Re: [PATCH 2/3] objtool: Ignore retpoline alternatives

[David Woodhouse]

On Thu, 2018-01-11 at 10:48 -0600, Josh Poimboeuf wrote:
> 
> The above macro is protected by '#ifdef RETPOLINE', and I seriously
> doubt 0-day is testing with an unreleased version of GCC. So you
> shouldn't see a 0-day warning.

It's actually #ifdef CONFIG_RETPOLINE isn't it?Â

If you enable CONFIG_RETPOLINE but don't have a new compiler, you still
get all the asm thunks (which are the easy-to-attack targets). Only if
you have a new compiler is RETPOLINE also set.

Also, the RSB stuffing we're looking at here is also needed for the
IBRS-based mitigation, so won't even be under CONFIG_RETPOLINE by the
time the IBRS patch set is beaten into shape on top. It'll probably be
unconditional unless we get a CONFIG_IBRS_SUPPORT (which hasn't been
suggested so far).
Â
> I think I heard that retpolines won't be ported to anything older than
> GCC 4.9, so maybe it's safe to use '%='. I don't remember when it was
> introduced into GCC though.

Hm. Peter? This is all your fault, right? Did you know you were making
us ditch compatibility for older GCC?

Precisely when *did* %= get added to GCC?

Note that we can also just resort to using .macro even from inline asm.
It just takes a rather icky asm(".include ..."). :)

Attachment: smime.p7s
Description: S/MIME cryptographic signature