmd_check(int argc, const char **argv);
+ extern int cmd_orc(int argc, const char **argv);
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -496,6 +496,7 @@ static int add_jump_destinations(struct
+ * disguise, so convert them accordingly.
+ */
+ insn->type = INSN_JUMP_DYNAMIC;
++ insn->retpoline_safe = true;
+ continue;
+ } else {
+ /* sibling call */
+@@ -547,7 +548,8 @@ static int add_call_destinations(struct
+ if (!insn->call_dest && !insn->ignore) {
+ WARN_FUNC("unsupported intra-function call",
+ insn->sec, insn->offset);
+- WARN("If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE.");
++ if (retpoline)
++ WARN("If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE.");
+ return -1;
+ }
+
+@@ -1107,6 +1109,54 @@ static int read_unwind_hints(struct objt
+ return 0;
+ }
+
++static int read_retpoline_hints(struct objtool_file *file)
++{
++ struct section *sec, *relasec;
++ struct instruction *insn;
++ struct rela *rela;
++ int i;
++
++ sec = find_section_by_name(file->elf, ".discard.retpoline_safe");
++ if (!sec)
++ return 0;
++
++ relasec = sec->rela;
++ if (!relasec) {
++ WARN("missing .rela.discard.retpoline_safe section");
++ return -1;
++ }
++
++ if (sec->len % sizeof(unsigned long)) {
++ WARN("retpoline_safe size mismatch: %d %ld", sec->len, sizeof(unsigned long));
++ return -1;
++ }
++
++ for (i = 0; i < sec->len / sizeof(unsigned long); i++) {
++ rela = find_rela_by_dest(sec, i * sizeof(unsigned long));
++ if (!rela) {
++ WARN("can't find rela for retpoline_safe[%d]", i);
++ return -1;
++ }
++
++ insn = find_insn(file, rela->sym->sec, rela->addend);
++ if (!insn) {
++ WARN("can't find insn for retpoline_safe[%d]", i);
++ return -1;
++ }
++
++ if (insn->type != INSN_JUMP_DYNAMIC &&
++ insn->type != INSN_CALL_DYNAMIC) {
++ WARN_FUNC("retpoline_safe hint not a indirect jump/call",
++ insn->sec, insn->offset);
++ return -1;
++ }
++
++ insn->retpoline_safe = true;
++ }
++
++ return 0;
++}
++
+ static int decode_sections(struct objtool_file *file)
+ {
+ int ret;
+@@ -1145,6 +1195,10 @@ static int decode_sections(struct objtoo
+ if (ret)
+ return ret;
+
++ ret = read_retpoline_hints(file);
++ if (ret)
++ return ret;
++
+ return 0;
+ }
+
+@@ -1890,6 +1944,29 @@ static int validate_unwind_hints(struct
+ return warnings;
+ }
+
++static int validate_retpoline(struct objtool_file *file)
++{
++ struct instruction *insn;
++ int warnings = 0;
++
++ for_each_insn(file, insn) {
++ if (insn->type != INSN_JUMP_DYNAMIC &&
++ insn->type != INSN_CALL_DYNAMIC)
++ continue;
++
++ if (insn->retpoline_safe)
++ continue;
++
++ WARN_FUNC("indirect %s found in RETPOLINE build",
++ insn->sec, insn->offset,
++ insn->type == INSN_JUMP_DYNAMIC ? "jump" : "call");
++
++ warnings++;
++ }
++
++ return warnings;
++}
++
+ static bool is_kasan_insn(struct instruction *insn)
+ {
+ return (insn->type == INSN_CALL &&
+@@ -2050,6 +2127,13 @@ int check(const char *_objname, bool orc
+ if (list_empty(&file.insn_list))
+ goto out;
+
++ if (retpoline) {
++ ret = validate_retpoline(&file);
++ if (ret < 0)
++ return ret;
++ warnings += ret;
++ }
++
+ ret = validate_functions(&file);
+ if (ret < 0)
+ goto out;
+--- a/tools/objtool/check.h
++++ b/tools/objtool/check.h
+@@ -45,6 +45,7 @@ struct instruction {
+ unsigned char type;
+ unsigned long immediate;
+ bool alt_group, visited, dead_end, ignore, hint, save, restore, ignore_alts;
++ bool retpoline_safe;
+ struct symbol *call_dest;
+ struct instruction *jump_dest;
+ struct instruction *first_jump_src;
--- /dev/null
+From 63474dc4ac7ed3848a4786b9592dd061901f606d Mon Sep 17 00:00:00 2001
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+Date: Tue, 6 Mar 2018 17:58:15 -0600
+Subject: objtool: Fix 32-bit build
+
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+
+commit 63474dc4ac7ed3848a4786b9592dd061901f606d upstream.
+
+Fix the objtool build when cross-compiling a 64-bit kernel on a 32-bit
+host. This also simplifies read_retpoline_hints() a bit and makes its
+implementation similar to most of the other annotation reading
+functions.
+
+Reported-by: Sven Joachim <svenjoac@gmx.de>
+Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Thomas Gleixner <tglx@linutronix.de>
+Fixes: b5bc2231b8ad ("objtool: Add retpoline validation")
+Link: http://lkml.kernel.org/r/2ca46c636c23aa9c9d57d53c75de4ee3ddf7a7df.1520380691.git.jpoimboe@redhat.com
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/objtool/check.c | 27 +++++++--------------------
+ 1 file changed, 7 insertions(+), 20 deletions(-)
+
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -1115,42 +1115,29 @@ static int read_unwind_hints(struct objt
+
+ static int read_retpoline_hints(struct objtool_file *file)
+ {
+- struct section *sec, *relasec;
++ struct section *sec;
+ struct instruction *insn;
+ struct rela *rela;
+- int i;
+
+- sec = find_section_by_name(file->elf, ".discard.retpoline_safe");
++ sec = find_section_by_name(file->elf, ".rela.discard.retpoline_safe");
+ if (!sec)
+ return 0;
+
+- relasec = sec->rela;
+- if (!relasec) {
+- WARN("missing .rela.discard.retpoline_safe section");
+- return -1;
+- }
+-
+- if (sec->len % sizeof(unsigned long)) {
+- WARN("retpoline_safe size mismatch: %d %ld", sec->len, sizeof(unsigned long));
+- return -1;
+- }
+-
+- for (i = 0; i < sec->len / sizeof(unsigned long); i++) {
+- rela = find_rela_by_dest(sec, i * sizeof(unsigned long));
+- if (!rela) {
+- WARN("can't find rela for retpoline_safe[%d]", i);
++ list_for_each_entry(rela, &sec->rela_list, list) {
++ if (rela->sym->type != STT_SECTION) {
++ WARN("unexpected relocation symbol type in %s", sec->name);
+ return -1;
+ }
+
+ insn = find_insn(file, rela->sym->sec, rela->addend);
+ if (!insn) {
+- WARN("can't find insn for retpoline_safe[%d]", i);
++ WARN("bad .discard.retpoline_safe entry");
+ return -1;
+ }
+
+ if (insn->type != INSN_JUMP_DYNAMIC &&
+ insn->type != INSN_CALL_DYNAMIC) {
+- WARN_FUNC("retpoline_safe hint not a indirect jump/call",
++ WARN_FUNC("retpoline_safe hint not an indirect jump/call",
+ insn->sec, insn->offset);
+ return -1;
+ }
--- /dev/null
+From 1402fd8ed7e5bda1b3e7613b70780b0db392d1e6 Mon Sep 17 00:00:00 2001
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+Date: Wed, 28 Feb 2018 07:19:21 -0600
+Subject: objtool: Fix another switch table detection issue
+
+From: Josh Poimboeuf <jpoimboe@redhat.com>
+
+commit 1402fd8ed7e5bda1b3e7613b70780b0db392d1e6 upstream.
+
+Continue the switch table detection whack-a-mole. Add a check to
+distinguish KASAN data reads from switch data reads. The switch jump
+tables in .rodata have relocations associated with them.
+
+This fixes the following warning:
+
+ crypto/asymmetric_keys/x509_cert_parser.o: warning: objtool: x509_note_pkey_algo()+0xa4: sibling call from callable instruction with modified stack frame
+
+Reported-by: Arnd Bergmann <arnd@arndb.de>
+Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Tested-by: Arnd Bergmann <arnd@arndb.de>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Link: https://lkml.kernel.org/r/d7c8853022ad47d158cb81e953a40469fc08a95e.1519784382.git.jpoimboe@redhat.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/objtool/check.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -924,7 +924,11 @@ static struct rela *find_switch_table(st
+ if (find_symbol_containing(file->rodata, text_rela->addend))
+ continue;
+
+- return find_rela_by_dest(file->rodata, text_rela->addend);
++ rodata_rela = find_rela_by_dest(file->rodata, text_rela->addend);
++ if (!rodata_rela)
++ continue;
++
++ return rodata_rela;
+ }
+
+ return NULL;
--- /dev/null
+From d5028ba8ee5a18c9d0bb926d883c28b370f89009 Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Tue, 6 Feb 2018 09:46:13 +0100
+Subject: objtool, retpolines: Integrate objtool with retpoline support more closely
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit d5028ba8ee5a18c9d0bb926d883c28b370f89009 upstream.
+
+Disable retpoline validation in objtool if your compiler sucks, and otherwise
+select the validation stuff for CONFIG_RETPOLINE=y (most builds would already
+have it set due to ORC).
+
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Arjan van de Ven <arjan@linux.intel.com>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dan Williams <dan.j.williams@intel.com>
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Cc: David Woodhouse <dwmw2@infradead.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Makefile | 5 +++++
+ arch/x86/Kconfig | 1 +
+ arch/x86/Makefile | 10 +++-------
+ scripts/Makefile.build | 2 ++
+ 4 files changed, 11 insertions(+), 7 deletions(-)
+
+--- a/Makefile
++++ b/Makefile
+@@ -494,6 +494,11 @@ KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG
+ KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC)
+ endif
+
++RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register
++RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk
++RETPOLINE_CFLAGS := $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG)))
++export RETPOLINE_CFLAGS
++
+ ifeq ($(config-targets),1)
+ # ===========================================================================
+ # *config targets only - make sure prerequisites are updated, and descend
+--- a/arch/x86/Kconfig
++++ b/arch/x86/Kconfig
+@@ -431,6 +431,7 @@ config GOLDFISH
+ config RETPOLINE
+ bool "Avoid speculative indirect branches in kernel"
+ default y
++ select STACK_VALIDATION if HAVE_STACK_VALIDATION
+ help
+ Compile kernel with the retpoline compiler options to guard against
+ kernel-to-user data leaks by avoiding speculative indirect
+--- a/arch/x86/Makefile
++++ b/arch/x86/Makefile
+@@ -232,13 +232,9 @@ KBUILD_CFLAGS += -fno-asynchronous-unwin
+
+ # Avoid indirect branches in kernel to deal with Spectre
+ ifdef CONFIG_RETPOLINE
+- RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register
+- RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk
+-
+- RETPOLINE_CFLAGS += $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG)))
+- ifneq ($(RETPOLINE_CFLAGS),)
+- KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
+- endif
++ifneq ($(RETPOLINE_CFLAGS),)
++ KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
++endif
+ endif
+
+ archscripts: scripts_basic
+--- a/scripts/Makefile.build
++++ b/scripts/Makefile.build
+@@ -272,8 +272,10 @@ else
+ objtool_args += $(call cc-ifversion, -lt, 0405, --no-unreachable)
+ endif
+ ifdef CONFIG_RETPOLINE
++ifneq ($(RETPOLINE_CFLAGS),)
+ objtool_args += --retpoline
+ endif
++endif
+
+
+ ifdef CONFIG_MODVERSIONS
--- /dev/null
+From 43a4525f80534530077683f6472d8971646b0ace Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Tue, 16 Jan 2018 17:16:32 +0100
+Subject: objtool: Use existing global variables for options
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit 43a4525f80534530077683f6472d8971646b0ace upstream.
+
+Use the existing global variables instead of passing them around and
+creating duplicate global variables.
+
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Arjan van de Ven <arjan@linux.intel.com>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Dan Williams <dan.j.williams@intel.com>
+Cc: Dave Hansen <dave.hansen@linux.intel.com>
+Cc: David Woodhouse <dwmw2@infradead.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/objtool/builtin-check.c | 2 +-
+ tools/objtool/builtin-orc.c | 6 +-----
+ tools/objtool/builtin.h | 5 +++++
+ tools/objtool/check.c | 5 ++---
+ tools/objtool/check.h | 2 +-
+ 5 files changed, 10 insertions(+), 10 deletions(-)
+
+--- a/tools/objtool/builtin-check.c
++++ b/tools/objtool/builtin-check.c
+@@ -53,5 +53,5 @@ int cmd_check(int argc, const char **arg
+
+ objname = argv[0];
+
+- return check(objname, no_fp, no_unreachable, false);
++ return check(objname, false);
+ }
+--- a/tools/objtool/builtin-orc.c
++++ b/tools/objtool/builtin-orc.c
+@@ -25,7 +25,6 @@
+ */
+
+ #include <string.h>
+-#include <subcmd/parse-options.h>
+ #include "builtin.h"
+ #include "check.h"
+
+@@ -36,9 +35,6 @@ static const char *orc_usage[] = {
+ NULL,
+ };
+
+-extern const struct option check_options[];
+-extern bool no_fp, no_unreachable;
+-
+ int cmd_orc(int argc, const char **argv)
+ {
+ const char *objname;
+@@ -54,7 +50,7 @@ int cmd_orc(int argc, const char **argv)
+
+ objname = argv[0];
+
+- return check(objname, no_fp, no_unreachable, true);
++ return check(objname, true);
+ }
+
+ if (!strcmp(argv[0], "dump")) {
+--- a/tools/objtool/builtin.h
++++ b/tools/objtool/builtin.h
+@@ -17,6 +17,11 @@
+ #ifndef _BUILTIN_H
+ #define _BUILTIN_H
+
++#include <subcmd/parse-options.h>
++
++extern const struct option check_options[];
++extern bool no_fp, no_unreachable;
++
+ extern int cmd_check(int argc, const char **argv);
+ extern int cmd_orc(int argc, const char **argv);
+
+--- a/tools/objtool/check.c
++++ b/tools/objtool/check.c
+@@ -18,6 +18,7 @@
+ #include <string.h>
+ #include <stdlib.h>
+
++#include "builtin.h"
+ #include "check.h"
+ #include "elf.h"
+ #include "special.h"
+@@ -33,7 +34,6 @@ struct alternative {
+ };
+
+ const char *objname;
+-static bool no_fp;
+ struct cfi_state initial_func_cfi;
+
+ struct instruction *find_insn(struct objtool_file *file,
+@@ -2021,13 +2021,12 @@ static void cleanup(struct objtool_file
+ elf_close(file->elf);
+ }
+
+-int check(const char *_objname, bool _no_fp, bool no_unreachable, bool orc)
++int check(const char *_objname, bool orc)
+ {
+ struct objtool_file file;
+ int ret, warnings = 0;
+
+ objname = _objname;
+- no_fp = _no_fp;
+
+ file.elf = elf_open(objname, orc ? O_RDWR : O_RDONLY);
+ if (!file.elf)
+--- a/tools/objtool/check.h
++++ b/tools/objtool/check.h
+@@ -63,7 +63,7 @@ struct objtool_file {
+ bool ignore_unreachables, c_file, hints;
+ };
+
+-int check(const char *objname, bool no_fp, bool no_unreachable, bool orc);
++int check(const char *objname, bool orc);
+
+ struct instruction *find_insn(struct objtool_file *file,
+ struct section *sec, unsigned long offset);
x86-paravirt-objtool-annotate-indirect-calls.patch
x86-boot-objtool-annotate-indirect-jump-in-secondary_startup_64.patch
x86-mm-sme-objtool-annotate-indirect-call-in-sme_encrypt_execute.patch
+objtool-use-existing-global-variables-for-options.patch
+objtool-add-retpoline-validation.patch
+kbuild-re-order-the-code-to-not-parse-unnecessary-variables.patch
+kbuild-set-kbuild_cflags-before-incl.-arch-makefile.patch
+kbuild-move-cc-option-and-cc-disable-warning-after-incl.-arch-makefile.patch
+objtool-add-module-specific-retpoline-rules.patch
+objtool-retpolines-integrate-objtool-with-retpoline-support-more-closely.patch
+objtool-fix-another-switch-table-detection-issue.patch
+objtool-fix-32-bit-build.patch
+x86-kprobes-fix-kernel-crash-when-probing-.entry_trampoline-code.patch
--- /dev/null
+From c07a8f8b08ba683ea24f3ac9159f37ae94daf47f Mon Sep 17 00:00:00 2001
+From: Francis Deslauriers <francis.deslauriers@efficios.com>
+Date: Thu, 8 Mar 2018 22:18:12 -0500
+Subject: x86/kprobes: Fix kernel crash when probing .entry_trampoline code
+
+From: Francis Deslauriers <francis.deslauriers@efficios.com>
+
+commit c07a8f8b08ba683ea24f3ac9159f37ae94daf47f upstream.
+
+Disable the kprobe probing of the entry trampoline:
+
+.entry_trampoline is a code area that is used to ensure page table
+isolation between userspace and kernelspace.
+
+At the beginning of the execution of the trampoline, we load the
+kernel's CR3 register. This has the effect of enabling the translation
+of the kernel virtual addresses to physical addresses. Before this
+happens most kernel addresses can not be translated because the running
+process' CR3 is still used.
+
+If a kprobe is placed on the trampoline code before that change of the
+CR3 register happens the kernel crashes because int3 handling pages are
+not accessible.
+
+To fix this, add the .entry_trampoline section to the kprobe blacklist
+to prohibit the probing of code before all the kernel pages are
+accessible.
+
+Signed-off-by: Francis Deslauriers <francis.deslauriers@efficios.com>
+Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
+Cc: Andy Lutomirski <luto@kernel.org>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Brian Gerst <brgerst@gmail.com>
+Cc: Denys Vlasenko <dvlasenk@redhat.com>
+Cc: H. Peter Anvin <hpa@zytor.com>
+Cc: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: mathieu.desnoyers@efficios.com
+Cc: mhiramat@kernel.org
+Link: http://lkml.kernel.org/r/1520565492-4637-2-git-send-email-francis.deslauriers@efficios.com
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/include/asm/sections.h | 1 +
+ arch/x86/kernel/kprobes/core.c | 10 +++++++++-
+ arch/x86/kernel/vmlinux.lds.S | 2 ++
+ 3 files changed, 12 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/include/asm/sections.h
++++ b/arch/x86/include/asm/sections.h
+@@ -10,6 +10,7 @@ extern struct exception_table_entry __st
+
+ #if defined(CONFIG_X86_64)
+ extern char __end_rodata_hpage_align[];
++extern char __entry_trampoline_start[], __entry_trampoline_end[];
+ #endif
+
+ #endif /* _ASM_X86_SECTIONS_H */
+--- a/arch/x86/kernel/kprobes/core.c
++++ b/arch/x86/kernel/kprobes/core.c
+@@ -1149,10 +1149,18 @@ NOKPROBE_SYMBOL(longjmp_break_handler);
+
+ bool arch_within_kprobe_blacklist(unsigned long addr)
+ {
++ bool is_in_entry_trampoline_section = false;
++
++#ifdef CONFIG_X86_64
++ is_in_entry_trampoline_section =
++ (addr >= (unsigned long)__entry_trampoline_start &&
++ addr < (unsigned long)__entry_trampoline_end);
++#endif
+ return (addr >= (unsigned long)__kprobes_text_start &&
+ addr < (unsigned long)__kprobes_text_end) ||
+ (addr >= (unsigned long)__entry_text_start &&
+- addr < (unsigned long)__entry_text_end);
++ addr < (unsigned long)__entry_text_end) ||
++ is_in_entry_trampoline_section;
+ }
+
+ int __init arch_init_kprobes(void)
+--- a/arch/x86/kernel/vmlinux.lds.S
++++ b/arch/x86/kernel/vmlinux.lds.S
+@@ -118,9 +118,11 @@ SECTIONS
+
+ #ifdef CONFIG_X86_64
+ . = ALIGN(PAGE_SIZE);
++ VMLINUX_SYMBOL(__entry_trampoline_start) = .;
+ _entry_trampoline = .;
+ *(.entry_trampoline)
+ . = ALIGN(PAGE_SIZE);
++ VMLINUX_SYMBOL(__entry_trampoline_end) = .;
+ ASSERT(. - _entry_trampoline == PAGE_SIZE, "entry trampoline is too big");
+ #endif
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
