Received: by 2002:a05:7412:e794:b0:fa:551:50a7 with SMTP id o20csp539170rdd;
        Tue, 9 Jan 2024 11:32:00 -0800 (PST)
X-Google-Smtp-Source: AGHT+IHvAUS0CvvtdMe4PU0On/ob95dWFZp2nyDhi8ov/s68azL39TeMARpffkNNYEThpL1MVYZ/
X-Received: by 2002:ae9:c209:0:b0:783:25f0:a421 with SMTP id j9-20020ae9c209000000b0078325f0a421mr1508208qkg.21.1704828720258;
        Tue, 09 Jan 2024 11:32:00 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1704828720; cv=none;
        d=google.com; s=arc-20160816;
        b=EcRS3XmuUZqbnKCXdt9kd8j5LYE160TiWZXl/UWzADz8nAJLkGWTUZ7PSV3V6mNFkX
         dXIpwjhup3fUz46MVJI4OtRuZXEjrhS6i0x11hwfi4a6j9NitTPMH4ouBpb0WRp5vvM5
         jEe666Oc5C8Nua3sWzCQ+rWDPatRgEDqWZKA9ptkTQmu8hA6DbokwCR/G6gqsVvApWAd
         mdKTv1XpTv+C5e7EKbZ+hIZqWV6gHuqrc5lAl+STWMGGin7r/FvkV6y7n28xmRxnNCyW
         bxRKwf2SGcS4onOmQdVxdUubgIHnTW1+8edJW8NFQ69m8J4F5Z6gWiT94GL3d0UWXM8D
         J2rw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=n1QMitrhDYTGiRwpbMWjr966yx03VR6m4lrBRblMUCE=;
        fh=TTqq3/FhtxaSqNPejfemQN0PS+WfTlTJo0Hgz5zN8XQ=;
        b=OwIxMhzwu504I78+EWObYCi34LUlj/iwv9kPNfBKYoI2dPAv+aK+mNJLdQawtMFfKe
         m8zHnR+S2yI329sPUQA0BDYTRETSVuLggHP3CpHKOvIP8Rzuzyp18070EOfCKV9RUoOP
         7rUnCsHy+TBR3CwGOeHNE/fZrgljWuXGUSDWnIx4Rbp9SUbb1RT5B7ur+IPPLdK3LV6t
         UIu/t5Vu5YYUuckQVDC172p9C3lRMOcyb1NRX2r6yaCpKzpVjeGMEZYV/hGQGiWMVYjN
         t+8aT3xm8vjKLgIcOxHBoM9p4j1UwEx31Otzp2aCvSrWfmKGuc/2PX8vXwNIr+qKOkm2
         /BOQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=kQ+y5J++;
       spf=pass (google.com: domain of linux-kernel+bounces-21311-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21311-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel+bounces-21311-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
        by mx.google.com with ESMTPS id l4-20020a05620a210400b00781a1481946si2626420qkl.422.2024.01.09.11.32.00
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 09 Jan 2024 11:32:00 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-21311-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=kQ+y5J++;
       spf=pass (google.com: domain of linux-kernel+bounces-21311-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21311-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id CAD961C24908
	for <linux.lists.archive@gmail.com>; Tue,  9 Jan 2024 19:31:59 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id AC35E3D39A;
	Tue,  9 Jan 2024 19:31:54 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kQ+y5J++"
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id E07A93D386
	for <linux-kernel@vger.kernel.org>; Tue,  9 Jan 2024 19:31:53 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 36FEDC433C7;
	Tue,  9 Jan 2024 19:31:53 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1704828713;
	bh=DuKYBO+7w/uc0uTUCzs21KjanFoIiR9zDfYC6/3epKk=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=kQ+y5J++5lIKysrognLtCk1y9SKnX06Cu3DwizEQODrE63G8NAe2tSS/YyM3wKEEB
	 VApxUUSgVrzygzq2WPp8MltbGWee+lViP1Y+s0M2ImFoxVRSEsYIqfx87kjm2F7qLO
	 l8MmMpTLs/Mn2PbAkCqmEFYWkKOTvugukWXQAI5GGEKvpOa/f9DloA8AqHRXXpsBAe
	 Fd0MpmHfmFbhCz4xtAYXQ65TwLOZj6+2C9riQPOWOrV8MC68WawfUrdAs15ytjOQ8j
	 kEKdEbijsgITbzHaBmNtyCpAPE9w7vDjhk1YRLUoSkMDNdfq+WIZ2CcAUh/BD099Js
	 gZy9Eb4wT+UeQ==
Date: Tue, 9 Jan 2024 11:31:51 -0800
From: Josh Poimboeuf <jpoimboe@kernel.org>
To: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Cc: peterz@infradead.org, x86@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 2/3] objtool: make objtool SLS validation fatal when
 building with CONFIG_SLS=y
Message-ID: <20240109193151.nkmn5yfv24tfmodd@treble>
References: <20231213134303.2302285-1-dimitri.ledkov@canonical.com>
 <20231213134303.2302285-3-dimitri.ledkov@canonical.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20231213134303.2302285-3-dimitri.ledkov@canonical.com>

On Wed, Dec 13, 2023 at 01:43:01PM +0000, Dimitri John Ledkov wrote:
> Make objtool SLS validation fatal when building with CONFIG_SLS=y,
> currently it is a build.log warning only.
> 
> This is a standalone patch, such that if regressions are identified
> (with any config or toolchain configuration) it can be reverted until
> relevant identified code is fixed up or otherwise
> ignored/silecned/marked as safe.
> 
> Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
> ---
>  tools/objtool/check.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/tools/objtool/check.c b/tools/objtool/check.c
> index 15df4afae2..9709f037f1 100644
> --- a/tools/objtool/check.c
> +++ b/tools/objtool/check.c
> @@ -4500,7 +4500,9 @@ static int validate_sls(struct objtool_file *file)
>  		}
>  	}
>  
> -	return warnings;
> +	/* SLS is an optional security safety feature, make it fatal
> +	 * to ensure no new code is introduced that fails SLS */
> +	return -warnings;
>  }

I'm thinking this patch (and the next one) go too far, yet not far
enough :-)

Too far, because there are still some outstanding randconfig warnings
which need to be fixed.

Not far enough, because there are other warnings which might also have
disastrous effects.  For example, even the "unreachable warning" could
mean missing SLS or retpoline mitigations.

So I'm thinking we should try to get as many of the outstanding warnings
fixed as we can, and then flip the CONFIG_WERROR switch for all
non-fatal warnings.

-- 
Josh