module/retpoline: Warn about missing retpoline in module
Andi Kleen authored
commit caf7501a



There's a risk that a kernel which has full retpoline mitigations becomes
vulnerable when a module gets loaded that hasn't been compiled with the
right compiler or the right option.

To enable detection of that mismatch at module load time, add a module info
string "retpoline" at build time when the module was compiled with
retpoline support. This only covers compiled C source, but assembler source
or prebuilt object files are not checked.

If a retpoline enabled kernel detects a non retpoline protected module at
load time, print a warning and report it in the sysfs vulnerability file.

[ tglx: Massaged changelog ]
Signed-off-by: default avatarAndi Kleen <ak@linux.intel.com>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: gregkh@linuxfoundation.org
Cc: torvalds@linux-foundation.org
Cc: jeyu@kernel.org
Cc: arjan@linux.intel.com
Link: https://lkml.kernel.org/r/201801...
2ce55832
Name Last commit Last update
Documentation Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
arch module/retpoline: Warn about missing retpoline in module
block block: drain queue before waiting for q_usage_counter becoming zero
certs License cleanup: add SPDX GPL-2.0 license identifier to files with no license
crypto crypto: af_alg - whitelist mask and type
drivers x86/efi: Clarify that reset attack mitigation needs appropriate userspace
firmware kbuild: remove all dummy assignments to obj-
fs orangefs: fix deadlock; do not write i_size in read_iter
include module/retpoline: Warn about missing retpoline in module
init Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
ipc Rename superblock flags (MS_xyz -> SB_xyz)
kernel module/retpoline: Warn about missing retpoline in module
lib test_firmware: fix missing unlock on error in config_num_requests_store()
mm mm, page_vma_mapped: Introduce pfn_in_hpage()
net VSOCK: set POLLOUT | POLLWRNORM for TCP_CLOSING
samples Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
scripts module/retpoline: Warn about missing retpoline in module
security ima/policy: fix parsing of fsuuid
sound ALSA: hda - Reduce the suspend time consumption for ALC256
tools usbip: list: don't list devices attached to vhci_hcd
usr initramfs: fix initramfs rebuilds w/ compression after disabling
virt Merge tag 'kvm-arm-fixes-for-v4.15-3-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm
.cocciconfig scripts: add Linux .cocciconfig for coccinelle
.get_maintainer.ignore Add hch to .get_maintainer.ignore
.gitattributes .gitattributes: set git diff driver for C source code files
.gitignore Merge tag 'kbuild-misc-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
.mailmap mailmap: update Mark Yao's email address
COPYING [PATCH] update FSF address in COPYING
CREDITS MAINTAINERS: update TPM driver infrastructure changes
Kbuild Merge tag 'kbuild-v4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
Kconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license
MAINTAINERS Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Makefile Linux 4.15.1
README README: add a new README file, pointing to the Documentation/
Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.