From owner-svn-src-head@freebsd.org Wed Feb 28 14:57:46 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 61911F2C286; Wed, 28 Feb 2018 14:57:46 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 14BF07AA3D; Wed, 28 Feb 2018 14:57:46 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 09C201AF48; Wed, 28 Feb 2018 14:57:46 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1SEvjW5059856; Wed, 28 Feb 2018 14:57:45 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1SEvjNN059852; Wed, 28 Feb 2018 14:57:45 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201802281457.w1SEvjNN059852@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Wed, 28 Feb 2018 14:57:45 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r330110 - in head: sys/conf tools/build/options X-SVN-Group: head X-SVN-Commit-Author: emaste X-SVN-Commit-Paths: in head: sys/conf tools/build/options X-SVN-Commit-Revision: 330110 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Feb 2018 14:57:46 -0000 Author: emaste Date: Wed Feb 28 14:57:45 2018 New Revision: 330110 URL: https://svnweb.freebsd.org/changeset/base/330110 Log: Add kernel retpoline option for amd64 Retpoline is a compiler-based mitigation for CVE-2017-5715, also known as Spectre V2, that protects against speculative execution branch target injection attacks. In this commit it is disabled by default, but will be changed in a followup commit. Reviewed by: bdrewery (previous version) MFC after: 3 days Security: CVE-2017-5715 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D14242 Added: head/tools/build/options/WITHOUT_KERNEL_RETPOLINE (contents, props changed) head/tools/build/options/WITH_KERNEL_RETPOLINE (contents, props changed) Modified: head/sys/conf/kern.mk head/sys/conf/kern.opts.mk Modified: head/sys/conf/kern.mk ============================================================================== --- head/sys/conf/kern.mk Wed Feb 28 10:00:02 2018 (r330109) +++ head/sys/conf/kern.mk Wed Feb 28 14:57:45 2018 (r330110) @@ -203,7 +203,7 @@ CFLAGS+= -ffreestanding # gcc and clang opimizers take advantage of this. The kernel makes # use of signed integer wraparound mechanics so we need the compiler # to treat it as a wraparound and not take shortcuts. -# +# CFLAGS+= -fwrapv # @@ -212,6 +212,14 @@ CFLAGS+= -fwrapv .if ${MK_SSP} != "no" && \ ${MACHINE_CPUARCH} != "arm" && ${MACHINE_CPUARCH} != "mips" CFLAGS+= -fstack-protector +.endif + +# +# Retpoline speculative execution vulnerability mitigation (CVE-2017-5715) +# +.if defined(COMPILER_FEATURES) && ${COMPILER_FEATURES:Mretpoline} != "" && \ + ${MK_KERNEL_RETPOLINE} != "no" +CFLAGS+= -mretpoline .endif # Modified: head/sys/conf/kern.opts.mk ============================================================================== --- head/sys/conf/kern.opts.mk Wed Feb 28 10:00:02 2018 (r330109) +++ head/sys/conf/kern.opts.mk Wed Feb 28 14:57:45 2018 (r330110) @@ -47,6 +47,7 @@ __DEFAULT_YES_OPTIONS = \ __DEFAULT_NO_OPTIONS = \ EXTRA_TCP_STACKS \ + KERNEL_RETPOLINE \ NAND \ OFED \ RATELIMIT \ @@ -83,6 +84,11 @@ BROKEN_OPTIONS+= FORMAT_EXTENSIONS # for them. .if ${MACHINE} != "i386" && ${MACHINE} != "amd64" BROKEN_OPTIONS+= OFED +.endif + +# Things that don't work based on toolchain support. +.if ${MACHINE} != "amd64" +BROKEN_OPTIONS+= KERNEL_RETPOLINE .endif # expanded inline from bsd.mkopt.mk to avoid share/mk dependency Added: head/tools/build/options/WITHOUT_KERNEL_RETPOLINE ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/tools/build/options/WITHOUT_KERNEL_RETPOLINE Wed Feb 28 14:57:45 2018 (r330110) @@ -0,0 +1,3 @@ +.\" $FreeBSD$ +Set to disable the "retpoline" mitigation for CVE-2017-5715 in the kernel +build. Added: head/tools/build/options/WITH_KERNEL_RETPOLINE ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/tools/build/options/WITH_KERNEL_RETPOLINE Wed Feb 28 14:57:45 2018 (r330110) @@ -0,0 +1,3 @@ +.\" $FreeBSD$ +Set to enable the "retpoline" mitigation for CVE-2017-5715 in the kernel +build.