| Message ID | 20231214124940.3281278-4-dimitri.ledkov@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | Enforce RETPOLINE and SLS mitigrations | expand |
diff --git a/tools/objtool/check.c b/tools/objtool/check.c index 9709f037f1..c21258e109 100644 --- a/tools/objtool/check.c +++ b/tools/objtool/check.c @@ -3991,7 +3991,10 @@ static int validate_retpoline(struct objtool_file *file) warnings++; } - return warnings; + /* RETPOLINE is an optional security safety feature, make it + * fatal to ensure no new code is introduced that fails + * RETPOLINE */ + return -warnings; } static bool is_kasan_insn(struct instruction *insn)
BugLink: https://bugs.launchpad.net/bugs/2046440 Make objtool RETPOLINE validation fatal when building with CONFIG_RETPOLINE=y, currently it is a build.log warning only. This is a standalone patch, such that if regressions are identified (with any config or toolchain configuration) it can be reverted until relevant identified code is fixed up or otherwise ignored/silecned/marked as safe. Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> Link: https://lore.kernel.org/all/20231213134303.2302285-4-dimitri.ledkov@canonical.com/ --- tools/objtool/check.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)