Update Bazel, rules_go, gazelle, linux_kernel, musl, and k8s
rules_go updates Go to 1.13.5.
EFI boot patch had to be rebased since a bunch of ifdefs got cleaned up in 5.x
https://github.com/torvalds/linux/commit/ac09c5f43cf613939850cc38d7a34ae6556016ba
https://github.com/torvalds/linux/commit/82f9ed3a93307089242ff8a5c694e82c8c93f522)
Test Plan: CI
X-Origin-Diff: phab/D304
GitOrigin-RevId: 8d7711dd2038e76e091a22a1aab865c3593e3889
diff --git a/BUILD b/BUILD
index 5367d32..ba234e7 100644
--- a/BUILD
+++ b/BUILD
@@ -61,6 +61,7 @@
name = "gopath",
mode = "link",
deps = [
+ # All top-level Go targets that need IDE integration need to be listed here
"//core/cmd/init",
],
)
diff --git a/WORKSPACE b/WORKSPACE
index a3224f9..ad829af 100644
--- a/WORKSPACE
+++ b/WORKSPACE
@@ -22,7 +22,7 @@
load("@bazel_skylib//lib:versions.bzl", "versions")
-versions.check(minimum_bazel_version = "1.1.0")
+versions.check(minimum_bazel_version = "2.0.0")
# Go and Gazelle
@@ -30,19 +30,19 @@
http_archive(
name = "io_bazel_rules_go",
- sha256 = "842ec0e6b4fbfdd3de6150b61af92901eeb73681fd4d185746644c338f51d4c0",
+ sha256 = "e88471aea3a3a4f19ec1310a55ba94772d087e9ce46e41ae38ecebe17935de7b",
urls = [
- "https://storage.googleapis.com/bazel-mirror/github.com/bazelbuild/rules_go/releases/download/v0.20.1/rules_go-v0.20.1.tar.gz",
- "https://github.com/bazelbuild/rules_go/releases/download/v0.20.1/rules_go-v0.20.1.tar.gz",
+ "https://storage.googleapis.com/bazel-mirror/github.com/bazelbuild/rules_go/releases/download/v0.20.3/rules_go-v0.20.3.tar.gz",
+ "https://github.com/bazelbuild/rules_go/releases/download/v0.20.3/rules_go-v0.20.3.tar.gz",
],
)
http_archive(
name = "bazel_gazelle",
- sha256 = "41bff2a0b32b02f20c227d234aa25ef3783998e5453f7eade929704dcff7cd4b",
+ sha256 = "86c6d481b3f7aedc1d60c1c211c6f76da282ae197c3b3160f54bd3a8f847896f",
urls = [
- "https://storage.googleapis.com/bazel-mirror/github.com/bazelbuild/bazel-gazelle/releases/download/v0.19.0/bazel-gazelle-v0.19.0.tar.gz",
- "https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.19.0/bazel-gazelle-v0.19.0.tar.gz",
+ "https://storage.googleapis.com/bazel-mirror/github.com/bazelbuild/bazel-gazelle/releases/download/v0.19.1/bazel-gazelle-v0.19.1.tar.gz",
+ "https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.19.1/bazel-gazelle-v0.19.1.tar.gz",
],
)
@@ -95,22 +95,19 @@
# Linux kernel
-linux_kernel_version = "4.19.72"
+linux_kernel_version = "5.4.7"
http_archive(
name = "linux_kernel",
build_file = "@//core/build/linux_kernel_repo:BUILD.repo",
patch_args = ["-p1"],
patches = [
- # Fix is in mainline, but upstream hasn't backported it to 4.19.
- # Will go away when we switch to 5.4 LTS
- "@//core/build/linux_kernel_repo:0002-kbuild-add--fcf-protection-none-to-retpoline-flags.patch",
# Enable built-in cmdline for efistub
"@//core/build/linux_kernel_repo:0001-x86-Allow-built-in-command-line-to-work-in-early-ker.patch",
],
- sha256 = "f9fcb6b3bd29115ac55fc154e300c3dce2044502732f6842ad6c25e6f9f51f6d",
+ sha256 = "abc9b21d9146d95853dac35f4c4489a0199aff53ee6eee4b0563d1b37079fcc9",
strip_prefix = "linux-" + linux_kernel_version,
- urls = ["https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-%s.tar.xz" % linux_kernel_version],
+ urls = ["https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-%s.tar.xz" % linux_kernel_version],
)
# EDK2
@@ -127,12 +124,12 @@
# musl
-musl_version = "1.1.23"
+musl_version = "1.1.24"
http_archive(
name = "musl",
build_file_content = all_content,
- sha256 = "8a0feb41cef26c97dde382c014e68b9bb335c094bbc1356f6edaaf6b79bd14aa",
+ sha256 = "1370c9a812b2cf2a7d92802510cca0058cc37e66a7bedd70051f0a34015022a3",
strip_prefix = "musl-" + musl_version,
urls = ["https://www.musl-libc.org/releases/musl-%s.tar.gz" % musl_version],
)
@@ -166,7 +163,7 @@
)
# Kubernetes
-k8s_version = "1.16.2"
+k8s_version = "1.16.4"
http_archive(
name = "kubernetes",
@@ -174,7 +171,7 @@
patches = [
"@//core/build/kubernetes:0001-avoid-unexpected-keyword-error-by-using-positional-p.patch",
],
- sha256 = "21d884b67abd1182958313474a40678ba8f3713e6b6f520401e42c02ba6ea302",
+ sha256 = "3a49373ba56c73c282deb0cfa2ec7bfcc6bf46acb6992f01319eb703cbf68996",
urls = ["https://dl.k8s.io/v%s/kubernetes-src.tar.gz" % k8s_version],
)
diff --git a/build/Dockerfile b/build/Dockerfile
index 3fdfc68..5cd6161 100644
--- a/build/Dockerfile
+++ b/build/Dockerfile
@@ -36,8 +36,8 @@
# Install Bazel binary
RUN curl -o /usr/local/bin/bazel \
- https://releases.bazel.build/1.1.0/release/bazel-1.1.0-linux-x86_64 && \
- echo 'f54ab5f31b8d7c6a0ce9dee387af45b1d6577ff9625ef6c535896b59cdf8828a /usr/local/bin/bazel' | sha256sum --check && \
+ https://releases.bazel.build/2.0.0/release/bazel-2.0.0-linux-x86_64 && \
+ echo '4df79462c6c3ecdeeee7af99fc269b52ab1aa4828ef3bc359c1837d3fafeeee7 /usr/local/bin/bazel' | sha256sum --check && \
chmod +x /usr/local/bin/bazel
# Use a shared Go module cache for gazelle
diff --git a/core/build/linux_kernel_repo/0001-x86-Allow-built-in-command-line-to-work-in-early-ker.patch b/core/build/linux_kernel_repo/0001-x86-Allow-built-in-command-line-to-work-in-early-ker.patch
index 69f0a3d..6225591 100644
--- a/core/build/linux_kernel_repo/0001-x86-Allow-built-in-command-line-to-work-in-early-ker.patch
+++ b/core/build/linux_kernel_repo/0001-x86-Allow-built-in-command-line-to-work-in-early-ker.patch
@@ -37,39 +37,40 @@
has already been appended and so shouldn't be added once more.
Updated for Linux 4.19 by Lorenz Brun <lorenz@nexantic.com>
+Updated for Linux 5.4 by Leopold Schabel <leo@nexantic.com>
Signed-off-by: Matthew Garrett <mjg59@coreos.com>
---
- Documentation/x86/zero-page.txt | 1 +
+ Documentation/x86/zero-page.rst | 1 +
arch/x86/boot/boot.h | 10 ++++
arch/x86/boot/cmdline.c | 37 ++++++++++++++
- arch/x86/boot/compressed/cmdline.c | 18 ++++++-
+ arch/x86/boot/compressed/cmdline.c | 10 ++++
arch/x86/boot/compressed/eboot.c | 3 ++
arch/x86/boot/compressed/misc.c | 2 +
- arch/x86/boot/compressed/misc.h | 3 +-
+ arch/x86/boot/compressed/misc.h | 1 +
arch/x86/boot/main.c | 3 ++
arch/x86/include/uapi/asm/bootparam.h | 5 +-
arch/x86/kernel/setup.c | 16 +++---
.../firmware/efi/libstub/efi-stub-helper.c | 50 +++++++++++++++++--
- 11 files changed, 135 insertions(+), 13 deletions(-)
+ 11 files changed, 127 insertions(+), 11 deletions(-)
-diff --git a/Documentation/x86/zero-page.txt b/Documentation/x86/zero-page.txt
-index 97b7adbceda4..3d5e3a81b5fa 100644
---- a/Documentation/x86/zero-page.txt
-+++ b/Documentation/x86/zero-page.txt
-@@ -12,6 +12,7 @@ Offset Proto Name Meaning
- 000/040 ALL screen_info Text mode or frame buffer information
- (struct screen_info)
- 040/014 ALL apm_bios_info APM BIOS information (struct apm_bios_info)
-+054/004 ALL setup_flags Flags passed from early kernel setup
- 058/008 ALL tboot_addr Physical address of tboot shared page
- 060/010 ALL ist_info Intel SpeedStep (IST) BIOS support information
- (struct ist_info)
+diff --git a/Documentation/x86/zero-page.rst b/Documentation/x86/zero-page.rst
+index f088f5881666..3f84244dd573 100644
+--- a/Documentation/x86/zero-page.rst
++++ b/Documentation/x86/zero-page.rst
+@@ -16,6 +16,7 @@ Offset/Size Proto Name Meaning
+ 000/040 ALL screen_info Text mode or frame buffer information
+ (struct screen_info)
+ 040/014 ALL apm_bios_info APM BIOS information (struct apm_bios_info)
++054/004 ALL setup_flags Flags passed from early kernel setup
+ 058/008 ALL tboot_addr Physical address of tboot shared page
+ 060/010 ALL ist_info Intel SpeedStep (IST) BIOS support information
+ (struct ist_info)
diff --git a/arch/x86/boot/boot.h b/arch/x86/boot/boot.h
-index ef5a9cc66fb8..4dcf45570976 100644
+index ca866f1cca2e..a97502baba73 100644
--- a/arch/x86/boot/boot.h
+++ b/arch/x86/boot/boot.h
-@@ -273,6 +273,7 @@ void intcall(u8 int_no, const struct biosregs *ireg, struct biosregs *oreg);
+@@ -269,6 +269,7 @@ void intcall(u8 int_no, const struct biosregs *ireg, struct biosregs *oreg);
/* cmdline.c */
int __cmdline_find_option(unsigned long cmdline_ptr, const char *option, char *buffer, int bufsize);
int __cmdline_find_option_bool(unsigned long cmdline_ptr, const char *option);
@@ -77,10 +78,10 @@
static inline int cmdline_find_option(const char *option, char *buffer, int bufsize)
{
unsigned long cmd_line_ptr = boot_params.hdr.cmd_line_ptr;
-@@ -293,6 +294,15 @@ static inline int cmdline_find_option_bool(const char *option)
+@@ -289,6 +290,15 @@ static inline int cmdline_find_option_bool(const char *option)
return __cmdline_find_option_bool(cmd_line_ptr, option);
}
-
+
+static inline int cmdline_init(void)
+{
+ unsigned long cmd_line_ptr = boot_params.hdr.cmd_line_ptr;
@@ -94,13 +95,13 @@
int check_cpu(int *cpu_level_ptr, int *req_level_ptr, u32 **err_flags_ptr);
int check_knl_erratum(void);
diff --git a/arch/x86/boot/cmdline.c b/arch/x86/boot/cmdline.c
-index 625d21b0cd3f..2273d2797570 100644
+index 4ff01176c1cc..b5dfbe0b3209 100644
--- a/arch/x86/boot/cmdline.c
+++ b/arch/x86/boot/cmdline.c
-@@ -14,6 +14,10 @@
-
+@@ -12,6 +12,10 @@
+
#include "boot.h"
-
+
+#ifdef CONFIG_CMDLINE_BOOL
+static char builtin_cmdline[] = CONFIG_CMDLINE;
+#endif
@@ -108,8 +109,8 @@
static inline int myisspace(u8 c)
{
return c <= ' '; /* Close enough approximation */
-@@ -156,3 +160,36 @@ int __cmdline_find_option_bool(unsigned long cmdline_ptr, const char *option)
-
+@@ -154,3 +158,36 @@ int __cmdline_find_option_bool(unsigned long cmdline_ptr, const char *option)
+
return 0; /* Buffer overrun */
}
+
@@ -146,19 +147,10 @@
+ return 0;
+}
diff --git a/arch/x86/boot/compressed/cmdline.c b/arch/x86/boot/compressed/cmdline.c
-index af6cda0b7900..70fbf01f5f36 100644
+index f1add5d85da9..c69b27a5e76d 100644
--- a/arch/x86/boot/compressed/cmdline.c
+++ b/arch/x86/boot/compressed/cmdline.c
-@@ -1,7 +1,7 @@
- // SPDX-License-Identifier: GPL-2.0
- #include "misc.h"
-
--#if CONFIG_EARLY_PRINTK || CONFIG_RANDOMIZE_BASE || CONFIG_X86_5LEVEL
-+#if CONFIG_EARLY_PRINTK || CONFIG_RANDOMIZE_BASE || CONFIG_X86_5LEVEL || CONFIG_CMDLINE_BOOL
-
- static unsigned long fs;
- static inline void set_fs(unsigned long seg)
-@@ -13,6 +13,10 @@ static inline char rdfs8(addr_t addr)
+@@ -11,6 +11,10 @@ static inline char rdfs8(addr_t addr)
{
return *((char *)(fs + addr));
}
@@ -169,75 +161,63 @@
#include "../cmdline.c"
unsigned long get_cmd_line_ptr(void)
{
-@@ -31,4 +35,16 @@ int cmdline_find_option_bool(const char *option)
+@@ -28,3 +32,9 @@ int cmdline_find_option_bool(const char *option)
+ {
return __cmdline_find_option_bool(get_cmd_line_ptr(), option);
}
-
+int cmdline_init(void)
+{
+ if (!(boot_params->setup_flags & SETUP_CMDLINE_APPENDED))
+ return __cmdline_init(get_cmd_line_ptr(), boot_params);
+ return 0;
+}
-+#else
-+int cmdline_init(void)
-+{
-+#error "BAD"
-+ return 0;
-+}
- #endif
diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
-index 544ac4fafd11..0c8059ace733 100644
+index 82bc60c8acb2..a325c5dd2700 100644
--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
-@@ -451,6 +451,9 @@ struct boot_params *make_boot_params(struct efi_config *c)
+@@ -447,6 +447,9 @@ struct boot_params *make_boot_params(struct efi_config *c)
/* Fill in upper bits of command line address, NOP on 32 bit */
boot_params->ext_cmd_line_ptr = (u64)(unsigned long)cmdline_ptr >> 32;
-
+
+#ifdef CONFIG_CMDLINE_BOOL
+ boot_params->setup_flags |= SETUP_CMDLINE_APPENDED;
+#endif
hdr->ramdisk_image = 0;
hdr->ramdisk_size = 0;
-
+
diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c
-index 0387d7a96c84..90af5161dde4 100644
+index 9652d5c2afda..05fd4372b630 100644
--- a/arch/x86/boot/compressed/misc.c
+++ b/arch/x86/boot/compressed/misc.c
-@@ -365,6 +365,8 @@ asmlinkage __visible void *extract_kernel(void *rmode, memptr heap,
+@@ -366,6 +366,8 @@ asmlinkage __visible void *extract_kernel(void *rmode, memptr heap,
lines = boot_params->screen_info.orig_video_lines;
cols = boot_params->screen_info.orig_video_cols;
-
+
+ cmdline_init();
+
console_init();
- debug_putstr("early console in extract_kernel\n");
-
+
+ /*
diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h
-index 47fd18db6b3b..2e5e1d80ba38 100644
+index c8181392f70d..e2f962e7c0d4 100644
--- a/arch/x86/boot/compressed/misc.h
+++ b/arch/x86/boot/compressed/misc.h
-@@ -61,10 +61,11 @@ static inline void debug_puthex(const char *s)
-
- #endif
-
--#if CONFIG_EARLY_PRINTK || CONFIG_RANDOMIZE_BASE
-+#if CONFIG_EARLY_PRINTK || CONFIG_RANDOMIZE_BASE || CONFIG_CMDLINE_BOOL
+@@ -68,6 +68,7 @@ static inline void debug_puthex(const char *s)
/* cmdline.c */
int cmdline_find_option(const char *option, char *buffer, int bufsize);
int cmdline_find_option_bool(const char *option);
+int cmdline_init(void);
- #endif
-
-
+
+ struct mem_vector {
+ unsigned long long start;
diff --git a/arch/x86/boot/main.c b/arch/x86/boot/main.c
-index 9bcea386db65..e3275d57f024 100644
+index e3add857c2c9..e20e81253a7d 100644
--- a/arch/x86/boot/main.c
+++ b/arch/x86/boot/main.c
-@@ -137,6 +137,9 @@ void main(void)
+@@ -136,6 +136,9 @@ void main(void)
/* First, copy the boot header into the "zeropage" */
copy_boot_params();
-
+
+ /* Handle built-in command line */
+ cmdline_init();
+
@@ -245,20 +225,20 @@
console_init();
if (cmdline_find_option_bool("debug"))
diff --git a/arch/x86/include/uapi/asm/bootparam.h b/arch/x86/include/uapi/asm/bootparam.h
-index a06cbf019744..aee889f5400f 100644
+index c895df5482c5..bb3c2073a63a 100644
--- a/arch/x86/include/uapi/asm/bootparam.h
+++ b/arch/x86/include/uapi/asm/bootparam.h
-@@ -30,6 +30,9 @@
- #define XLF_EFI_HANDOVER_64 (1<<3)
- #define XLF_EFI_KEXEC (1<<4)
-
+@@ -32,6 +32,9 @@
+ #define XLF_5LEVEL (1<<5)
+ #define XLF_5LEVEL_ENABLED (1<<6)
+
+/* setup_flags */
+#define SETUP_CMDLINE_APPENDED (1<<0)
+
#ifndef __ASSEMBLY__
-
+
#include <linux/types.h>
-@@ -152,7 +155,7 @@ struct jailhouse_setup_data {
+@@ -154,7 +157,7 @@ struct jailhouse_setup_data {
struct boot_params {
struct screen_info screen_info; /* 0x000 */
struct apm_bios_info apm_bios_info; /* 0x040 */
@@ -266,14 +246,14 @@
+ __u32 setup_flags; /* 0x054 */
__u64 tboot_addr; /* 0x058 */
struct ist_info ist_info; /* 0x060 */
- __u8 _pad3[16]; /* 0x070 */
+ __u64 acpi_rsdp_addr; /* 0x070 */
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index b4866badb235..c6ad8800349b 100644
+index 77ea96b794bd..7985d13f8e5b 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
-@@ -935,16 +935,18 @@ void __init setup_arch(char **cmdline_p)
+@@ -957,16 +957,18 @@ void __init setup_arch(char **cmdline_p)
bss_resource.end = __pa_symbol(__bss_stop)-1;
-
+
#ifdef CONFIG_CMDLINE_BOOL
+ if (!(boot_params.setup_flags & SETUP_CMDLINE_APPENDED)) {
#ifdef CONFIG_CMDLINE_OVERRIDE
@@ -295,20 +275,20 @@
#endif
+ }
#endif
-
+
strlcpy(command_line, boot_command_line, COMMAND_LINE_SIZE);
diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c
-index 442f51c2a53d..61f65f8ac94f 100644
+index 35dbc2791c97..87d1e390fb49 100644
--- a/drivers/firmware/efi/libstub/efi-stub-helper.c
+++ b/drivers/firmware/efi/libstub/efi-stub-helper.c
-@@ -12,9 +12,14 @@
-
+@@ -9,9 +9,14 @@
+
#include <linux/efi.h>
#include <asm/efi.h>
+#include <asm/setup.h>
-
+
#include "efistub.h"
-
+
+#ifdef CONFIG_CMDLINE_BOOL
+static char builtin_cmdline[] = CONFIG_CMDLINE;
+#endif
@@ -316,7 +296,7 @@
/*
* Some firmware implementations have problems reading files in one go.
* A read chunk size of 1MB seems to work for most platforms.
-@@ -806,6 +811,20 @@ static u8 *efi_utf16_to_utf8(u8 *dst, const u16 *src, int n)
+@@ -799,6 +804,20 @@ static u8 *efi_utf16_to_utf8(u8 *dst, const u16 *src, int n)
#ifndef MAX_CMDLINE_ADDRESS
#define MAX_CMDLINE_ADDRESS ULONG_MAX
#endif
@@ -334,10 +314,10 @@
+ dest[len] = 0;
+ return res;
+}
-
+
/*
* Convert the unicode UEFI command line to ASCII to pass to kernel.
-@@ -816,14 +835,16 @@ char *efi_convert_cmdline(efi_system_table_t *sys_table_arg,
+@@ -809,14 +828,16 @@ char *efi_convert_cmdline(efi_system_table_t *sys_table_arg,
efi_loaded_image_t *image,
int *cmd_line_len)
{
@@ -354,13 +334,13 @@
int options_chars = 0; /* UTF-16 chars */
- efi_status_t status;
u16 zero = 0;
-
+
if (options) {
-@@ -842,8 +863,14 @@ char *efi_convert_cmdline(efi_system_table_t *sys_table_arg,
-
+@@ -835,8 +856,14 @@ char *efi_convert_cmdline(efi_system_table_t *sys_table_arg,
+
options_bytes++; /* NUL termination */
-
-+
+
++
+#ifdef CONFIG_CMDLINE_BOOL
+ /* Add length of the built-in command line, plus a space */
+ options_bytes += strlen(builtin_cmdline);
@@ -371,11 +351,11 @@
+ &cmdline_addr, MAX_CMDLINE_ADDRESS);
if (status != EFI_SUCCESS)
return NULL;
-
-@@ -853,7 +880,24 @@ char *efi_convert_cmdline(efi_system_table_t *sys_table_arg,
+
+@@ -846,7 +873,24 @@ char *efi_convert_cmdline(efi_system_table_t *sys_table_arg,
s1 = efi_utf16_to_utf8(s1, s2, options_chars);
*s1 = '\0';
-
+
+#ifdef CONFIG_CMDLINE_BOOL
+ efi_strlcat((char *)cmdline_addr, " ", COMMAND_LINE_SIZE);
+ efi_strlcat((char *)cmdline_addr, builtin_cmdline, COMMAND_LINE_SIZE);
@@ -396,7 +376,6 @@
+
return (char *)cmdline_addr;
}
-
---
-2.20.1
+--
+2.24.1
diff --git a/core/build/linux_kernel_repo/0002-kbuild-add--fcf-protection-none-to-retpoline-flags.patch b/core/build/linux_kernel_repo/0002-kbuild-add--fcf-protection-none-to-retpoline-flags.patch
deleted file mode 100644
index 23f8920..0000000
--- a/core/build/linux_kernel_repo/0002-kbuild-add--fcf-protection-none-to-retpoline-flags.patch
+++ /dev/null
@@ -1,126 +0,0 @@
-Copyright 2020 The Monogon Project Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
-
-From patchwork Tue Jul 9 18:49:19 2019
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-X-Patchwork-Submitter: Seth Forshee <seth.forshee@canonical.com>
-X-Patchwork-Id: 11037379
-Return-Path: <linux-kbuild-owner@kernel.org>
-Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
- [172.30.200.125])
- by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EFE1413A4
- for <patchwork-linux-kbuild@patchwork.kernel.org>;
- Tue, 9 Jul 2019 18:49:26 +0000 (UTC)
-Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
- by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D0B0528871
- for <patchwork-linux-kbuild@patchwork.kernel.org>;
- Tue, 9 Jul 2019 18:49:26 +0000 (UTC)
-Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
- id C0AE028874; Tue, 9 Jul 2019 18:49:26 +0000 (UTC)
-X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
- pdx-wl-mail.web.codeaurora.org
-X-Spam-Level:
-X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI,
- RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1
-Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
- by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5F01228871
- for <patchwork-linux-kbuild@patchwork.kernel.org>;
- Tue, 9 Jul 2019 18:49:26 +0000 (UTC)
-Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
- id S1727063AbfGIStZ (ORCPT
- <rfc822;patchwork-linux-kbuild@patchwork.kernel.org>);
- Tue, 9 Jul 2019 14:49:25 -0400
-Received: from youngberry.canonical.com ([91.189.89.112]:56934 "EHLO
- youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
- with ESMTP id S1726133AbfGIStY (ORCPT
- <rfc822;linux-kbuild@vger.kernel.org>);
- Tue, 9 Jul 2019 14:49:24 -0400
-Received: from mail-io1-f69.google.com ([209.85.166.69])
- by youngberry.canonical.com with esmtps
- (TLS1.0:RSA_AES_128_CBC_SHA1:16)
- (Exim 4.76)
- (envelope-from <seth.forshee@canonical.com>)
- id 1hkvB4-0006CP-8Q
- for linux-kbuild@vger.kernel.org; Tue, 09 Jul 2019 18:49:22 +0000
-Received: by mail-io1-f69.google.com with SMTP id f22so24034402ioj.9
- for <linux-kbuild@vger.kernel.org>;
- Tue, 09 Jul 2019 11:49:22 -0700 (PDT)
-X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
- d=1e100.net; s=20161025;
- h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
- :content-transfer-encoding;
- bh=PxPSNMyhSc6n3DVu8+8initQj1WYg71cqa7Dt37YRsc=;
- b=qHbylZ43xDRjDzcyh6+tvI1FHfj4WWHEfu1q+lcIS5ZnHVkD+Kbs8AvvnQbbzxW/NR
- G5bnmNRaECN8JpHIl04cEI7ac7X80G/RsTvZqaUhHIcipFo9G//4rbS6wNQXfykAT3s5
- 4Hisn0RwUl/P8ih0rv6GpSKQ42sePwKiFDn1OB/IA5yfeRnBdMX/Yz9fa8WZw5WcyKrx
- QbHW2Sbh4a+KtOUdW4077l90jaFdGYK0jCi2cbxYZaLaUqlGp7sGOdeCkL0kH04J5Xc+
- OBSB1sPYyMeJnzD9zgEyFrWZhVqRzutyx8+h6ED5lutxRxcUrJZTcN0t92zjaT7PUK3M
- 6+Cw==
-X-Gm-Message-State: APjAAAV4mJS0j+NGxACnw/Q7oaf1hS+0yO8jvXFLrfIEZr2fl43yGiC5
- iqZe/xI2zc/WW4hGVu4k4R0nB7XEWLM7muvOK/0zpYsskk7IUOTlyEDFjiMgPSrKYhwVIEpUEAr
- Rt4W8ClWJWmC7rMIlFISjq8AY8E7Vj6mrgybzttx8sg==
-X-Received: by 2002:a02:cc50:: with SMTP id i16mr3728956jaq.50.1562698161275;
- Tue, 09 Jul 2019 11:49:21 -0700 (PDT)
-X-Google-Smtp-Source:
- APXvYqww71No87FKb3rA8fwT+GlZqF9MtRtPIDfWtG04OMqHpUZRPq3+YiRqWPLQiJMSyPtIx7hDRg==
-X-Received: by 2002:a02:cc50:: with SMTP id i16mr3728928jaq.50.1562698160978;
- Tue, 09 Jul 2019 11:49:20 -0700 (PDT)
-Received: from localhost ([2605:a601:ac2:fb20:b0e0:a018:77ee:9817])
- by smtp.gmail.com with ESMTPSA id
- n17sm20052182iog.63.2019.07.09.11.49.20
- (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256);
- Tue, 09 Jul 2019 11:49:20 -0700 (PDT)
-From: Seth Forshee <seth.forshee@canonical.com>
-To: Masahiro Yamada <yamada.masahiro@socionext.com>,
- Michal Marek <michal.lkml@markovi.net>
-Cc: linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org
-Subject: [PATCH] kbuild: add -fcf-protection=none to retpoline flags
-Date: Tue, 9 Jul 2019 13:49:19 -0500
-Message-Id: <20190709184919.20178-1-seth.forshee@canonical.com>
-X-Mailer: git-send-email 2.20.1
-MIME-Version: 1.0
-Sender: linux-kbuild-owner@vger.kernel.org
-Precedence: bulk
-List-ID: <linux-kbuild.vger.kernel.org>
-X-Mailing-List: linux-kbuild@vger.kernel.org
-X-Virus-Scanned: ClamAV using ClamSMTP
-
--mindirect-branch and -fcf-protection are not compatible, and
-so kernel builds fail with a gcc build where -fcf-protection is
-enabled by default. Add -fcf-protection=none to the retpoline
-flags to fix this.
-
-Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
----
- Makefile | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/Makefile b/Makefile
-index 3e4868a6498b..050f11d19777 100644
---- a/Makefile
-+++ b/Makefile
-@@ -636,6 +636,10 @@ RETPOLINE_CFLAGS_CLANG := -mretpoline-external-thunk
- RETPOLINE_VDSO_CFLAGS_CLANG := -mretpoline
- RETPOLINE_CFLAGS := $(call cc-option,$(RETPOLINE_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_CFLAGS_CLANG)))
- RETPOLINE_VDSO_CFLAGS := $(call cc-option,$(RETPOLINE_VDSO_CFLAGS_GCC),$(call cc-option,$(RETPOLINE_VDSO_CFLAGS_CLANG)))
-+# -mindirect-branch is incompatible with -fcf-protection, so ensure the
-+# latter is disabled
-+RETPOLINE_CFLAGS += $(call cc-option,-fcf-protection=none,)
-+RETPOLINE_VDSO_CFLAGS += $(call cc-option,-fcf-protection=none,)
- export RETPOLINE_CFLAGS
- export RETPOLINE_VDSO_CFLAGS
-