[tip: x86/core] x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
From: tip-bot2 for Peter Zijlstra
Date: Fri Dec 10 2021 - 06:05:37 EST
The following commit has been merged into the x86/core branch of tip:
Commit-ID: 68cf4f2a72ef8786e6b7af6fd9a89f27ac0f520d
Gitweb: https://git.kernel.org/tip/68cf4f2a72ef8786e6b7af6fd9a89f27ac0f520d
Author: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
AuthorDate: Fri, 19 Nov 2021 17:50:25 +01:00
Committer: Borislav Petkov <bp@xxxxxxx>
CommitterDate: Wed, 08 Dec 2021 11:57:04 +01:00
x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
In order to further enable commit:
bbe2df3f6b6d ("x86/alternative: Try inline spectre_v2=retpoline,amd")
add the new GCC flag -mindirect-branch-cs-prefix:
https://gcc.gnu.org/g:2196a681d7810ad8b227bf983f38ba716620545e
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
https://bugs.llvm.org/show_bug.cgi?id=52323
to RETPOLINE=y builds. This should allow fully inlining retpoline,amd
for GCC builds.
Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
Signed-off-by: Borislav Petkov <bp@xxxxxxx>
Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
Acked-by: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
Link: https://lkml.kernel.org/r/20211119165630.276205624@xxxxxxxxxxxxx
---
arch/x86/Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/Makefile b/arch/x86/Makefile
index 2f40de5..c38b657 100644
--- a/arch/x86/Makefile
+++ b/arch/x86/Makefile
@@ -14,6 +14,7 @@ endif
ifdef CONFIG_CC_IS_GCC
RETPOLINE_CFLAGS := $(call cc-option,-mindirect-branch=thunk-extern -mindirect-branch-register)
+RETPOLINE_CFLAGS += $(call cc-option,-mindirect-branch-cs-prefix)
RETPOLINE_VDSO_CFLAGS := $(call cc-option,-mindirect-branch=thunk-inline -mindirect-branch-register)
endif
ifdef CONFIG_CC_IS_CLANG