Re: Hang when booting guest kernels compiled with clang after SRSO mitigations
From: Nathan Chancellor
Date: Thu Aug 10 2023 - 09:27:19 EST
On Thu, Aug 10, 2023 at 02:51:22PM +0200, Borislav Petkov wrote:
> On Thu, Aug 10, 2023 at 03:16:49AM -0700, Nathan Chancellor wrote:
> > Just to clarify, this is the guest kernel at -rc5 and the host kernel
> > with the SRSO mitigations applied? If so, that's the problem. The guest
> > kernel does not have to have the SRSO mitigations applied to see this
> > problem. Sorry I should have made that more clear! If not though, that's
> > interesting because I was running -rc5 on the host without issues.
>
> Well, how do you even build CPU_SRSO with clang?
>
> config CPU_SRSO
> bool "Mitigate speculative RAS overflow on AMD"
> depends on CPU_SUP_AMD && X86_64 && RETHUNK
> ^^^^^^^
>
> config RETHUNK
> bool "Enable return-thunks"
> depends on RETPOLINE && CC_HAS_RETURN_THUNK
> ^^^^^^^^^^^^^^^^^^^
>
> config CC_HAS_RETURN_THUNK
> def_bool $(cc-option,-mfunction-return=thunk-extern)
>
> $ clang -mfunction-return=thunk-extern
> clang: error: unknown argument: '-mfunction-return=thunk-extern'
> clang: error: no input files
>
> $ clang --version
> Debian clang version 14.0.6
> Target: x86_64-pc-linux-gnu
> Thread model: posix
> InstalledDir: /usr/bin
>
> Hmmm.
That option was only backported to LLVM 15.x+ because 14.x and older
were not supported any more when it was added.
$ clang -mfunction-return=thunk-extern -x c -c -o /dev/null /dev/null
$ clang --version
clang version 15.0.7
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
But my host kernel was compiled using GCC 13.2.0 from kernel.org for the
sake of testing to see if the compiler used to build the host kernel had
an impact on the problem and it did not.
Cheers,
Nathan