From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: ACJfBosorHrKdne3CAFz7SHgKZVyioGb+yJnDT1IJeHzVJSXJQuhI4lxb99Cn8pXHgECzu2Rls6s ARC-Seal: i=1; a=rsa-sha256; t=1516294979; cv=none; d=google.com; s=arc-20160816; b=ntLwqAIYsw6oj53bHOE99PyOR+JZZ6lV0cdN27L6gs6de8Uad7y2IPs7meCDMrAaeH IVe4YCvEr0HQT4wPGkhi7o5/zNtnaag990rC+fcUER4bZskjx0SbdGXYWPJcKK/iAFp/ 0QXtI95Moymew0+Q5PSxGv83KgfqftX8xBoJLMiejrrdDDgn8Dv72KSSUVQJvUpninO8 LCZgBP9ZNE8N4g46Or8mjnbxHKRPc1jY4vslwDLokmBklHepZlB+oL9MYDn5xS/443xG Ym8ueWRFWzzOYu944kaZB6jqtREXJxxkqQIYg0tT7CYfhuu5JLPhGqZwkM37xWK84QIH kbJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=user-agent:in-reply-to:content-disposition:mime-version:references :message-id:subject:cc:to:from:date:arc-authentication-results; bh=mvfhPGZx404Jup1ut5Bv0A3m+nBz2FBiwtPDMyfXsEg=; b=q99G1bMcQ4TKA7ehLuekMZ4NTZmCcXPMKLew8jsNIQoXIAGyq+0y0g0PNaCCXfWAS5 CorCmpMW7qXTBFVjsGwLLZNkDHZGbcpYS64zjIb7hbJBEX2MsAM2kMzQC99NnfXx0nkU 6ytnehpG9aLDFQ2NTJKroEfzS6l5MGwPPDrFgPv3kFGx39+R0F+/sWKi7IyAka4m7jvN IrlB1vx1ZL/knLugdMiS6jhux0DyDXd4DmUJ3rZ50x9NXtNfC89GRESmFLVNE5QnObw2 VgIwjyz5eJFEdqhvDGLytOjX7tWMI4l7n0uI/Waqo1E9FwRwtlMAcWWbKLCt78U2vHuU hpVw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of jpoimboe@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=jpoimboe@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Authentication-Results: mx.google.com; spf=pass (google.com: domain of jpoimboe@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=jpoimboe@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Date: Thu, 18 Jan 2018 11:02:55 -0600 From: Josh Poimboeuf To: tip-bot for Andi Kleen Cc: linux-tip-commits@vger.kernel.org, linux-kernel@vger.kernel.org, gregkh@linuxfoundation.org, ak@linux.intel.com, dwmw@amazon.co.uk, mingo@kernel.org, hpa@zytor.com, tglx@linutronix.de Subject: Re: [tip:x86/pti] module: Add retpoline tag to VERMAGIC Message-ID: <20180118170255.wgcqrqiflikd3tmz@treble> References: <20180116205228.4890-1-andi@firstfloor.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.6.0.1 (2016-04-01) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1589836015920876400?= X-GMAIL-MSGID: =?utf-8?q?1589950524765117250?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: On Wed, Jan 17, 2018 at 02:40:43AM -0800, tip-bot for Andi Kleen wrote: > Commit-ID: 6cfb521ac0d5b97470883ff9b7facae264b7ab12 > Gitweb: https://git.kernel.org/tip/6cfb521ac0d5b97470883ff9b7facae264b7ab12 > Author: Andi Kleen > AuthorDate: Tue, 16 Jan 2018 12:52:28 -0800 > Committer: Thomas Gleixner > CommitDate: Wed, 17 Jan 2018 11:35:14 +0100 > > module: Add retpoline tag to VERMAGIC > > Add a marker for retpoline to the module VERMAGIC. This catches the case > when a non RETPOLINE compiled module gets loaded into a retpoline kernel, > making it insecure. > > It doesn't handle the case when retpoline has been runtime disabled. Even > in this case the match of the retcompile status will be enforced. This > implies that even with retpoline run time disabled all modules loaded need > to be recompiled. If the user overrides the vermagic and loads the module, shouldn't we update the spectre_v2 sysfs vulnerability status and print a warning like in v2? -- Josh