| Message ID | 20210914191045.2234020-15-samitolvanen@google.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | x86: Add support for Clang CFI | expand |
On Tue, Sep 14, 2021 at 12:10:43PM -0700, Sami Tolvanen wrote: > Allow LTO to be used for cpu.c when CONFIG_CFI_CLANG is enabled to avoid > indirect call failures. CFI requires Clang >= 13, which doesn't have the > stack protector inlining bug. > > Signed-off-by: Sami Tolvanen <samitolvanen@google.com> > --- > arch/x86/power/Makefile | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/arch/x86/power/Makefile b/arch/x86/power/Makefile > index 379777572bc9..a0532851fed7 100644 > --- a/arch/x86/power/Makefile > +++ b/arch/x86/power/Makefile > @@ -4,9 +4,11 @@ > # itself be stack-protected > CFLAGS_cpu.o := -fno-stack-protector > > +ifndef CONFIG_CFI_CLANG > # Clang may incorrectly inline functions with stack protector enabled into > # __restore_processor_state(): https://bugs.llvm.org/show_bug.cgi?id=47479 > CFLAGS_REMOVE_cpu.o := $(CC_FLAGS_LTO) > +endif This seems weird -- it's tangential that CONFIG_CFI_CLANG is only on Clang >= 13, but it does seem better than adding a $(shell) to test the Clang version. So: Reviewed-by: Kees Cook <keescook@chromium.org> > > obj-$(CONFIG_PM_SLEEP) += cpu.o > obj-$(CONFIG_HIBERNATION) += hibernate_$(BITS).o hibernate_asm_$(BITS).o hibernate.o > -- > 2.33.0.309.g3052b89438-goog >
On Tue, Sep 14, 2021 at 12:11 PM Sami Tolvanen <samitolvanen@google.com> wrote: > > Allow LTO to be used for cpu.c when CONFIG_CFI_CLANG is enabled to avoid > indirect call failures. CFI requires Clang >= 13, which doesn't have the > stack protector inlining bug. True, that was fixed in clang-12. I hope to one day use __attribute__((no_stack_protector)) to clean up this chem spill. Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> Technically, GCC still has this bug. > > Signed-off-by: Sami Tolvanen <samitolvanen@google.com> > --- > arch/x86/power/Makefile | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/arch/x86/power/Makefile b/arch/x86/power/Makefile > index 379777572bc9..a0532851fed7 100644 > --- a/arch/x86/power/Makefile > +++ b/arch/x86/power/Makefile > @@ -4,9 +4,11 @@ > # itself be stack-protected > CFLAGS_cpu.o := -fno-stack-protector > > +ifndef CONFIG_CFI_CLANG > # Clang may incorrectly inline functions with stack protector enabled into > # __restore_processor_state(): https://bugs.llvm.org/show_bug.cgi?id=47479 > CFLAGS_REMOVE_cpu.o := $(CC_FLAGS_LTO) > +endif > > obj-$(CONFIG_PM_SLEEP) += cpu.o > obj-$(CONFIG_HIBERNATION) += hibernate_$(BITS).o hibernate_asm_$(BITS).o hibernate.o > -- > 2.33.0.309.g3052b89438-goog >
diff --git a/arch/x86/power/Makefile b/arch/x86/power/Makefile index 379777572bc9..a0532851fed7 100644 --- a/arch/x86/power/Makefile +++ b/arch/x86/power/Makefile @@ -4,9 +4,11 @@ # itself be stack-protected CFLAGS_cpu.o := -fno-stack-protector +ifndef CONFIG_CFI_CLANG # Clang may incorrectly inline functions with stack protector enabled into # __restore_processor_state(): https://bugs.llvm.org/show_bug.cgi?id=47479 CFLAGS_REMOVE_cpu.o := $(CC_FLAGS_LTO) +endif obj-$(CONFIG_PM_SLEEP) += cpu.o obj-$(CONFIG_HIBERNATION) += hibernate_$(BITS).o hibernate_asm_$(BITS).o hibernate.o
Allow LTO to be used for cpu.c when CONFIG_CFI_CLANG is enabled to avoid indirect call failures. CFI requires Clang >= 13, which doesn't have the stack protector inlining bug. Signed-off-by: Sami Tolvanen <samitolvanen@google.com> --- arch/x86/power/Makefile | 2 ++ 1 file changed, 2 insertions(+)