git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/commit

author	Josh Poimboeuf <jpoimboe@redhat.com>
	Thu, 28 Jan 2021 21:52:19 +0000 (15:52 -0600)
committer	Kleber Sacilotto de Souza <kleber.souza@canonical.com>
	Wed, 24 Mar 2021 10:11:44 +0000 (11:11 +0100)
commit	fb3fe2c04a6016bd6be2bfdee7b914632c6f5b4f
tree	74afbe6ac755c393f9c214a12763b59f956e8d3e	tree
parent	db31f342e6f71afed4495b0de76e4dbd86d05cdb	commit \| diff

x86/build: Disable CET instrumentation in the kernel

BugLink: https://bugs.launchpad.net/bugs/1916066
commit 20bf2b378729c4a0366a53e2018a0b70ace94bcd upstream.

With retpolines disabled, some configurations of GCC, and specifically
the GCC versions 9 and 10 in Ubuntu will add Intel CET instrumentation
to the kernel by default. That breaks certain tracing scenarios by
adding a superfluous ENDBR64 instruction before the fentry call, for
functions which can be called indirectly.

CET instrumentation isn't currently necessary in the kernel, as CET is
only supported in user space. Disable it unconditionally and move it
into the x86's Makefile as CET/CFI... enablement should be a per-arch
decision anyway.

[ bp: Massage and extend commit message. ]

Fixes: 29be86d7f9cb ("kbuild: add -fcf-protection=none when using retpoline flags")
Reported-by: Nikolay Borisov <nborisov@suse.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Nikolay Borisov <nborisov@suse.com>
Tested-by: Nikolay Borisov <nborisov@suse.com>
Cc: <stable@vger.kernel.org>
Cc: Seth Forshee <seth.forshee@canonical.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Link: https://lkml.kernel.org/r/20210128215219.6kct3h2eiustncws@treble
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

Makefile		diff \| blob \| blame \| history
arch/x86/Makefile		diff \| blob \| blame \| history