Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2627400imm; Thu, 16 Aug 2018 12:42:53 -0700 (PDT) X-Google-Smtp-Source: AA+uWPxwmpnkOoOJngkyMzokZ2RG5x3P91zJ7YpcPLYMzHGRPlCI25MN75Xh0bQyb9SoQXZlTiCK X-Received: by 2002:a63:460d:: with SMTP id t13-v6mr27569973pga.201.1534448573119; Thu, 16 Aug 2018 12:42:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534448573; cv=none; d=google.com; s=arc-20160816; b=Q6uZ7Bo7WdAdEMXdZkt14GRpH6bqol9ESWDIRMdLp2Td1EZJHK+SEo1+v4ZRGKqU5T 0eqRXRpa3829j62wnADyvr2jkOHG/PSu/5p7deSSqDhHVGuCNS7nuqZhIZqrotoRztTs ZS26lTWuEt7oe0Hel0Tf9l4yEZleCIRXuAlDPq9i95bvXSAd98UiKa4wyL6Y9FWD/wmm OSzVFEBThBz+ucnX0aJHQ/vMGbRwJpEGyPNZtpy+F/Jz3upmxHC0nbhcBUoQYlzTRfRq 7wnWESpAZDM67SQuKAdVY4yFwHsWgGbENo3qATl7S0Up5TjVKOxCz8pwk+yCjui9ZQZt zRcg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature:arc-authentication-results; bh=DieVYPKIPmjaSqMBFaKwZPv41ZmTG7DcbvmvCVYGxoE=; b=luX3RuTwdFuf14/chiX5zO2KSkBwmR46+L5VGJn6DUZEdUwh4c4chXd9CyxpJC2cHU UwdmJ5SDTsdEmLKMJ5POLTNrifpR4Gf/yeLCL73F5VP7pq5+WkWE0E6821jcBrRQbLN7 x1wYZaq26UUkuFyoq7UkmgZnTdV+UQ8/0yoKYGhFtzXHICReIHV9jubHuQBdB1pd76U5 EYT6q4SR4nigAoS1j1LpA18fqqNp1kuWzHhUr5Ksgf/dPkhyUSMIh95aX7Cz6kq17BiS 6+N9QikKLvYjFb423ioBfHHk15p7eucZQ5HliAhKiiEhP5/SsXIz91JRpf9ekAfESuZ9 NPbg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=wYyP4nms; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k38-v6si156797pgi.147.2018.08.16.12.42.37; Thu, 16 Aug 2018 12:42:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=wYyP4nms; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726048AbeHPWlj (ORCPT + 99 others); Thu, 16 Aug 2018 18:41:39 -0400 Received: from mail.kernel.org ([198.145.29.99]:38270 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725783AbeHPWlj (ORCPT ); Thu, 16 Aug 2018 18:41:39 -0400 Received: from localhost (c-71-202-137-17.hsd1.ca.comcast.net [71.202.137.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 5135C20C10; Thu, 16 Aug 2018 19:41:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1534448476; bh=52MJWQI0s4ejBxIPr6daivsgW5lTHd5X1qbivVVNcLE=; h=From:To:Cc:Subject:Date:From; b=wYyP4nmsHhquOkGlztIBrE/9tQTd8qvbSqvorTDFYB8IvJ4L8EO0VUy2LfBZ7FBd4 pJserX+951ajSWnU3cso9DSJnKWVPnLCJhoOG5tYjuvX1x95cTTliJAIeuhg851G/7 zJOeVYzxVJbZ5F0Wz4I8H5oYTQaOUWKWTwJC/nm0= From: Andy Lutomirski To: x86@kernel.org, LKML Cc: Borislav Petkov , Andy Lutomirski , Matt Rickard , Jason Vas Dias , David Woodhouse , Peter Zijlstra , Andi Kleen Subject: [PATCH] x86/vdso: Fix vDSO build if a retpoline is emitted Date: Thu, 16 Aug 2018 12:41:15 -0700 Message-Id: X-Mailer: git-send-email 2.17.1 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Currently, if the vDSO ends up containing an indirect branch or call, GCC will emit the "external thunk" style of retpoline, and it will fail to link. Fix it by building the vDSO with inline retpoline thunks. I haven't seen any reports of this triggering on an unpatched kernel. Cc: Matt Rickard Cc: Jason Vas Dias Cc: David Woodhouse Cc: Peter Zijlstra Cc: Andi Kleen Fixes: commit 76b043848fd2 ("x86/retpoline: Add initial retpoline support") Signed-off-by: Andy Lutomirski --- This is a bit of a marginal candidate for the merge window. There are a couple of reports of people hitting this while hacking on the vDSO, but I haven't seen any report of anyone hitting this on a stock kernel. Feel free to tell me to buzz of and send it later :) Makefile | 4 ++++ arch/x86/entry/vdso/Makefile | 6 ++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index a0650bf79606..7bab2e90e4e1 100644 --- a/Makefile +++ b/Makefile @@ -507,9 +507,13 @@ KBUILD_AFLAGS += $(call cc-option, -no-integrated-as) endif RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register +RETPOLINE_VDSO_CFLAGS_GCC := -mindirect-branch=thunk-inline -mindirect-branch-register RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk +RETPOLINE_VDSO_CFLAGS_CLANG := -mretpoline RETPOLINE_CFLAGS := $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG))) +RETPOLINE_VDSO_CFLAGS := $(call cc-option,$(RETPOLINE_VDSO_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_VDSO_CFLAGS_CLANG))) export RETPOLINE_CFLAGS +export RETPOLINE_VDSO_CFLAGS KBUILD_CFLAGS += $(call cc-option,-fno-PIE) KBUILD_AFLAGS += $(call cc-option,-fno-PIE) diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index 9f695f517747..fa3f439f0a92 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -68,9 +68,9 @@ $(obj)/vdso-image-%.c: $(obj)/vdso%.so.dbg $(obj)/vdso%.so $(obj)/vdso2c FORCE CFL := $(PROFILING) -mcmodel=small -fPIC -O2 -fasynchronous-unwind-tables -m64 \ $(filter -g%,$(KBUILD_CFLAGS)) $(call cc-option, -fno-stack-protector) \ -fno-omit-frame-pointer -foptimize-sibling-calls \ - -DDISABLE_BRANCH_PROFILING -DBUILD_VDSO + -DDISABLE_BRANCH_PROFILING -DBUILD_VDSO $(RETPOLINE_VDSO_CFLAGS) -$(vobjs): KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS)) $(CFL) +$(vobjs): KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS) $(RETPOLINE_CFLAGS),$(KBUILD_CFLAGS)) $(CFL) # # vDSO code runs in userspace and -pg doesn't help with profiling anyway. @@ -132,11 +132,13 @@ KBUILD_CFLAGS_32 := $(filter-out -mcmodel=kernel,$(KBUILD_CFLAGS_32)) KBUILD_CFLAGS_32 := $(filter-out -fno-pic,$(KBUILD_CFLAGS_32)) KBUILD_CFLAGS_32 := $(filter-out -mfentry,$(KBUILD_CFLAGS_32)) KBUILD_CFLAGS_32 := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS_32)) +KBUILD_CFLAGS_32 := $(filter-out $(RETPOLINE_CFLAGS),$(KBUILD_CFLAGS_32)) KBUILD_CFLAGS_32 += -m32 -msoft-float -mregparm=0 -fpic KBUILD_CFLAGS_32 += $(call cc-option, -fno-stack-protector) KBUILD_CFLAGS_32 += $(call cc-option, -foptimize-sibling-calls) KBUILD_CFLAGS_32 += -fno-omit-frame-pointer KBUILD_CFLAGS_32 += -DDISABLE_BRANCH_PROFILING +KBUILD_CFLAGS_32 += $(RETPOLINE_VDSO_CFLAGS) $(obj)/vdso32.so.dbg: KBUILD_CFLAGS = $(KBUILD_CFLAGS_32) $(obj)/vdso32.so.dbg: FORCE \ -- 2.17.1