# git rev-parse -q --verify b6e6cc1f78c772e952495b7416c9ac9029f9390c^{commit} b6e6cc1f78c772e952495b7416c9ac9029f9390c already have revision, skipping fetch # git checkout -q -f -B kisskb b6e6cc1f78c772e952495b7416c9ac9029f9390c # git clean -qxdf # < git log -1 # commit b6e6cc1f78c772e952495b7416c9ac9029f9390c # Merge: be522ac7cdcc 535d0ae39185 # Author: Linus Torvalds # Date: Fri Jul 14 20:19:25 2023 -0700 # # Merge tag 'x86_urgent_for_6.5_rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip # # Pull x86 CFI fixes from Peter Zijlstra: # "Fix kCFI/FineIBT weaknesses # # The primary bug Alyssa noticed was that with FineIBT enabled function # prologues have a spurious ENDBR instruction: # # __cfi_foo: # endbr64 # subl $hash, %r10d # jz 1f # ud2 # nop # 1: # foo: # endbr64 <--- *sadface* # # This means that any indirect call that fails to target the __cfi # symbol and instead targets (the regular old) foo+0, will succeed due # to that second ENDBR. # # Fixing this led to the discovery of a single indirect call that was # still doing this: ret_from_fork(). Since that's an assembly stub the # compiler would not generate the proper kCFI indirect call magic and it # would not get patched. # # Brian came up with the most comprehensive fix -- convert the thing to # C with only a very thin asm wrapper. This ensures the kernel thread # boostrap is a proper kCFI call. # # While discussing all this, Kees noted that kCFI hashes could/should be # poisoned to seal all functions whose address is never taken, further # limiting the valid kCFI targets -- much like we already do for IBT. # # So what was a 'simple' observation and fix cascaded into a bunch of # inter-related CFI infrastructure fixes" # # * tag 'x86_urgent_for_6.5_rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: # x86/cfi: Only define poison_cfi() if CONFIG_X86_KERNEL_IBT=y # x86/fineibt: Poison ENDBR at +0 # x86: Rewrite ret_from_fork() in C # x86/32: Remove schedule_tail_wrapper() # x86/cfi: Extend ENDBR sealing to kCFI # x86/alternative: Rename apply_ibt_endbr() # x86/cfi: Extend {JMP,CAKK}_NOSPEC comment # < /opt/cross/kisskb/x86-64--glibc--bleeding-edge-2022.08-1/bin/x86_64-linux-gcc --version # < /opt/cross/kisskb/x86-64--glibc--bleeding-edge-2022.08-1/bin/x86_64-linux-ld --version # < git log --format=%s --max-count=1 b6e6cc1f78c772e952495b7416c9ac9029f9390c # make -s -j 40 ARCH=um O=/kisskb/build/linus_allmodconfig_um-x86_64-gcc12 CROSS_COMPILE=/opt/cross/kisskb/x86-64--glibc--bleeding-edge-2022.08-1/bin/x86_64-linux- SUBARCH=x86_64 allmodconfig # Added to kconfig CONFIG_STANDALONE=y # Added to kconfig CONFIG_KCOV=n # Added to kconfig CONFIG_GCC_PLUGINS=n # Added to kconfig CONFIG_GCC_PLUGIN_CYC_COMPLEXITY=n # Added to kconfig CONFIG_GCC_PLUGIN_SANCOV=n # Added to kconfig CONFIG_GCC_PLUGIN_LATENT_ENTROPY=n # Added to kconfig CONFIG_GCC_PLUGIN_STRUCTLEAK=n # Added to kconfig CONFIG_GCC_PLUGIN_RANDSTRUCT=n # Added to kconfig CONFIG_UML_NET=n # Added to kconfig CONFIG_UML_NET_ETHERTAP=n # Added to kconfig CONFIG_UML_NET_TUNTAP=n # Added to kconfig CONFIG_UML_NET_SLIP=n # Added to kconfig CONFIG_UML_NET_DAEMON=n # Added to kconfig CONFIG_UML_NET_VDE=n # Added to kconfig CONFIG_UML_NET_MCAST=n # Added to kconfig CONFIG_UML_NET_PCAP=n # Added to kconfig CONFIG_UML_NET_SLIRP=n # Added to kconfig CONFIG_GCOV_KERNEL=n # Added to kconfig CONFIG_DEBUG_INFO_BTF=n # Added to kconfig CONFIG_BPF_PRELOAD=n # Added to kconfig CONFIG_SPI_STM32_QSPI=n # < make -s -j 40 ARCH=um O=/kisskb/build/linus_allmodconfig_um-x86_64-gcc12 CROSS_COMPILE=/opt/cross/kisskb/x86-64--glibc--bleeding-edge-2022.08-1/bin/x86_64-linux- SUBARCH=x86_64 help # make -s -j 40 ARCH=um O=/kisskb/build/linus_allmodconfig_um-x86_64-gcc12 CROSS_COMPILE=/opt/cross/kisskb/x86-64--glibc--bleeding-edge-2022.08-1/bin/x86_64-linux- SUBARCH=x86_64 olddefconfig .config:12755:warning: override: reassigning to symbol GCC_PLUGIN_LATENT_ENTROPY .config:12759:warning: override: reassigning to symbol UML_NET_ETHERTAP .config:12761:warning: override: reassigning to symbol UML_NET_SLIP .config:12766:warning: override: reassigning to symbol UML_NET_SLIRP # make -s -j 40 ARCH=um O=/kisskb/build/linus_allmodconfig_um-x86_64-gcc12 CROSS_COMPILE=/opt/cross/kisskb/x86-64--glibc--bleeding-edge-2022.08-1/bin/x86_64-linux- SUBARCH=x86_64 LINK linux Completed OK # rm -rf /kisskb/build/linus_allmodconfig_um-x86_64-gcc12 # Build took: 0:09:57.524959