Re: [PATCH v2 1/2] retpolines: Only enable retpoline support when compiler support it
From: Thomas Gleixner
Date: Thu Nov 01 2018 - 08:18:11 EST
On Thu, 1 Nov 2018, Woodhouse, David wrote:
> On Thu, 2018-11-01 at 10:50 +0100, Ingo Molnar wrote:
> > * Zhenzhong Duan <zhenzhong.duan@xxxxxxxxxx> wrote:
> >
> > > Since retpoline capable compilers are widely available, make
> > > CONFIG_RETPOLINE hard depend on it.
> > >
> > > The check of RETPOLINE is changed to CONFIG_RETPOLINE.
> > >
> > > This change is based on suggestion in https://lkml.org/lkml/2018/9/18/1016
> > >
> > > Signed-off-by: Zhenzhong Duan <zhenzhong.duan@xxxxxxxxxx>
> > > Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> > > Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
> >
> > Please turn such 'based on suggestions' into proper tags as well, i.e.
> > something like:
> >
> > Suggested-by: David Woodhouse <dwmw2@xxxxxxxxxxxxx>
>
> I think the suggestion came from PeterZ; I just acked it.
>
> Although on furthe reflection, I think I'd prefer a build break if
> retpoline is enabled in the kernel config and the compiler doesn't
> support it. This patch would make it silently fail to be secure.
Agreed.
Thanks,
tglx