commit 88dc7fca18001fd883e5ace775afa316b68c8f2c · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 pti bits and fixes from Thomas Gleixner:
"This last update contains:

- An objtool fix to prevent a segfault with the gold linker by
changing the invocation order. That's not just for gold, it's a
general robustness improvement.

- An improved error message for objtool which spares tearing hairs.

- Make KASAN fail loudly if there is not enough memory instead of
oopsing at some random place later

- RSB fill on context switch to prevent RSB underflow and speculation
through other units.

- Make the retpoline/RSB functionality work reliably for both Intel
and AMD

- Add retpoline to the module version magic so mismatch can be
detected

- A small (non-fix) update for cpufeatures which prevents cpu feature
clashing for the upcoming extra mitigation bits to ease
backporting"

* 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
module: Add retpoline tag to VERMAGIC
x86/cpufeature: Move processor tracing out of scattered features
objtool: Improve error message for bad file argument
objtool: Fix seg fault with gold linker
x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
x86/retpoline: Fill RSB on context switch for affected CPUs
x86/kasan: Panic if there is not enough memory to boot

Linus Torvalds 8 years ago 88dc7fca dd43f346

+99 -19

10 changed files

expand all

unified split

arch

x86

entry

entry_32.S

entry_64.S

include

asm

cpufeatures.h

nospec-branch.h

kernel

cpu

bugs.c

scattered.c

kasan_init_64.c

include

linux

vermagic.h

scripts

Makefile.build

tools

objtool

elf.c

+11

arch/x86/entry/entry_32.S

··· 244 movl %ebx, PER_CPU_VAR(stack_canary)+stack_canary_offset 245 #endif 246 247 /* restore callee-saved registers */ 248 popl %esi 249 popl %edi

··· 244 movl %ebx, PER_CPU_VAR(stack_canary)+stack_canary_offset 245 #endif 246 247 + #ifdef CONFIG_RETPOLINE 248 + /* 249 + * When switching from a shallower to a deeper call stack 250 + * the RSB may either underflow or use entries populated 251 + * with userspace addresses. On CPUs where those concerns 252 + * exist, overwrite the RSB with entries which capture 253 + * speculative execution to prevent attack. 254 + */ 255 + FILL_RETURN_BUFFER %ebx, RSB_CLEAR_LOOPS, X86_FEATURE_RSB_CTXSW 256 + #endif 257 + 258 /* restore callee-saved registers */ 259 popl %esi 260 popl %edi

+11

arch/x86/entry/entry_64.S

··· 491 movq %rbx, PER_CPU_VAR(irq_stack_union)+stack_canary_offset 492 #endif 493 494 /* restore callee-saved registers */ 495 popq %r15 496 popq %r14

··· 491 movq %rbx, PER_CPU_VAR(irq_stack_union)+stack_canary_offset 492 #endif 493 494 + #ifdef CONFIG_RETPOLINE 495 + /* 496 + * When switching from a shallower to a deeper call stack 497 + * the RSB may either underflow or use entries populated 498 + * with userspace addresses. On CPUs where those concerns 499 + * exist, overwrite the RSB with entries which capture 500 + * speculative execution to prevent attack. 501 + */ 502 + FILL_RETURN_BUFFER %r12, RSB_CLEAR_LOOPS, X86_FEATURE_RSB_CTXSW 503 + #endif 504 + 505 /* restore callee-saved registers */ 506 popq %r15 507 popq %r14

+2 -1

arch/x86/include/asm/cpufeatures.h

··· 206 #define X86_FEATURE_RETPOLINE ( 7*32+12) /* Generic Retpoline mitigation for Spectre variant 2 */ 207 #define X86_FEATURE_RETPOLINE_AMD ( 7*32+13) /* AMD Retpoline mitigation for Spectre variant 2 */ 208 #define X86_FEATURE_INTEL_PPIN ( 7*32+14) /* Intel Processor Inventory Number */ 209 - #define X86_FEATURE_INTEL_PT ( 7*32+15) /* Intel Processor Trace */ 210 #define X86_FEATURE_AVX512_4VNNIW ( 7*32+16) /* AVX-512 Neural Network Instructions */ 211 #define X86_FEATURE_AVX512_4FMAPS ( 7*32+17) /* AVX-512 Multiply Accumulation Single precision */ 212 213 #define X86_FEATURE_MBA ( 7*32+18) /* Memory Bandwidth Allocation */ 214 215 /* Virtualization flags: Linux defined, word 8 */ 216 #define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */ ··· 245 #define X86_FEATURE_AVX512IFMA ( 9*32+21) /* AVX-512 Integer Fused Multiply-Add instructions */ 246 #define X86_FEATURE_CLFLUSHOPT ( 9*32+23) /* CLFLUSHOPT instruction */ 247 #define X86_FEATURE_CLWB ( 9*32+24) /* CLWB instruction */ 248 #define X86_FEATURE_AVX512PF ( 9*32+26) /* AVX-512 Prefetch */ 249 #define X86_FEATURE_AVX512ER ( 9*32+27) /* AVX-512 Exponential and Reciprocal */ 250 #define X86_FEATURE_AVX512CD ( 9*32+28) /* AVX-512 Conflict Detection */

··· 206 #define X86_FEATURE_RETPOLINE ( 7*32+12) /* Generic Retpoline mitigation for Spectre variant 2 */ 207 #define X86_FEATURE_RETPOLINE_AMD ( 7*32+13) /* AMD Retpoline mitigation for Spectre variant 2 */ 208 #define X86_FEATURE_INTEL_PPIN ( 7*32+14) /* Intel Processor Inventory Number */ 209 #define X86_FEATURE_AVX512_4VNNIW ( 7*32+16) /* AVX-512 Neural Network Instructions */ 210 #define X86_FEATURE_AVX512_4FMAPS ( 7*32+17) /* AVX-512 Multiply Accumulation Single precision */ 211 212 #define X86_FEATURE_MBA ( 7*32+18) /* Memory Bandwidth Allocation */ 213 + #define X86_FEATURE_RSB_CTXSW ( 7*32+19) /* Fill RSB on context switches */ 214 215 /* Virtualization flags: Linux defined, word 8 */ 216 #define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */ ··· 245 #define X86_FEATURE_AVX512IFMA ( 9*32+21) /* AVX-512 Integer Fused Multiply-Add instructions */ 246 #define X86_FEATURE_CLFLUSHOPT ( 9*32+23) /* CLFLUSHOPT instruction */ 247 #define X86_FEATURE_CLWB ( 9*32+24) /* CLWB instruction */ 248 + #define X86_FEATURE_INTEL_PT ( 9*32+25) /* Intel Processor Trace */ 249 #define X86_FEATURE_AVX512PF ( 9*32+26) /* AVX-512 Prefetch */ 250 #define X86_FEATURE_AVX512ER ( 9*32+27) /* AVX-512 Exponential and Reciprocal */ 251 #define X86_FEATURE_AVX512CD ( 9*32+28) /* AVX-512 Conflict Detection */

+5 -1

arch/x86/include/asm/nospec-branch.h

··· 11 * Fill the CPU return stack buffer. 12 * 13 * Each entry in the RSB, if used for a speculative 'ret', contains an 14 - * infinite 'pause; jmp' loop to capture speculative execution. 15 * 16 * This is required in various cases for retpoline and IBRS-based 17 * mitigations for the Spectre variant 2 vulnerability. Sometimes to ··· 38 call 772f; \ 39 773: /* speculation trap */ \ 40 pause; \ 41 jmp 773b; \ 42 772: \ 43 call 774f; \ 44 775: /* speculation trap */ \ 45 pause; \ 46 jmp 775b; \ 47 774: \ 48 dec reg; \ ··· 75 call .Ldo_rop_\@ 76 .Lspec_trap_\@: 77 pause 78 jmp .Lspec_trap_\@ 79 .Ldo_rop_\@: 80 mov \reg, (%_ASM_SP) ··· 168 " .align 16\n" \ 169 "901: call 903f;\n" \ 170 "902: pause;\n" \ 171 " jmp 902b;\n" \ 172 " .align 16\n" \ 173 "903: addl $4, %%esp;\n" \

··· 11 * Fill the CPU return stack buffer. 12 * 13 * Each entry in the RSB, if used for a speculative 'ret', contains an 14 + * infinite 'pause; lfence; jmp' loop to capture speculative execution. 15 * 16 * This is required in various cases for retpoline and IBRS-based 17 * mitigations for the Spectre variant 2 vulnerability. Sometimes to ··· 38 call 772f; \ 39 773: /* speculation trap */ \ 40 pause; \ 41 + lfence; \ 42 jmp 773b; \ 43 772: \ 44 call 774f; \ 45 775: /* speculation trap */ \ 46 pause; \ 47 + lfence; \ 48 jmp 775b; \ 49 774: \ 50 dec reg; \ ··· 73 call .Ldo_rop_\@ 74 .Lspec_trap_\@: 75 pause 76 + lfence 77 jmp .Lspec_trap_\@ 78 .Ldo_rop_\@: 79 mov \reg, (%_ASM_SP) ··· 165 " .align 16\n" \ 166 "901: call 903f;\n" \ 167 "902: pause;\n" \ 168 + " lfence;\n" \ 169 " jmp 902b;\n" \ 170 " .align 16\n" \ 171 "903: addl $4, %%esp;\n" \

+36

arch/x86/kernel/cpu/bugs.c

··· 23 #include <asm/alternative.h> 24 #include <asm/pgtable.h> 25 #include <asm/set_memory.h> 26 27 static void __init spectre_v2_select_mitigation(void); 28 ··· 156 return SPECTRE_V2_CMD_NONE; 157 } 158 159 static void __init spectre_v2_select_mitigation(void) 160 { 161 enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline(); ··· 231 232 spectre_v2_enabled = mode; 233 pr_info("%s\n", spectre_v2_strings[mode]); 234 } 235 236 #undef pr_fmt

··· 23 #include <asm/alternative.h> 24 #include <asm/pgtable.h> 25 #include <asm/set_memory.h> 26 + #include <asm/intel-family.h> 27 28 static void __init spectre_v2_select_mitigation(void); 29 ··· 155 return SPECTRE_V2_CMD_NONE; 156 } 157 158 + /* Check for Skylake-like CPUs (for RSB handling) */ 159 + static bool __init is_skylake_era(void) 160 + { 161 + if (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL && 162 + boot_cpu_data.x86 == 6) { 163 + switch (boot_cpu_data.x86_model) { 164 + case INTEL_FAM6_SKYLAKE_MOBILE: 165 + case INTEL_FAM6_SKYLAKE_DESKTOP: 166 + case INTEL_FAM6_SKYLAKE_X: 167 + case INTEL_FAM6_KABYLAKE_MOBILE: 168 + case INTEL_FAM6_KABYLAKE_DESKTOP: 169 + return true; 170 + } 171 + } 172 + return false; 173 + } 174 + 175 static void __init spectre_v2_select_mitigation(void) 176 { 177 enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline(); ··· 213 214 spectre_v2_enabled = mode; 215 pr_info("%s\n", spectre_v2_strings[mode]); 216 + 217 + /* 218 + * If neither SMEP or KPTI are available, there is a risk of 219 + * hitting userspace addresses in the RSB after a context switch 220 + * from a shallow call stack to a deeper one. To prevent this fill 221 + * the entire RSB, even when using IBRS. 222 + * 223 + * Skylake era CPUs have a separate issue with *underflow* of the 224 + * RSB, when they will predict 'ret' targets from the generic BTB. 225 + * The proper mitigation for this is IBRS. If IBRS is not supported 226 + * or deactivated in favour of retpolines the RSB fill on context 227 + * switch is required. 228 + */ 229 + if ((!boot_cpu_has(X86_FEATURE_PTI) && 230 + !boot_cpu_has(X86_FEATURE_SMEP)) || is_skylake_era()) { 231 + setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); 232 + pr_info("Filling RSB on context switch\n"); 233 + } 234 } 235 236 #undef pr_fmt

-1

arch/x86/kernel/cpu/scattered.c

··· 21 static const struct cpuid_bit cpuid_bits[] = { 22 { X86_FEATURE_APERFMPERF, CPUID_ECX, 0, 0x00000006, 0 }, 23 { X86_FEATURE_EPB, CPUID_ECX, 3, 0x00000006, 0 }, 24 - { X86_FEATURE_INTEL_PT, CPUID_EBX, 25, 0x00000007, 0 }, 25 { X86_FEATURE_AVX512_4VNNIW, CPUID_EDX, 2, 0x00000007, 0 }, 26 { X86_FEATURE_AVX512_4FMAPS, CPUID_EDX, 3, 0x00000007, 0 }, 27 { X86_FEATURE_CAT_L3, CPUID_EBX, 1, 0x00000010, 0 },

··· 21 static const struct cpuid_bit cpuid_bits[] = { 22 { X86_FEATURE_APERFMPERF, CPUID_ECX, 0, 0x00000006, 0 }, 23 { X86_FEATURE_EPB, CPUID_ECX, 3, 0x00000006, 0 }, 24 { X86_FEATURE_AVX512_4VNNIW, CPUID_EDX, 2, 0x00000007, 0 }, 25 { X86_FEATURE_AVX512_4FMAPS, CPUID_EDX, 3, 0x00000007, 0 }, 26 { X86_FEATURE_CAT_L3, CPUID_EBX, 1, 0x00000010, 0 },

+14 -10

arch/x86/mm/kasan_init_64.c

··· 21 22 static p4d_t tmp_p4d_table[PTRS_PER_P4D] __initdata __aligned(PAGE_SIZE); 23 24 - static __init void *early_alloc(size_t size, int nid) 25 { 26 - return memblock_virt_alloc_try_nid_nopanic(size, size, 27 - __pa(MAX_DMA_ADDRESS), BOOTMEM_ALLOC_ACCESSIBLE, nid); 28 } 29 30 static void __init kasan_populate_pmd(pmd_t *pmd, unsigned long addr, ··· 42 if (boot_cpu_has(X86_FEATURE_PSE) && 43 ((end - addr) == PMD_SIZE) && 44 IS_ALIGNED(addr, PMD_SIZE)) { 45 - p = early_alloc(PMD_SIZE, nid); 46 if (p && pmd_set_huge(pmd, __pa(p), PAGE_KERNEL)) 47 return; 48 else if (p) 49 memblock_free(__pa(p), PMD_SIZE); 50 } 51 52 - p = early_alloc(PAGE_SIZE, nid); 53 pmd_populate_kernel(&init_mm, pmd, p); 54 } 55 ··· 61 if (!pte_none(*pte)) 62 continue; 63 64 - p = early_alloc(PAGE_SIZE, nid); 65 entry = pfn_pte(PFN_DOWN(__pa(p)), PAGE_KERNEL); 66 set_pte_at(&init_mm, addr, pte, entry); 67 } while (pte++, addr += PAGE_SIZE, addr != end); ··· 79 if (boot_cpu_has(X86_FEATURE_GBPAGES) && 80 ((end - addr) == PUD_SIZE) && 81 IS_ALIGNED(addr, PUD_SIZE)) { 82 - p = early_alloc(PUD_SIZE, nid); 83 if (p && pud_set_huge(pud, __pa(p), PAGE_KERNEL)) 84 return; 85 else if (p) 86 memblock_free(__pa(p), PUD_SIZE); 87 } 88 89 - p = early_alloc(PAGE_SIZE, nid); 90 pud_populate(&init_mm, pud, p); 91 } 92 ··· 105 unsigned long next; 106 107 if (p4d_none(*p4d)) { 108 - void *p = early_alloc(PAGE_SIZE, nid); 109 110 p4d_populate(&init_mm, p4d, p); 111 } ··· 126 unsigned long next; 127 128 if (pgd_none(*pgd)) { 129 - p = early_alloc(PAGE_SIZE, nid); 130 pgd_populate(&init_mm, pgd, p); 131 } 132

··· 21 22 static p4d_t tmp_p4d_table[PTRS_PER_P4D] __initdata __aligned(PAGE_SIZE); 23 24 + static __init void *early_alloc(size_t size, int nid, bool panic) 25 { 26 + if (panic) 27 + return memblock_virt_alloc_try_nid(size, size, 28 + __pa(MAX_DMA_ADDRESS), BOOTMEM_ALLOC_ACCESSIBLE, nid); 29 + else 30 + return memblock_virt_alloc_try_nid_nopanic(size, size, 31 + __pa(MAX_DMA_ADDRESS), BOOTMEM_ALLOC_ACCESSIBLE, nid); 32 } 33 34 static void __init kasan_populate_pmd(pmd_t *pmd, unsigned long addr, ··· 38 if (boot_cpu_has(X86_FEATURE_PSE) && 39 ((end - addr) == PMD_SIZE) && 40 IS_ALIGNED(addr, PMD_SIZE)) { 41 + p = early_alloc(PMD_SIZE, nid, false); 42 if (p && pmd_set_huge(pmd, __pa(p), PAGE_KERNEL)) 43 return; 44 else if (p) 45 memblock_free(__pa(p), PMD_SIZE); 46 } 47 48 + p = early_alloc(PAGE_SIZE, nid, true); 49 pmd_populate_kernel(&init_mm, pmd, p); 50 } 51 ··· 57 if (!pte_none(*pte)) 58 continue; 59 60 + p = early_alloc(PAGE_SIZE, nid, true); 61 entry = pfn_pte(PFN_DOWN(__pa(p)), PAGE_KERNEL); 62 set_pte_at(&init_mm, addr, pte, entry); 63 } while (pte++, addr += PAGE_SIZE, addr != end); ··· 75 if (boot_cpu_has(X86_FEATURE_GBPAGES) && 76 ((end - addr) == PUD_SIZE) && 77 IS_ALIGNED(addr, PUD_SIZE)) { 78 + p = early_alloc(PUD_SIZE, nid, false); 79 if (p && pud_set_huge(pud, __pa(p), PAGE_KERNEL)) 80 return; 81 else if (p) 82 memblock_free(__pa(p), PUD_SIZE); 83 } 84 85 + p = early_alloc(PAGE_SIZE, nid, true); 86 pud_populate(&init_mm, pud, p); 87 } 88 ··· 101 unsigned long next; 102 103 if (p4d_none(*p4d)) { 104 + void *p = early_alloc(PAGE_SIZE, nid, true); 105 106 p4d_populate(&init_mm, p4d, p); 107 } ··· 122 unsigned long next; 123 124 if (pgd_none(*pgd)) { 125 + p = early_alloc(PAGE_SIZE, nid, true); 126 pgd_populate(&init_mm, pgd, p); 127 } 128

+7 -1

include/linux/vermagic.h

··· 31 #else 32 #define MODULE_RANDSTRUCT_PLUGIN 33 #endif 34 35 #define VERMAGIC_STRING \ 36 UTS_RELEASE " " \ 37 MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \ 38 MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_MODVERSIONS \ 39 MODULE_ARCH_VERMAGIC \ 40 - MODULE_RANDSTRUCT_PLUGIN 41

··· 31 #else 32 #define MODULE_RANDSTRUCT_PLUGIN 33 #endif 34 + #ifdef RETPOLINE 35 + #define MODULE_VERMAGIC_RETPOLINE "retpoline " 36 + #else 37 + #define MODULE_VERMAGIC_RETPOLINE "" 38 + #endif 39 40 #define VERMAGIC_STRING \ 41 UTS_RELEASE " " \ 42 MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \ 43 MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_MODVERSIONS \ 44 MODULE_ARCH_VERMAGIC \ 45 + MODULE_RANDSTRUCT_PLUGIN \ 46 + MODULE_VERMAGIC_RETPOLINE 47

+10 -4

scripts/Makefile.build

··· 265 objtool_args += $(call cc-ifversion, -lt, 0405, --no-unreachable) 266 endif 267 268 # 'OBJECT_FILES_NON_STANDARD := y': skip objtool checking for a directory 269 # 'OBJECT_FILES_NON_STANDARD_foo.o := 'y': skip objtool checking for a file 270 # 'OBJECT_FILES_NON_STANDARD_foo.o := 'n': override directory skip for a file 271 cmd_objtool = $(if $(patsubst y%,, \ 272 $(OBJECT_FILES_NON_STANDARD_$(basetarget).o)$(OBJECT_FILES_NON_STANDARD)n), \ 273 - $(__objtool_obj) $(objtool_args) "$(@)";) 274 objtool_obj = $(if $(patsubst y%,, \ 275 $(OBJECT_FILES_NON_STANDARD_$(basetarget).o)$(OBJECT_FILES_NON_STANDARD)n), \ 276 $(__objtool_obj)) ··· 292 define rule_cc_o_c 293 $(call echo-cmd,checksrc) $(cmd_checksrc) \ 294 $(call cmd_and_fixdep,cc_o_c) \ 295 - $(cmd_modversions_c) \ 296 $(cmd_checkdoc) \ 297 $(call echo-cmd,objtool) $(cmd_objtool) \ 298 $(call echo-cmd,record_mcount) $(cmd_record_mcount) 299 endef 300 301 define rule_as_o_S 302 $(call cmd_and_fixdep,as_o_S) \ 303 - $(cmd_modversions_S) \ 304 - $(call echo-cmd,objtool) $(cmd_objtool) 305 endef 306 307 # List module undefined symbols (or empty line if not enabled)

··· 265 objtool_args += $(call cc-ifversion, -lt, 0405, --no-unreachable) 266 endif 267 268 + ifdef CONFIG_MODVERSIONS 269 + objtool_o = $(@D)/.tmp_$(@F) 270 + else 271 + objtool_o = $(@) 272 + endif 273 + 274 # 'OBJECT_FILES_NON_STANDARD := y': skip objtool checking for a directory 275 # 'OBJECT_FILES_NON_STANDARD_foo.o := 'y': skip objtool checking for a file 276 # 'OBJECT_FILES_NON_STANDARD_foo.o := 'n': override directory skip for a file 277 cmd_objtool = $(if $(patsubst y%,, \ 278 $(OBJECT_FILES_NON_STANDARD_$(basetarget).o)$(OBJECT_FILES_NON_STANDARD)n), \ 279 + $(__objtool_obj) $(objtool_args) "$(objtool_o)";) 280 objtool_obj = $(if $(patsubst y%,, \ 281 $(OBJECT_FILES_NON_STANDARD_$(basetarget).o)$(OBJECT_FILES_NON_STANDARD)n), \ 282 $(__objtool_obj)) ··· 286 define rule_cc_o_c 287 $(call echo-cmd,checksrc) $(cmd_checksrc) \ 288 $(call cmd_and_fixdep,cc_o_c) \ 289 $(cmd_checkdoc) \ 290 $(call echo-cmd,objtool) $(cmd_objtool) \ 291 + $(cmd_modversions_c) \ 292 $(call echo-cmd,record_mcount) $(cmd_record_mcount) 293 endef 294 295 define rule_as_o_S 296 $(call cmd_and_fixdep,as_o_S) \ 297 + $(call echo-cmd,objtool) $(cmd_objtool) \ 298 + $(cmd_modversions_S) 299 endef 300 301 # List module undefined symbols (or empty line if not enabled)

+3 -1

tools/objtool/elf.c

··· 26 #include <stdlib.h> 27 #include <string.h> 28 #include <unistd.h> 29 30 #include "elf.h" 31 #include "warn.h" ··· 359 360 elf->fd = open(name, flags); 361 if (elf->fd == -1) { 362 - perror("open"); 363 goto err; 364 } 365

··· 26 #include <stdlib.h> 27 #include <string.h> 28 #include <unistd.h> 29 + #include <errno.h> 30 31 #include "elf.h" 32 #include "warn.h" ··· 358 359 elf->fd = open(name, flags); 360 if (elf->fd == -1) { 361 + fprintf(stderr, "objtool: Can't open '%s': %s\n", 362 + name, strerror(errno)); 363 goto err; 364 } 365