From: Josh Poimboeuf <jpoimboe@kernel.org>
To: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Cc: peterz@infradead.org, x86@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 2/3] objtool: make objtool SLS validation fatal when building with CONFIG_SLS=y
Date: Tue, 9 Jan 2024 11:31:51 -0800 [thread overview]
Message-ID: <20240109193151.nkmn5yfv24tfmodd@treble> (raw)
In-Reply-To: <20231213134303.2302285-3-dimitri.ledkov@canonical.com>
On Wed, Dec 13, 2023 at 01:43:01PM +0000, Dimitri John Ledkov wrote:
> Make objtool SLS validation fatal when building with CONFIG_SLS=y,
> currently it is a build.log warning only.
>
> This is a standalone patch, such that if regressions are identified
> (with any config or toolchain configuration) it can be reverted until
> relevant identified code is fixed up or otherwise
> ignored/silecned/marked as safe.
>
> Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
> ---
> tools/objtool/check.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/tools/objtool/check.c b/tools/objtool/check.c
> index 15df4afae2..9709f037f1 100644
> --- a/tools/objtool/check.c
> +++ b/tools/objtool/check.c
> @@ -4500,7 +4500,9 @@ static int validate_sls(struct objtool_file *file)
> }
> }
>
> - return warnings;
> + /* SLS is an optional security safety feature, make it fatal
> + * to ensure no new code is introduced that fails SLS */
> + return -warnings;
> }
I'm thinking this patch (and the next one) go too far, yet not far
enough :-)
Too far, because there are still some outstanding randconfig warnings
which need to be fixed.
Not far enough, because there are other warnings which might also have
disastrous effects. For example, even the "unreachable warning" could
mean missing SLS or retpoline mitigations.
So I'm thinking we should try to get as many of the outstanding warnings
fixed as we can, and then flip the CONFIG_WERROR switch for all
non-fatal warnings.
--
Josh
next prev parent reply other threads:[~2024-01-09 19:31 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20231213134303.2302285-1-dimitri.ledkov@canonical.com>
2023-12-13 13:43 ` [PATCH v2 1/3] objtool: Make objtool check actually fatal upon fatal errors Dimitri John Ledkov
2024-01-08 9:15 ` Ingo Molnar
2024-01-09 19:24 ` Josh Poimboeuf
2024-01-09 19:48 ` Dimitri John Ledkov
2024-01-09 20:20 ` Josh Poimboeuf
2023-12-13 13:43 ` [PATCH v2 2/3] objtool: make objtool SLS validation fatal when building with CONFIG_SLS=y Dimitri John Ledkov
2024-01-08 9:16 ` Ingo Molnar
2024-01-09 19:31 ` Josh Poimboeuf [this message]
2023-12-13 13:43 ` [PATCH v2 3/3] objtool: make objtool RETPOLINE validation fatal when building with CONFIG_RETPOLINE=y Dimitri John Ledkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240109193151.nkmn5yfv24tfmodd@treble \
--to=jpoimboe@kernel.org \
--cc=dimitri.ledkov@canonical.com \
--cc=linux-kernel@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox