Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751766AbeADAaK (ORCPT + 1 other); Wed, 3 Jan 2018 19:30:10 -0500 Received: from Galois.linutronix.de ([146.0.238.70]:40906 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751204AbeADAaJ (ORCPT ); Wed, 3 Jan 2018 19:30:09 -0500 Date: Thu, 4 Jan 2018 01:29:58 +0100 (CET) From: Thomas Gleixner To: Andi Kleen cc: tglx@linuxtronix.de, torvalds@linux-foundation.org, gregkh@linux-foundation.org, dwmw@amazon.co.uk, tim.c.chen@linux.intel.com, linux-kernel@vger.kernel.org, dave.hansen@intel.com, Andi Kleen Subject: Re: [PATCH 10/11] retpoline/taint: Taint kernel for missing retpoline in compiler In-Reply-To: <20180103230934.15788-11-andi@firstfloor.org> Message-ID: References: <20180103230934.15788-1-andi@firstfloor.org> <20180103230934.15788-11-andi@firstfloor.org> User-Agent: Alpine 2.20 (DEB 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Wed, 3 Jan 2018, Andi Kleen wrote: > unwind_init(); > + > +#ifndef RETPOLINE > + add_taint(TAINT_NO_RETPOLINE, LOCKDEP_STILL_OK); > + pr_warn("No support for retpoline in kernel compiler\n"); > + pr_warn("Kernel may be vulnerable to data leaks.\n"); That's blantantly wrong. The kernel is not vulnerable to data leaks. The hardware is. An that's what the CPU_BUG bit is for. If the mitigation is in place, activate the proper feature bit like we did with PTI Thanks, tglx