8924560094
Switch from Clang's original forward-edge control-flow integrity implementation to -fsanitize=kcfi, which is better suited for the kernel, as it doesn't require LTO, doesn't use a jump table that requires altering function references, and won't break cross-module function address equality. Signed-off-by: Sami Tolvanen <samitolvanen@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Tested-by: Kees Cook <keescook@chromium.org> Tested-by: Nathan Chancellor <nathan@kernel.org> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Tested-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20220908215504.3686827-6-samitolvanen@google.com
40 lines
1.0 KiB
C
40 lines
1.0 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Clang Control Flow Integrity (CFI) support.
|
|
*
|
|
* Copyright (C) 2022 Google LLC
|
|
*/
|
|
#ifndef _LINUX_CFI_H
|
|
#define _LINUX_CFI_H
|
|
|
|
#include <linux/bug.h>
|
|
#include <linux/module.h>
|
|
|
|
#ifdef CONFIG_CFI_CLANG
|
|
enum bug_trap_type report_cfi_failure(struct pt_regs *regs, unsigned long addr,
|
|
unsigned long *target, u32 type);
|
|
|
|
static inline enum bug_trap_type report_cfi_failure_noaddr(struct pt_regs *regs,
|
|
unsigned long addr)
|
|
{
|
|
return report_cfi_failure(regs, addr, NULL, 0);
|
|
}
|
|
|
|
#ifdef CONFIG_ARCH_USES_CFI_TRAPS
|
|
bool is_cfi_trap(unsigned long addr);
|
|
#endif
|
|
#endif /* CONFIG_CFI_CLANG */
|
|
|
|
#ifdef CONFIG_MODULES
|
|
#ifdef CONFIG_ARCH_USES_CFI_TRAPS
|
|
void module_cfi_finalize(const Elf_Ehdr *hdr, const Elf_Shdr *sechdrs,
|
|
struct module *mod);
|
|
#else
|
|
static inline void module_cfi_finalize(const Elf_Ehdr *hdr,
|
|
const Elf_Shdr *sechdrs,
|
|
struct module *mod) {}
|
|
#endif /* CONFIG_ARCH_USES_CFI_TRAPS */
|
|
#endif /* CONFIG_MODULES */
|
|
|
|
#endif /* _LINUX_CFI_H */
|