ACK: [PATCH 0/2][SRU][D][B] kbuild: add -fcf-protection=none when using retpoline flags
Colin Ian King
colin.king at canonical.com
Mon Sep 16 13:55:51 UTC 2019
On 16/09/2019 14:41, Seth Forshee wrote:
> BugLink: https://bugs.launchpad.net/bugs/1843291
>
> == SRU Justification ==
>
> Impact: Starting in eoan -fcf-protection is enabled by default in gcc,
> see https://wiki.ubuntu.com/ToolChain/CompilerFlags. This option is
> incompatible with -mindirect-branch, which is used for building kernels
> with retpoline support. Building a kernel or dkms modules fails without
> the patch, and during upgrade to eoan we can get failures due to dkms
> modules failing to build for older kernels with the new compiler.
>
> Fix: Backport upstream patch to add -fcf-protection=none to kernel
> retpoline flags.
>
> Test Case: Upgrade from {bionic,disco} to eoan with dkms modules
> installed.
>
> Regression Potential: The patch probes the compiler for support for
> -fcf-protection and only adds it if the compiler supports it, and =none
> was the default prior to the change in eoan. It's also been upstream and
> in eoan for a while now, so it's unlikely to cause any regressions.
>
>
Makes sense.
Acked-by: Colin Ian King <colin.king at canonical.com>
More information about the kernel-team
mailing list