[gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

[gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

[tuxic]

Hi,

CPU bugs seem to be more and more common:
https://www.heise.de/security/meldung/Linux-Kernel-und-Distributionen-schuetzen-vor-Prozessorluecke-Foreshadow-L1TF-4137264.html
https://www.heise.de/security/meldung/Spectre-NG-Foreshadow-gefaehrdet-Intel-Prozessoren-4137209.html
(sorry, I only know of this german spoken references...)

With Linux kernel 4.18.1 Linus has introduced a fix (aka workaround)
of the  Foreshadow bug.

Unfortunately compiling that kernel (as downloaded from
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ )

gives me this bug:


...
  AR      arch/x86/lib/built-in.a
  CC      virt/lib/irqbypass.o
  AR      virt/lib/built-in.a
  AR      virt/built-in.a
  GEN     .version
  CHK     include/generated/compile.h
  UPD     include/generated/compile.h
  CC      init/version.o
  AR      init/built-in.a
  AR      built-in.a
  LD      vmlinux.o
  MODPOST vmlinux.o
arch/x86/kvm/x86.o: In function `kvm_get_arch_capabilities':
x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation'
make[1]: *** [Makefile:1010: vmlinux] Error 1
make: *** [Makefile:273: __build_one_by_one] Error 2
[1]    25144 exit 2     make clean all


I am alone or is this known (a quick search on startpage.com does not
give me any useful) or ... ?
Is there a way around it?

Cheers!
Meino

Re: [gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

[Adam Carter]

[-- Attachment #1: Type: text/plain, Size: 1762 bytes --]

On Fri, Aug 17, 2018 at 1:15 PM, <tuxic@posteo.de> wrote:

> Hi,
>
> CPU bugs seem to be more and more common:
> https://www.heise.de/security/meldung/Linux-Kernel-und-
> Distributionen-schuetzen-vor-Prozessorluecke-Foreshadow-L1TF-4137264.html
> https://www.heise.de/security/meldung/Spectre-NG-Foreshadow-
> gefaehrdet-Intel-Prozessoren-4137209.html
> (sorry, I only know of this german spoken references...)
>
> With Linux kernel 4.18.1 Linus has introduced a fix (aka workaround)
> of the  Foreshadow bug.
>

 4.18, 4.17, 4.14, 4.9, and 4.4 have all had the fixes applied.

>
> Unfortunately compiling that kernel (as downloaded from
> https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ )
>
> gives me this bug:
>

gentoo-sources with gcc 7.3 builds fine for me.

Intel: grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
Speculative Store Bypass disabled via prctl and seccomp
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic
retpoline, IBPB, IBRS_FW

AMD: grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
Speculative Store Bypass disabled via prctl and seccomp
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD
retpoline, IBPB

[-- Attachment #2: Type: text/html, Size: 3022 bytes --]

Re: [gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

[tuxic]

On 08/17 02:53, Adam Carter wrote:
> On Fri, Aug 17, 2018 at 1:15 PM, <tuxic@posteo.de> wrote:
> 
> > Hi,
> >
> > CPU bugs seem to be more and more common:
> > https://www.heise.de/security/meldung/Linux-Kernel-und-
> > Distributionen-schuetzen-vor-Prozessorluecke-Foreshadow-L1TF-4137264.html
> > https://www.heise.de/security/meldung/Spectre-NG-Foreshadow-
> > gefaehrdet-Intel-Prozessoren-4137209.html
> > (sorry, I only know of this german spoken references...)
> >
> > With Linux kernel 4.18.1 Linus has introduced a fix (aka workaround)
> > of the  Foreshadow bug.
> >
> 
>  4.18, 4.17, 4.14, 4.9, and 4.4 have all had the fixes applied.
> 
> >
> > Unfortunately compiling that kernel (as downloaded from
> > https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ )
> >
> > gives me this bug:
> >
> 
> gentoo-sources with gcc 7.3 builds fine for me.
> 
> Intel: grep . /sys/devices/system/cpu/vulnerabilities/*
> /sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
> /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
> /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> Speculative Store Bypass disabled via prctl and seccomp
> /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> pointer sanitization
> /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic
> retpoline, IBPB, IBRS_FW
> 
> AMD: grep . /sys/devices/system/cpu/vulnerabilities/*
> /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
> /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
> /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> Speculative Store Bypass disabled via prctl and seccomp
> /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> pointer sanitization
> /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD
> retpoline, IBPB

Hi,

I am happy, that other sources do work for you Adam.

Interesting would be, why the original sources does not compile for
me.
Any idea?

Re: [gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

[Alexander Kapshuk]

On Fri, Aug 17, 2018 at 8:10 AM <tuxic@posteo.de> wrote:
>
> On 08/17 02:53, Adam Carter wrote:
> > On Fri, Aug 17, 2018 at 1:15 PM, <tuxic@posteo.de> wrote:
> >
> > > Hi,
> > >
> > > CPU bugs seem to be more and more common:
> > > https://www.heise.de/security/meldung/Linux-Kernel-und-
> > > Distributionen-schuetzen-vor-Prozessorluecke-Foreshadow-L1TF-4137264.html
> > > https://www.heise.de/security/meldung/Spectre-NG-Foreshadow-
> > > gefaehrdet-Intel-Prozessoren-4137209.html
> > > (sorry, I only know of this german spoken references...)
> > >
> > > With Linux kernel 4.18.1 Linus has introduced a fix (aka workaround)
> > > of the  Foreshadow bug.
> > >
> >
> >  4.18, 4.17, 4.14, 4.9, and 4.4 have all had the fixes applied.
> >
> > >
> > > Unfortunately compiling that kernel (as downloaded from
> > > https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ )
> > >
> > > gives me this bug:
> > >
> >
> > gentoo-sources with gcc 7.3 builds fine for me.
> >
> > Intel: grep . /sys/devices/system/cpu/vulnerabilities/*
> > /sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
> > /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
> > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> > Speculative Store Bypass disabled via prctl and seccomp
> > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> > pointer sanitization
> > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic
> > retpoline, IBPB, IBRS_FW
> >
> > AMD: grep . /sys/devices/system/cpu/vulnerabilities/*
> > /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
> > /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
> > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> > Speculative Store Bypass disabled via prctl and seccomp
> > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> > pointer sanitization
> > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD
> > retpoline, IBPB
>
> Hi,
>
> I am happy, that other sources do work for you Adam.
>
> Interesting would be, why the original sources does not compile for
> me.
> Any idea?
>
>
>

This problem has been reported upstream. See below.
https://lkml.org/lkml/2018/8/15/118

In particular:

Build is successful with
CONFIG_KVM=y
CONFIG_KVM_INTEL=y
CONFIG_KVM_AMD=y
but fails if only
CONFIG_KVM=y
CONFIG_KVM_AMD=y
are selected.

Re: [gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

[Alexander Kapshuk]

On Fri, Aug 17, 2018 at 8:57 AM Alexander Kapshuk
<alexander.kapshuk@gmail.com> wrote:
>
> On Fri, Aug 17, 2018 at 8:10 AM <tuxic@posteo.de> wrote:
> >
> > On 08/17 02:53, Adam Carter wrote:
> > > On Fri, Aug 17, 2018 at 1:15 PM, <tuxic@posteo.de> wrote:
> > >
> > > > Hi,
> > > >
> > > > CPU bugs seem to be more and more common:
> > > > https://www.heise.de/security/meldung/Linux-Kernel-und-
> > > > Distributionen-schuetzen-vor-Prozessorluecke-Foreshadow-L1TF-4137264.html
> > > > https://www.heise.de/security/meldung/Spectre-NG-Foreshadow-
> > > > gefaehrdet-Intel-Prozessoren-4137209.html
> > > > (sorry, I only know of this german spoken references...)
> > > >
> > > > With Linux kernel 4.18.1 Linus has introduced a fix (aka workaround)
> > > > of the  Foreshadow bug.
> > > >
> > >
> > >  4.18, 4.17, 4.14, 4.9, and 4.4 have all had the fixes applied.
> > >
> > > >
> > > > Unfortunately compiling that kernel (as downloaded from
> > > > https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ )
> > > >
> > > > gives me this bug:
> > > >
> > >
> > > gentoo-sources with gcc 7.3 builds fine for me.
> > >
> > > Intel: grep . /sys/devices/system/cpu/vulnerabilities/*
> > > /sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
> > > /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
> > > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> > > Speculative Store Bypass disabled via prctl and seccomp
> > > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> > > pointer sanitization
> > > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic
> > > retpoline, IBPB, IBRS_FW
> > >
> > > AMD: grep . /sys/devices/system/cpu/vulnerabilities/*
> > > /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
> > > /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
> > > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> > > Speculative Store Bypass disabled via prctl and seccomp
> > > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> > > pointer sanitization
> > > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD
> > > retpoline, IBPB
> >
> > Hi,
> >
> > I am happy, that other sources do work for you Adam.
> >
> > Interesting would be, why the original sources does not compile for
> > me.
> > Any idea?
> >
> >
> >
>
> This problem has been reported upstream. See below.
> https://lkml.org/lkml/2018/8/15/118
>
> In particular:
>
> Build is successful with
> CONFIG_KVM=y
> CONFIG_KVM_INTEL=y
> CONFIG_KVM_AMD=y
> but fails if only
> CONFIG_KVM=y
> CONFIG_KVM_AMD=y
> are selected.

And a follow up email with a reference to a patch that addresses the issue:
https://lkml.org/lkml/2018/8/15/122

Re: [gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

[Alexander Kapshuk]

On Fri, Aug 17, 2018 at 8:58 AM Alexander Kapshuk
<alexander.kapshuk@gmail.com> wrote:
>
> On Fri, Aug 17, 2018 at 8:57 AM Alexander Kapshuk
> <alexander.kapshuk@gmail.com> wrote:
> >
> > On Fri, Aug 17, 2018 at 8:10 AM <tuxic@posteo.de> wrote:
> > >
> > > On 08/17 02:53, Adam Carter wrote:
> > > > On Fri, Aug 17, 2018 at 1:15 PM, <tuxic@posteo.de> wrote:
> > > >
> > > > > Hi,
> > > > >
> > > > > CPU bugs seem to be more and more common:
> > > > > https://www.heise.de/security/meldung/Linux-Kernel-und-
> > > > > Distributionen-schuetzen-vor-Prozessorluecke-Foreshadow-L1TF-4137264.html
> > > > > https://www.heise.de/security/meldung/Spectre-NG-Foreshadow-
> > > > > gefaehrdet-Intel-Prozessoren-4137209.html
> > > > > (sorry, I only know of this german spoken references...)
> > > > >
> > > > > With Linux kernel 4.18.1 Linus has introduced a fix (aka workaround)
> > > > > of the  Foreshadow bug.
> > > > >
> > > >
> > > >  4.18, 4.17, 4.14, 4.9, and 4.4 have all had the fixes applied.
> > > >
> > > > >
> > > > > Unfortunately compiling that kernel (as downloaded from
> > > > > https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ )
> > > > >
> > > > > gives me this bug:
> > > > >
> > > >
> > > > gentoo-sources with gcc 7.3 builds fine for me.
> > > >
> > > > Intel: grep . /sys/devices/system/cpu/vulnerabilities/*
> > > > /sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
> > > > /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
> > > > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> > > > Speculative Store Bypass disabled via prctl and seccomp
> > > > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> > > > pointer sanitization
> > > > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic
> > > > retpoline, IBPB, IBRS_FW
> > > >
> > > > AMD: grep . /sys/devices/system/cpu/vulnerabilities/*
> > > > /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
> > > > /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
> > > > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> > > > Speculative Store Bypass disabled via prctl and seccomp
> > > > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> > > > pointer sanitization
> > > > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD
> > > > retpoline, IBPB
> > >
> > > Hi,
> > >
> > > I am happy, that other sources do work for you Adam.
> > >
> > > Interesting would be, why the original sources does not compile for
> > > me.
> > > Any idea?
> > >
> > >
> > >
> >
> > This problem has been reported upstream. See below.
> > https://lkml.org/lkml/2018/8/15/118
> >
> > In particular:
> >
> > Build is successful with
> > CONFIG_KVM=y
> > CONFIG_KVM_INTEL=y
> > CONFIG_KVM_AMD=y
> > but fails if only
> > CONFIG_KVM=y
> > CONFIG_KVM_AMD=y
> > are selected.
>
> And a follow up email with a reference to a patch that addresses the issue:
> https://lkml.org/lkml/2018/8/15/122

The patch in question will become available in 4.18.2 upstream. See
the link below.
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/commit/?h=linux-4.18.y&id=eca268a3133cafcd188d85489f08a7c5907d985d

Re: [gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

[tuxic]

On 08/17 09:06, Alexander Kapshuk wrote:
> On Fri, Aug 17, 2018 at 8:58 AM Alexander Kapshuk
> <alexander.kapshuk@gmail.com> wrote:
> >
> > On Fri, Aug 17, 2018 at 8:57 AM Alexander Kapshuk
> > <alexander.kapshuk@gmail.com> wrote:
> > >
> > > On Fri, Aug 17, 2018 at 8:10 AM <tuxic@posteo.de> wrote:
> > > >
> > > > On 08/17 02:53, Adam Carter wrote:
> > > > > On Fri, Aug 17, 2018 at 1:15 PM, <tuxic@posteo.de> wrote:
> > > > >
> > > > > > Hi,
> > > > > >
> > > > > > CPU bugs seem to be more and more common:
> > > > > > https://www.heise.de/security/meldung/Linux-Kernel-und-
> > > > > > Distributionen-schuetzen-vor-Prozessorluecke-Foreshadow-L1TF-4137264.html
> > > > > > https://www.heise.de/security/meldung/Spectre-NG-Foreshadow-
> > > > > > gefaehrdet-Intel-Prozessoren-4137209.html
> > > > > > (sorry, I only know of this german spoken references...)
> > > > > >
> > > > > > With Linux kernel 4.18.1 Linus has introduced a fix (aka workaround)
> > > > > > of the  Foreshadow bug.
> > > > > >
> > > > >
> > > > >  4.18, 4.17, 4.14, 4.9, and 4.4 have all had the fixes applied.
> > > > >
> > > > > >
> > > > > > Unfortunately compiling that kernel (as downloaded from
> > > > > > https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ )
> > > > > >
> > > > > > gives me this bug:
> > > > > >
> > > > >
> > > > > gentoo-sources with gcc 7.3 builds fine for me.
> > > > >
> > > > > Intel: grep . /sys/devices/system/cpu/vulnerabilities/*
> > > > > /sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
> > > > > /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
> > > > > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> > > > > Speculative Store Bypass disabled via prctl and seccomp
> > > > > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> > > > > pointer sanitization
> > > > > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic
> > > > > retpoline, IBPB, IBRS_FW
> > > > >
> > > > > AMD: grep . /sys/devices/system/cpu/vulnerabilities/*
> > > > > /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
> > > > > /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
> > > > > /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
> > > > > Speculative Store Bypass disabled via prctl and seccomp
> > > > > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
> > > > > pointer sanitization
> > > > > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD
> > > > > retpoline, IBPB
> > > >
> > > > Hi,
> > > >
> > > > I am happy, that other sources do work for you Adam.
> > > >
> > > > Interesting would be, why the original sources does not compile for
> > > > me.
> > > > Any idea?
> > > >
> > > >
> > > >
> > >
> > > This problem has been reported upstream. See below.
> > > https://lkml.org/lkml/2018/8/15/118
> > >
> > > In particular:
> > >
> > > Build is successful with
> > > CONFIG_KVM=y
> > > CONFIG_KVM_INTEL=y
> > > CONFIG_KVM_AMD=y
> > > but fails if only
> > > CONFIG_KVM=y
> > > CONFIG_KVM_AMD=y
> > > are selected.
> >
> > And a follow up email with a reference to a patch that addresses the issue:
> > https://lkml.org/lkml/2018/8/15/122
> 
> The patch in question will become available in 4.18.2 upstream. See
> the link below.
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/commit/?h=linux-4.18.y&id=eca268a3133cafcd188d85489f08a7c5907d985d
> 


Hi Alexander,

THAT's helpful! Yeah! Thanks a lot!

The only question for me remains: Why does www.startpage.com (search
engine) couldn' find that (I tried that before....) ?

Cheers!
Meino

PS: The recompiling-engine has already powered up and restarted...all
motors are working heavily... :::)))

Re: [gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 623 bytes --]

On Fri, 17 Aug 2018 14:53:27 +1000, Adam Carter wrote:

> > Unfortunately compiling that kernel (as downloaded from
> > https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ )
> >
> > gives me this bug:
> >  
> 
> gentoo-sources with gcc 7.3 builds fine for me.

I got the same with gentoo-source on 4.18.1. I found a patch on LKML  to
fix it, but it's fixed in -r1. It only bites if you have set KVM but not
KVM_INTEL.


-- 
Neil Bothwick

An infinite number of monkeys pounding away on keyboards will
eventually produce a report showing that Windows is more secure,
and has a lower TCO, than linux.

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]