| Message ID | 20200825002645.3658-9-yu-cheng.yu@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Control-flow Enforcement: Indirect Branch Tracking, PTRACE | expand |
On Mon, Aug 24, 2020 at 5:30 PM Yu-cheng Yu <yu-cheng.yu@intel.com> wrote: > > From: "H.J. Lu" <hjl.tools@gmail.com> > > When Indirect Branch Tracking (IBT) is enabled, vDSO functions may be > called indirectly, and must have ENDBR32 or ENDBR64 as the first > instruction. The compiler must support -fcf-protection=branch so that it > can be used to compile vDSO. > > Signed-off-by: H.J. Lu <hjl.tools@gmail.com> > Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com> > Acked-by: Andy Lutomirski <luto@kernel.org> I revoke my Ack. Please don't repeat the list of object files. Maybe add the option to CFL? --Andy
On 8/24/2020 5:33 PM, Andy Lutomirski wrote: > On Mon, Aug 24, 2020 at 5:30 PM Yu-cheng Yu <yu-cheng.yu@intel.com> wrote: >> >> From: "H.J. Lu" <hjl.tools@gmail.com> >> >> When Indirect Branch Tracking (IBT) is enabled, vDSO functions may be >> called indirectly, and must have ENDBR32 or ENDBR64 as the first >> instruction. The compiler must support -fcf-protection=branch so that it >> can be used to compile vDSO. >> >> Signed-off-by: H.J. Lu <hjl.tools@gmail.com> >> Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com> >> Acked-by: Andy Lutomirski <luto@kernel.org> > > I revoke my Ack. Please don't repeat the list of object files. Maybe > add the option to CFL? I will update the patch. Yu-cheng
diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile index 215376d975a2..82f8e25e139f 100644 --- a/arch/x86/entry/vdso/Makefile +++ b/arch/x86/entry/vdso/Makefile @@ -130,6 +130,10 @@ $(obj)/%-x32.o: $(obj)/%.o FORCE targets += vdsox32.lds $(vobjx32s-y) +ifdef CONFIG_X86_INTEL_BRANCH_TRACKING_USER + $(obj)/vclock_gettime.o $(obj)/vgetcpu.o $(obj)/vdso32/vclock_gettime.o: KBUILD_CFLAGS += -fcf-protection=branch +endif + $(obj)/%.so: OBJCOPYFLAGS := -S $(obj)/%.so: $(obj)/%.so.dbg FORCE $(call if_changed,objcopy)