diff options
| author | Andi Kleen <ak@linux.intel.com> | 2018-01-25 15:50:28 -0800 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2018-03-19 18:59:11 +0000 |
| commit | 5ebf8d581c41a7ffc13225b6dbfdd89245f565b4 (patch) | |
| tree | 14f4ab8428f1d0c5a4dc9f8731eecc1f97d85147 /include/linux/mmdebug.h | |
| parent | 4b7e6a0ee22df9f46797a7b562825c87f13e08c7 (diff) | |
module/retpoline: Warn about missing retpoline in module
commit caf7501a1b4ec964190f31f9c3f163de252273b8 upstream.
There's a risk that a kernel which has full retpoline mitigations becomes
vulnerable when a module gets loaded that hasn't been compiled with the
right compiler or the right option.
To enable detection of that mismatch at module load time, add a module info
string "retpoline" at build time when the module was compiled with
retpoline support. This only covers compiled C source, but assembler source
or prebuilt object files are not checked.
If a retpoline enabled kernel detects a non retpoline protected module at
load time, print a warning and report it in the sysfs vulnerability file.
[ tglx: Massaged changelog ]
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: gregkh@linuxfoundation.org
Cc: torvalds@linux-foundation.org
Cc: jeyu@kernel.org
Cc: arjan@linux.intel.com
Link: https://lkml.kernel.org/r/20180125235028.31211-1-andi@firstfloor.org
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Diffstat (limited to 'include/linux/mmdebug.h')
0 files changed, 0 insertions, 0 deletions