joaomoreira added a comment. >> Weirdly enough, I double-tested the behavior for -flto=thin + -mibt-seal; >> the kernel did boot fine on my setup, but when dumped/grep'ed for ENDBRs, it >> had ~500 less ENDBRs throughout the binary > > Did you confirm the issue with the reproducer in the CBL bug? It would be > interesting to find out why you couldn't reproduce this in the kernel.
Yes, the reproducer from CBL highlights the issue. I tested it long ago and forgot to add the detail here, yet it should by itself suffice as a motivation for this fix. Thanks for bringing that up. Regarding not being able to reproduce this in kernel -- never mind... I was misled by setup issues while running IBT kernels in QEMU. I managed to fix the setup and confirm that kernel won't boot. Thanks for pushing this bit too. Also, FWIIW, objtool alerts about a bunch of relocations pointing to !endbr instructions when compiling with -flto=thin. When compiling with -flto+-mibt-seal, the only alert is for a data relocation to !non-endbr towards x86_64_start_kernel, which doesn't seem to be a concern since (already under the fixed setup) the kernel still doesn't trip. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D140035/new/ https://reviews.llvm.org/D140035 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
