korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-12-11 13:04:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
26aae8ccbc
linux/scripts/Makefile.vmlinux_o
Peter Zijlstra a09a6e2399 objtool: Add entry UNRET validation 
Since entry asm is tricky, add a validation pass that ensures the
retbleed mitigation has been done before the first actual RET
instruction.

Entry points are those that either have UNWIND_HINT_ENTRY, which acts
as UNWIND_HINT_EMPTY but marks the instruction as an entry point, or
those that have UWIND_HINT_IRET_REGS at +0.

This is basically a variant of validate_branch() that is
intra-function and it will simply follow all branches from marked
entry points and ensures that all paths lead to ANNOTATE_UNRET_END.

If a path hits RET or an indirection the path is a fail and will be
reported.

There are 3 ANNOTATE_UNRET_END instances:

 - UNTRAIN_RET itself
 - exception from-kernel; this path doesn't need UNTRAIN_RET
 - all early exceptions; these also don't need UNTRAIN_RET

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
2022-06-27 10:34:00 +02:00

88 lines
2.7 KiB
Makefile
Raw Blame History

# SPDX-License-Identifier: GPL-2.0-only
PHONY := __default
__default: vmlinux.o
include include/config/auto.conf
include $(srctree)/scripts/Kbuild.include
# for objtool
include $(srctree)/scripts/Makefile.lib
# Generate a linker script to ensure correct ordering of initcalls for Clang LTO
# ---------------------------------------------------------------------------
quiet_cmd_gen_initcalls_lds = GEN $@
cmd_gen_initcalls_lds = \
$(PYTHON3) $(srctree)/scripts/jobserver-exec \
$(PERL) $(real-prereqs) > $@
.tmp_initcalls.lds: $(srctree)/scripts/generate_initcall_order.pl \
$(KBUILD_VMLINUX_OBJS) $(KBUILD_VMLINUX_LIBS) FORCE
$(call if_changed,gen_initcalls_lds)
targets := .tmp_initcalls.lds
ifdef CONFIG_LTO_CLANG
initcalls-lds := .tmp_initcalls.lds
endif
# objtool for vmlinux.o
# ---------------------------------------------------------------------------
#
# For LTO and IBT, objtool doesn't run on individual translation units.
# Run everything on vmlinux instead.
objtool-enabled := $(or $(delay-objtool),$(CONFIG_NOINSTR_VALIDATION))
# Reuse objtool_args defined in scripts/Makefile.lib if LTO or IBT is enabled.
#
# Add some more flags as needed.
# --no-unreachable and --link might be added twice, but it is fine.
#
# Expand objtool_args to a simple variable to avoid circular reference.
objtool_args := \
$(if $(delay-objtool),$(objtool_args)) \
$(if $(CONFIG_NOINSTR_VALIDATION), --noinstr $(if $(CONFIG_RETPOLINE), --unret)) \
$(if $(CONFIG_GCOV_KERNEL), --no-unreachable) \
--link
# Link of vmlinux.o used for section mismatch analysis
# ---------------------------------------------------------------------------
quiet_cmd_ld_vmlinux.o = LD $@
cmd_ld_vmlinux.o = \
$(LD) ${KBUILD_LDFLAGS} -r -o $@ \
$(addprefix -T , $(initcalls-lds)) \
--whole-archive $(KBUILD_VMLINUX_OBJS) --no-whole-archive \
--start-group $(KBUILD_VMLINUX_LIBS) --end-group \
$(cmd_objtool)
define rule_ld_vmlinux.o
$(call cmd_and_savecmd,ld_vmlinux.o)
$(call cmd,gen_objtooldep)
endef
vmlinux.o: $(initcalls-lds) $(KBUILD_VMLINUX_OBJS) $(KBUILD_VMLINUX_LIBS) FORCE
$(call if_changed_rule,ld_vmlinux.o)
targets += vmlinux.o
# Add FORCE to the prequisites of a target to force it to be always rebuilt.
# ---------------------------------------------------------------------------
PHONY += FORCE
FORCE:
# Read all saved command lines and dependencies for the $(targets) we
# may be building above, using $(if_changed{,_dep}). As an
# optimization, we don't need to read them if the target does not
# exist, we will rebuild anyway in that case.
existing-targets := $(wildcard $(sort $(targets)))
-include $(foreach f,$(existing-targets),$(dir $(f)).$(notdir $(f)).cmd)
.PHONY: $(PHONY)
Reference in New Issue View Git Blame Copy Permalink