On 5/19/2017 3:16 PM, Josh Poimboeuf wrote:
On Fri, May 19, 2017 at 01:30:05PM +0200, Borislav Petkov wrote:
it is called so early. I can get past it by adding:
CFLAGS_mem_encrypt.o := $(nostackp)
in the arch/x86/mm/Makefile, but that obviously eliminates the support
for the whole file. Would it be better to split out the sme_enable()
and other boot routines into a separate file or just apply the
$(nostackp) to the whole file?
Josh might have a better idea here... CCed.
I'm the stack validation guy, not the stack protection guy :-)
But there is a way to disable compiler options on a per-function basis
with the gcc __optimize__ function attribute. For example:
__attribute__((__optimize__("no-stack-protector")))
I'll look at doing that instead of removing the support for the whole
file.
Thanks,
Tom