diff options
| author |   Sami Tolvanen <samitolvanen@google.com> | 2021-04-08 11:28:27 -0700 |
|---|---|---|
| committer |   Kees Cook <keescook@chromium.org> | 2021-04-08 16:04:20 -0700 |
| commit | ff301ceb5299551c3650d0e07ba879b766da4cc0 (patch) | |
| tree | 21ad193e648129c2c9194bda75acc035364983c4 /include/linux/pci.h | |
| parent | add support for Clang CFI (diff) | |
| download | linux-dev-ff301ceb5299551c3650d0e07ba879b766da4cc0.tar.xz linux-dev-ff301ceb5299551c3650d0e07ba879b766da4cc0.zip | |
cfi: add __cficanonical
With CONFIG_CFI_CLANG, the compiler replaces a function address taken
in C code with the address of a local jump table entry, which passes
runtime indirect call checks. However, the compiler won't replace
addresses taken in assembly code, which will result in a CFI failure
if we later jump to such an address in instrumented C code. The code
generated for the non-canonical jump table looks this:
<noncanonical.cfi_jt>: /* In C, &noncanonical points here */
jmp noncanonical
...
<noncanonical>: /* function body */
...
This change adds the __cficanonical attribute, which tells the
compiler to use a canonical jump table for the function instead. This
means the compiler will rename the actual function to <function>.cfi
and points the original symbol to the jump table entry instead:
<canonical>: /* jump table entry */
jmp canonical.cfi
...
<canonical.cfi>: /* function body */
...
As a result, the address taken in assembly, or other non-instrumented
code always points to the jump table and therefore, can be used for
indirect calls in instrumented code without tripping CFI checks.
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Acked-by: Bjorn Helgaas <bhelgaas@google.com> # pci.h
Tested-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20210408182843.1754385-3-samitolvanen@google.com
Diffstat (limited to 'include/linux/pci.h')
| -rw-r--r-- | include/linux/pci.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/include/linux/pci.h b/include/linux/pci.h index 86c799c97b77..39684b72db91 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -1944,8 +1944,8 @@ enum pci_fixup_pass { #ifdef CONFIG_LTO_CLANG #define __DECLARE_PCI_FIXUP_SECTION(sec, name, vendor, device, class, \ class_shift, hook, stub) \ - void stub(struct pci_dev *dev); \ - void stub(struct pci_dev *dev) \ + void __cficanonical stub(struct pci_dev *dev); \ + void __cficanonical stub(struct pci_dev *dev) \ { \ hook(dev); \ } \ |