1

升级内核版本时,我正在更新配置。我希望对配置文件进行最少的更改,这样代码审查员就不会花费太多时间。

RETPOLINE 有一个 Kconfig 条目,如下所示:

config RETPOLINE
        bool "Avoid speculative indirect branches in kernel"
        default y
        ---help---
          Compile kernel with the retpoline compiler options to guard against
          kernel-to-user data leaks by avoiding speculative indirect
          branches. Requires a compiler with -mindirect-branch=thunk-extern
          support for full protection. The kernel may run slower.

          Without compiler support, at least indirect branches in assembler
          code are eliminated. Since this includes the syscall entry path,
          it is not entirely pointless.

我注意到我必须在配置文件中添加以下内容以避免运行“make”时出现用户提示:

diff --git a/config b/config
index 96de254..15a0978 100644
--- a/config
+++ b/config
@@ -370,6 +370,7 @@ CONFIG_X86_X2APIC=y
 CONFIG_X86_MPPARSE=y
 # CONFIG_GOLDFISH is not set
 # CONFIG_INTEL_RDT is not set
+# CONFIG_RETPOLINE is not set
 # CONFIG_X86_EXTENDED_PLATFORM is not set
 # CONFIG_X86_INTEL_LPSS is not set
 # CONFIG_X86_AMD_PLATFORM_DEVICE is not set

用户提示(我试图避免)是:

$ vi .config
No mapping found
Press ENTER or type command to continue
[ali@simonLocalRHEL7 kernel-4.9]$ make
scripts/kconfig/conf  --silentoldconfig Kconfig
*
* Restart config...
*
*
* IO Schedulers
*
Deadline I/O scheduler (IOSCHED_DEADLINE) [Y/n/?] y
CFQ I/O scheduler (IOSCHED_CFQ) [Y/n/?] y
Default I/O scheduler
> 1. Deadline (DEFAULT_DEADLINE)
  2. CFQ (DEFAULT_CFQ)
  3. No-op (DEFAULT_NOOP)
choice[1-3?]: 1
Kyber I/O scheduler (MQ_IOSCHED_KYBER) [N/y/?] n
Default single-queue blk-mq I/O scheduler
> 1. None (DEFAULT_SQ_NONE) (NEW)
choice[1]: 1
Default multi-queue blk-mq I/O scheduler
> 1. None (DEFAULT_MQ_NONE) (NEW)
choice[1]: 1
*
* Processor type and features
*
DMA memory allocation support (ZONE_DMA) [Y/n/?] y
Symmetric multi-processing support (SMP) [Y/n/?] y
Support x2apic (X86_X2APIC) [Y/n/?] y
Enable MPS table (X86_MPPARSE) [Y/n/?] y
Intel Resource Director Technology support (INTEL_RDT) [N/y/?] n
Avoid speculative indirect branches in kernel (RETPOLINE) [Y/n/?] (NEW)

我的问题是在输入“make”时避免用户提示的规则是什么?(对不起,我没有弄清楚 Kconfig 语法。)

4

0 回答 0