mirror of
https://github.com/raspberrypi/linux.git
synced 2025-12-27 04:22:58 +00:00
1105ab42a8
When retpolines and IBT are both disabled, the compiler is free to use
jump tables to optimize switch instructions. However, these are emitted
by Clang as absolute references into .rodata:
jmp *-0x7dfffe90(,%r9,8)
R_X86_64_32S .rodata+0x170
Given that this code will execute before that address in .rodata has even
been mapped, it is guaranteed to crash a SEV-SNP guest in a way that is
difficult to diagnose.
So disable jump tables when building this code. It would be better if we
could attach this annotation to the __head macro but this appears to be
impossible.
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Tested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Link: https://lore.kernel.org/r/20250127114334.1045857-6-ardb+git@google.com
23 lines
631 B
Makefile
23 lines
631 B
Makefile
# SPDX-License-Identifier: GPL-2.0
|
|
|
|
obj-y += core.o
|
|
|
|
# jump tables are emitted using absolute references in non-PIC code
|
|
# so they cannot be used in the early SEV startup code
|
|
CFLAGS_core.o += -fno-jump-tables
|
|
|
|
ifdef CONFIG_FUNCTION_TRACER
|
|
CFLAGS_REMOVE_core.o = -pg
|
|
endif
|
|
|
|
KASAN_SANITIZE_core.o := n
|
|
KMSAN_SANITIZE_core.o := n
|
|
KCOV_INSTRUMENT_core.o := n
|
|
|
|
# With some compiler versions the generated code results in boot hangs, caused
|
|
# by several compilation units. To be safe, disable all instrumentation.
|
|
KCSAN_SANITIZE := n
|
|
|
|
# Clang 14 and older may fail to respect __no_sanitize_undefined when inlining
|
|
UBSAN_SANITIZE := n
|