Re: [PATCH v3] retpoline: Add retpoline tag to VERMAGIC
From: Thomas Gleixner
Date: Wed Jan 17 2018 - 02:38:27 EST
On Tue, 16 Jan 2018, Andi Kleen wrote:
> On Tue, Jan 16, 2018 at 10:24:53PM +0100, Thomas Gleixner wrote:
> > On Tue, 16 Jan 2018, Andi Kleen wrote:
> >
> > > From: Andi Kleen <ak@xxxxxxxxxxxxxxx>
> > >
> > > Add a marker for retpoline to the module VERMAGIC. This catches
> > > the case when a non RETPOLINE compiled module gets loaded into
> > > a retpoline kernel, making it insecure.
> > >
> > > It doesn't handle the case when retpoline has been runtime disabled.
> > > Even in this case the match of the retcompile status will be enforced.
> > > This implies that even with retpoline run time disabled all modules
> > > loaded need to be recompiled.
> > >
> > > This supersedes an earlier patch that did the same checking using
> > > a new module tag (so it's really a v3)
> > >
> > > Signed-off-by: Andi Kleen <ak@xxxxxxxxxxxxxxx>
> >
> > Acked-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
>
> Thanks. Through which tree should this go?
> Or Linus, could you take it directly?
I can route it through x86/pti where I have still stuff to send linuswards.
Thanks,
tglx