Commit aefb2f2e authored by Breno Leitao's avatar Breno Leitao Committed by Ingo Molnar
Browse files

x86/bugs: Rename CONFIG_RETPOLINE => CONFIG_MITIGATION_RETPOLINE 



Step 5/10 of the namespace unification of CPU mitigations related Kconfig options.

[ mingo: Converted a few more uses in comments/messages as well. ]

Suggested-by: default avatarJosh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: default avatarBreno Leitao <leitao@debian.org>
Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
Reviewed-by: default avatarAriel Miculas <amiculas@cisco.com>
Acked-by: default avatarJosh Poimboeuf <jpoimboe@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Link: https://lore.kernel.org/r/20231121160740.1249350-6-leitao@debian.org
parent ea4654e0

Documentation/admin-guide/hw-vuln/spectre.rst

+4 −4
Original line number Diff line number Diff line
@@ -473,8 +473,8 @@ Spectre variant 2 
   -mindirect-branch=thunk-extern -mindirect-branch-register options.

   If the kernel is compiled with a Clang compiler, the compiler needs

   to support -mretpoline-external-thunk option.  The kernel config

   CONFIG_RETPOLINE needs to be turned on, and the CPU needs to run with

   the latest updated microcode.

   CONFIG_MITIGATION_RETPOLINE needs to be turned on, and the CPU needs

   to run with the latest updated microcode.



   On Intel Skylake-era systems the mitigation covers most, but not all,

   cases. See :ref:`[3] <spec_ref3>` for more details.
@@ -609,8 +609,8 @@ kernel command line. 
		Selecting 'on' will, and 'auto' may, choose a

		mitigation method at run time according to the

		CPU, the available microcode, the setting of the

		CONFIG_RETPOLINE configuration option, and the

		compiler with which the kernel was built.

		CONFIG_MITIGATION_RETPOLINE configuration option,

		and the compiler with which the kernel was built.



		Selecting 'on' will also enable the mitigation

		against user space to user space task attacks.

Documentation/admin-guide/kernel-parameters.txt

+2 −2
Original line number Diff line number Diff line
@@ -6007,8 +6007,8 @@ 
			Selecting 'on' will, and 'auto' may, choose a

			mitigation method at run time according to the

			CPU, the available microcode, the setting of the

			CONFIG_RETPOLINE configuration option, and the

			compiler with which the kernel was built.

			CONFIG_MITIGATION_RETPOLINE configuration option,

			and the compiler with which the kernel was built.



			Selecting 'on' will also enable the mitigation

			against user space to user space task attacks.

arch/x86/Kconfig

+3 −3
Original line number Diff line number Diff line
@@ -2457,7 +2457,7 @@ config CALL_PADDING 


config FINEIBT

	def_bool y

	depends on X86_KERNEL_IBT && CFI_CLANG && RETPOLINE

	depends on X86_KERNEL_IBT && CFI_CLANG && MITIGATION_RETPOLINE

	select CALL_PADDING



config HAVE_CALL_THUNKS
@@ -2495,7 +2495,7 @@ config MITIGATION_PAGE_TABLE_ISOLATION 


	  See Documentation/arch/x86/pti.rst for more details.



config RETPOLINE

config MITIGATION_RETPOLINE

	bool "Avoid speculative indirect branches in kernel"

	select OBJTOOL if HAVE_OBJTOOL

	default y
@@ -2507,7 +2507,7 @@ config RETPOLINE 


config RETHUNK

	bool "Enable return-thunks"

	depends on RETPOLINE && CC_HAS_RETURN_THUNK

	depends on MITIGATION_RETPOLINE && CC_HAS_RETURN_THUNK

	select OBJTOOL if HAVE_OBJTOOL

	default y if X86_64

	help

arch/x86/Makefile

+2 −2
Original line number Diff line number Diff line
@@ -192,7 +192,7 @@ KBUILD_CFLAGS += -Wno-sign-compare 
KBUILD_CFLAGS += -fno-asynchronous-unwind-tables



# Avoid indirect branches in kernel to deal with Spectre

ifdef CONFIG_RETPOLINE

ifdef CONFIG_MITIGATION_RETPOLINE

  KBUILD_CFLAGS += $(RETPOLINE_CFLAGS)

  # Additionally, avoid generating expensive indirect jumps which

  # are subject to retpolines for small number of switch cases.
@@ -301,7 +301,7 @@ vdso-install-$(CONFIG_IA32_EMULATION) += arch/x86/entry/vdso/vdso32.so.dbg 


archprepare: checkbin

checkbin:

ifdef CONFIG_RETPOLINE

ifdef CONFIG_MITIGATION_RETPOLINE

ifeq ($(RETPOLINE_CFLAGS),)

	@echo "You are building kernel with non-retpoline compiler." >&2

	@echo "Please update your compiler." >&2

arch/x86/entry/vdso/Makefile

+2 −2
Original line number Diff line number Diff line
@@ -87,7 +87,7 @@ CFL := $(PROFILING) -mcmodel=small -fPIC -O2 -fasynchronous-unwind-tables -m64 \ 
       -fno-omit-frame-pointer -foptimize-sibling-calls \

       -DDISABLE_BRANCH_PROFILING -DBUILD_VDSO



ifdef CONFIG_RETPOLINE

ifdef CONFIG_MITIGATION_RETPOLINE

ifneq ($(RETPOLINE_VDSO_CFLAGS),)

  CFL += $(RETPOLINE_VDSO_CFLAGS)

endif
@@ -164,7 +164,7 @@ KBUILD_CFLAGS_32 += $(call cc-option, -foptimize-sibling-calls) 
KBUILD_CFLAGS_32 += -fno-omit-frame-pointer

KBUILD_CFLAGS_32 += -DDISABLE_BRANCH_PROFILING



ifdef CONFIG_RETPOLINE

ifdef CONFIG_MITIGATION_RETPOLINE

ifneq ($(RETPOLINE_VDSO_CFLAGS),)

  KBUILD_CFLAGS_32 += $(RETPOLINE_VDSO_CFLAGS)

endif