module/retpoline: Warn about missing retpoline in module (caf7501a) · Commits · 戴 / test

arch/x86/kernel/cpu/bugs.c

+16 −1

Original line number	Diff line number	Diff line
		@@ -11,6 +11,7 @@
		#include <linux/init.h>
		#include <linux/utsname.h>
		#include <linux/cpu.h>
		#include <linux/module.h>

		#include <asm/nospec-branch.h>
		#include <asm/cmdline.h>
		@@ -93,6 +94,19 @@ static const char *spectre_v2_strings[] = {
		#define pr_fmt(fmt) "Spectre V2 mitigation: " fmt

		static enum spectre_v2_mitigation spectre_v2_enabled = SPECTRE_V2_NONE;
		static bool spectre_v2_bad_module;

		#ifdef RETPOLINE
		bool retpoline_module_ok(bool has_retpoline)
		{
		if (spectre_v2_enabled == SPECTRE_V2_NONE \|\| has_retpoline)
		return true;

		pr_err("System may be vunerable to spectre v2\n");
		spectre_v2_bad_module = true;
		return false;
		}
		#endif

		static void __init spec2_print_if_insecure(const char *reason)
		{
		@@ -278,6 +292,7 @@ ssize_t cpu_show_spectre_v2(struct device *dev,
		if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2))
		return sprintf(buf, "Not affected\n");

		return sprintf(buf, "%s\n", spectre_v2_strings[spectre_v2_enabled]);
		return sprintf(buf, "%s%s\n", spectre_v2_strings[spectre_v2_enabled],
		spectre_v2_bad_module ? " - vulnerable module loaded" : "");
		}
		#endif

+9 −0

Original line number	Diff line number	Diff line
		@@ -794,6 +794,15 @@ static inline void module_bug_finalize(const Elf_Ehdr *hdr,
		static inline void module_bug_cleanup(struct module *mod) {}
		#endif /* CONFIG_GENERIC_BUG */

		#ifdef RETPOLINE
		extern bool retpoline_module_ok(bool has_retpoline);
		#else
		static inline bool retpoline_module_ok(bool has_retpoline)
		{
		return true;
		}
		#endif

		#ifdef CONFIG_MODULE_SIG
		static inline bool module_sig_ok(struct module *module)
		{

+11 −0

Original line number	Diff line number	Diff line
		@@ -2855,6 +2855,15 @@ static int check_modinfo_livepatch(struct module mod, struct load_info info)
		}
		#endif /* CONFIG_LIVEPATCH */

		static void check_modinfo_retpoline(struct module mod, struct load_info info)
		{
		if (retpoline_module_ok(get_modinfo(info, "retpoline")))
		return;

		pr_warn("%s: loading module not compiled with retpoline compiler.\n",
		mod->name);
		}

		/* Sets info->hdr and info->len. */
		static int copy_module_from_user(const void __user *umod, unsigned long len,
		struct load_info *info)
		@@ -3021,6 +3030,8 @@ static int check_modinfo(struct module mod, struct load_info info, int flags)
		add_taint_module(mod, TAINT_OOT_MODULE, LOCKDEP_STILL_OK);
		}

		check_modinfo_retpoline(mod, info);

		if (get_modinfo(info, "staging")) {
		add_taint_module(mod, TAINT_CRAP, LOCKDEP_STILL_OK);
		pr_warn("%s: module is from the staging directory, the quality "

+9 −0

Original line number	Diff line number	Diff line
		@@ -2165,6 +2165,14 @@ static void add_intree_flag(struct buffer *b, int is_intree)
		buf_printf(b, "\nMODULE_INFO(intree, \"Y\");\n");
		}

		/* Cannot check for assembler */
		static void add_retpoline(struct buffer *b)
		{
		buf_printf(b, "\n#ifdef RETPOLINE\n");
		buf_printf(b, "MODULE_INFO(retpoline, \"Y\");\n");
		buf_printf(b, "#endif\n");
		}

		static void add_staging_flag(struct buffer b, const char name)
		{
		static const char *staging_dir = "drivers/staging";
		@@ -2506,6 +2514,7 @@ int main(int argc, char **argv)
		err \|= check_modname_len(mod);
		add_header(&buf, mod);
		add_intree_flag(&buf, !external_module);
		add_retpoline(&buf);
		add_staging_flag(&buf, mod->name);
		err \|= add_versions(&buf, mod);
		add_depends(&buf, mod, modules);