Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp166936imm; Thu, 7 Jun 2018 16:01:10 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKnrUlbH4a+d8uc0/gaGRr7sxwbwzWOGPhcDiNfbTZRZ1EB11ZMYFgePs//lxafwks27qHO X-Received: by 2002:a17:902:8509:: with SMTP id bj9-v6mr3945254plb.210.1528412470194; Thu, 07 Jun 2018 16:01:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528412470; cv=none; d=google.com; s=arc-20160816; b=rlmYvNmFFX/ZOqRDvJbh5ieiM9pjU/TbEUiC7efRSW7ar48Hazcby3sFsnYx3u6MnX tZF/SfcY9SgIcYGfuKUkq/QEpJ9YzX+PhughZhgyAXud93ZkFT4Cc4CqyyiOknjFLkC5 cvO8+BcoPM/EHfnRB+PNWWVK1lBgSlzPjLaBwhiXgBEgjrjlSRcAw4EHzMLUvaUwYPv5 dsqsTaKsSv7n3RzpDs0thd+Hp9rSlQfra52oqmDkcI8SYRXyVb974+pv07mfY5PGLLWm oGUabsP1gzpsYlQnMEtfKUlB2Gj2TRHPIgWQr/TsnggF+vmEVoFhiW5TMRG7vmc7QXw1 EUsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=FWAq++XUueCzT5J+BghOXqLoBcpWMMZfmuAhg/03S8Q=; b=eB1uWbmhMpDy4DleKu9Yb/qCiFTkRtezws4ZGNmr6vY1VuFY5lYBvkUIMWMxxG7F+Y 8DMaXFNGfQRen3BlFtWFmBjatiQRLxbm+/i7ahcL9k78dpxn1XIq1onwqj2Mw4hODbtS ZBLaxS1ZCbGXv84QpUIfFoKbpFZjaCcecIWrY9/1rrqXBnt6kF6yq2TZmYWN8I1funQt MiokkZJltep0G9eIwiT+OnEvSVk5hsGwyGiwUbLS6D/U6AdluS7VNRxumzSKzNZ0HWyJ BoBEUQrjwdWTuivGwKcbc/CkcfrISd4O1gnEOp2QTDT4OK326NjOUSYglG9o3UVrtwKk KXiQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=HSs3FBvN; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z190-v6si29479521pgd.646.2018.06.07.16.00.55; Thu, 07 Jun 2018 16:01:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=HSs3FBvN; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752235AbeFGXAY (ORCPT + 99 others); Thu, 7 Jun 2018 19:00:24 -0400 Received: from mail.kernel.org ([198.145.29.99]:33102 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751641AbeFGXAW (ORCPT ); Thu, 7 Jun 2018 19:00:22 -0400 Received: from mail-wm0-f51.google.com (mail-wm0-f51.google.com [74.125.82.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 77F97208AE for ; Thu, 7 Jun 2018 23:00:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1528412421; bh=X9mB3BMubu2rf2zG4I+wWVzfEh9NkrUASkflKEe3eKU=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=HSs3FBvNPF8CtlsxPgd+HfgcG/kLdlJZ8lis1FZstS+gJ6h4IEGNLIfSgV81kIRQu QJTOMP9XO/ErKvA/nDKyQ6c5HESs37ResONQ+/F+mYOvhtytGGd0GHah1PBl0ryQWQ /GM9UFK7PkU2SLPZ6viu5hz/k1tfg4fFo+dMZeug= Received: by mail-wm0-f51.google.com with SMTP id p126-v6so126226wmb.2 for ; Thu, 07 Jun 2018 16:00:21 -0700 (PDT) X-Gm-Message-State: APt69E1TKoF9e56Qw+bi6BdSw782/Bn4CTunw/rtdx5MxjHFrd7eXPCP w/ho/0C7xqwy+9WcUVaO49OH+zoIXLIYgg2EPpxO1w== X-Received: by 2002:a1c:dca:: with SMTP id 193-v6mr2713781wmn.36.1528412419860; Thu, 07 Jun 2018 16:00:19 -0700 (PDT) MIME-Version: 1.0 References: <20180607143855.3681-1-yu-cheng.yu@intel.com> <20180607143855.3681-6-yu-cheng.yu@intel.com> In-Reply-To: From: Andy Lutomirski Date: Thu, 7 Jun 2018 16:00:08 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 5/7] x86: Insert endbr32/endbr64 to vDSO To: "H. J. Lu" Cc: Andrew Lutomirski , Yu-cheng Yu , LKML , linux-doc@vger.kernel.org, Linux-MM , linux-arch , X86 ML , "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , "Shanbhogue, Vedvyas" , "Ravi V. Shankar" , Dave Hansen , Jonathan Corbet , Oleg Nesterov , Arnd Bergmann , mike.kravetz@oracle.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 7, 2018 at 3:03 PM H.J. Lu wrote: > > On Thu, Jun 7, 2018 at 1:50 PM, Andy Lutomirski wrote: > > On Thu, Jun 7, 2018 at 7:42 AM Yu-cheng Yu wrote: > >> > >> From: "H.J. Lu" > >> > >> When Intel indirect branch tracking is enabled, functions in vDSO which > >> may be called indirectly should have endbr32 or endbr64 as the first > >> instruction. We try to compile vDSO with -fcf-protection=branch -mibt > >> if possible. Otherwise, we insert endbr32 or endbr64 by hand to assembly > >> codes generated by the compiler. > > > > Wow, that's... a genuine abomination. Do we really need to support > > CET on kernels built with old toolchains? > > > > Yes. GCC 7 should be able to build CET kernel. > Why? Presumably people running distros that use CET are going to have kernels build with a CET-supporting compiler. If we really really need this patch, then I want some kind of assurance that selftests will catch the failure if something breaks it or a new vDSO entry point is added. But my inclination is to NAK this patch and let the distros carry it if they really really want it. As it stands, this sucks for maintainability.