Re: [PATCH 1/3] retpolines: Only enable retpoline when compiler support it

From: Zhenzhong Duan
Date: Wed Oct 31 2018 - 01:55:44 EST

Next message: Sibi Sankar: "Re: [PATCH] arm64: dts: qcom: sdm845: Add reserve-memory nodes"
Previous message: David Miller: "[PATCH RFC] perf: Go back to by-hand proc mmap parsing and kill timeout"
In reply to: Peter Zijlstra: "Re: [PATCH 1/3] retpolines: Only enable retpoline when compiler support it"
Next in thread: Peter Zijlstra: "Re: [PATCH 1/3] retpolines: Only enable retpoline when compiler support it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2018/10/30 18:09, Peter Zijlstra wrote:

On Tue, Oct 30, 2018 at 06:39:24PM +0900, Masahiro Yamada wrote:

Hi,

On Tue, Oct 30, 2018 at 3:57 PM Zhenzhong Duan
<zhenzhong.duan@xxxxxxxxxx> wrote:

Since retpoline capable compilers are widely available, make
CONFIG_RETPOLINE hard depend on it.

Change KBUILD to use CONFIG_RETPOLINE_SUPPORT to avoid conflict with
CONFIG_RETPOLINE which is used by kernel.

With all that stuff, the check of RETPOLINE is changed to
CONFIG_RETPOLINE.

This change is based on suggestion in https://lkml.org/lkml/2018/9/18/1016

Signed-off-by: Zhenzhong Duan <zhenzhong.duan@xxxxxxxxxx>
Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: Borislav Petkov <bp@xxxxxxx>
Cc: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Cc: David Woodhouse <dwmw@xxxxxxxxxxxx>
Cc: H. Peter Anvin <hpa@xxxxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxxxxx>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxx>
Cc: Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx>
Cc: Michal Marek <michal.lkml@xxxxxxxxxxx>
---

Instead of adding another CONFIG option,
does it make sense to add compiler support checks
to 'depends on' syntax ?

config RETPOLINE
bool "Avoid speculative indirect branches in kernel"
depends on $(cc-option,-mindirect-branch=thunk-extern
-mindirect-branch-register) || \
$(cc-option,-mretpoline-external-thunk)
default y
select STACK_VALIDATION if HAVE_STACK_VALIDATION

Looks better, thanks for suggestion.

That seems to be what we did for stackprotector, which is similar in
that it used to fail the build. So yes, this seems sane.

Should I add a scripts/gcc-x86_64-has-retpoline.sh like what stackprotector does as below or there is a simpler way?

config CC_HAS_SANE_STACKPROTECTOR
bool
default $(success,$(srctree)/scripts/gcc-x86_64-has-stack-protector.sh $(CC)) if 64BIT
default $(success,$(srctree)/scripts/gcc-x86_32-has-stack-protector.sh $(CC))
help
We have to make sure stack protector is unconditionally disabled if
the compiler produces broken code.

Thanks
Zhenzhong

Next message: Sibi Sankar: "Re: [PATCH] arm64: dts: qcom: sdm845: Add reserve-memory nodes"
Previous message: David Miller: "[PATCH RFC] perf: Go back to by-hand proc mmap parsing and kill timeout"
In reply to: Peter Zijlstra: "Re: [PATCH 1/3] retpolines: Only enable retpoline when compiler support it"
Next in thread: Peter Zijlstra: "Re: [PATCH 1/3] retpolines: Only enable retpoline when compiler support it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]