From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752817AbeA0Nkt (ORCPT ); Sat, 27 Jan 2018 08:40:49 -0500 Received: from mail.skyhub.de ([5.9.137.197]:49740 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752556AbeA0Nkr (ORCPT ); Sat, 27 Jan 2018 08:40:47 -0500 Date: Sat, 27 Jan 2018 14:40:33 +0100 From: Borislav Petkov To: tglx@linutronix.de, hpa@zytor.com, linux-kernel@vger.kernel.org, ak@linux.intel.com, mingo@kernel.org, dwmw2@infradead.org Cc: linux-tip-commits@vger.kernel.org Subject: Re: [tip:x86/pti] module/retpoline: Warn about missing retpoline in module Message-ID: <20180127134033.vmesim52s5hqh4hp@pd.tnic> References: <20180125235028.31211-1-andi@firstfloor.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 26, 2018 at 06:59:06AM -0800, tip-bot for Andi Kleen wrote: > Commit-ID: caf7501a1b4ec964190f31f9c3f163de252273b8 > Gitweb: https://git.kernel.org/tip/caf7501a1b4ec964190f31f9c3f163de252273b8 > Author: Andi Kleen > AuthorDate: Thu, 25 Jan 2018 15:50:28 -0800 > Committer: Thomas Gleixner > CommitDate: Fri, 26 Jan 2018 15:03:56 +0100 > > module/retpoline: Warn about missing retpoline in module > > There's a risk that a kernel which has full retpoline mitigations becomes > vulnerable when a module gets loaded that hasn't been compiled with the > right compiler or the right option. > > To enable detection of that mismatch at module load time, add a module info > string "retpoline" at build time when the module was compiled with > retpoline support. This only covers compiled C source, but assembler source > or prebuilt object files are not checked. > > If a retpoline enabled kernel detects a non retpoline protected module at > load time, print a warning and report it in the sysfs vulnerability file. > > [ tglx: Massaged changelog ] > > Signed-off-by: Andi Kleen > Signed-off-by: Thomas Gleixner > Cc: David Woodhouse > Cc: gregkh@linuxfoundation.org > Cc: torvalds@linux-foundation.org > Cc: jeyu@kernel.org > Cc: arjan@linux.intel.com > Link: https://lkml.kernel.org/r/20180125235028.31211-1-andi@firstfloor.org > --- > arch/x86/kernel/cpu/bugs.c | 17 ++++++++++++++++- > include/linux/module.h | 9 +++++++++ > kernel/module.c | 11 +++++++++++ > scripts/mod/modpost.c | 9 +++++++++ > 4 files changed, 45 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c > index 390b3dc..4a39d7b 100644 > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -11,6 +11,7 @@ > #include > #include > #include > +#include > > #include > #include > @@ -93,6 +94,19 @@ static const char *spectre_v2_strings[] = { > #define pr_fmt(fmt) "Spectre V2 mitigation: " fmt > > static enum spectre_v2_mitigation spectre_v2_enabled = SPECTRE_V2_NONE; > +static bool spectre_v2_bad_module; allnoconfig says: arch/x86/kernel/cpu/bugs.c:97:13: warning: ‘spectre_v2_bad_module’ defined but not used [-Wunused-variable] static bool spectre_v2_bad_module; ^ -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.