From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pj1-f42.google.com (mail-pj1-f42.google.com [209.85.216.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 482B12C87 for ; Wed, 13 Oct 2021 19:07:53 +0000 (UTC) Received: by mail-pj1-f42.google.com with SMTP id ls18-20020a17090b351200b001a00250584aso5145601pjb.4 for ; Wed, 13 Oct 2021 12:07:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=aFfFeFW/0U/lTkuA5hA19RCe0PU9m7+GEoH8ufhonLE=; b=lXTG4x+YLiIoWc4IXi2OJS/ALL9MYhs6CDCG5pMw0BUS7Jc80EUj80BVazu8NRJboH LUf8eT8d9WO52nesOw+iWiEUlQCceoDZQpeC93cZLxhKd5Hi2MqUyvshrxwDDzTK16yX GK2sYrjjuWBvpYgQV5LtJVStwCzUIPMpFfwTs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=aFfFeFW/0U/lTkuA5hA19RCe0PU9m7+GEoH8ufhonLE=; b=Krtyispxcvj6CPytQBNpNrSmVkmiin8UIcIJKZ3wORVmPqBCyXtQNwOA50isRKqRpU 5CFSlz0wggLnCvDyEShSaKo1370ZUuUkF2H8TO9+j20jcvf5O4FG9ToGRZZEbqvXl7Om PtDCN+XE4Ad7CXzBcWe4BE5ryoyNfZ8kh5HYfFtc8GDahP3kLXVVp3Gtxy85Rfg4sylH QdNF2VpahhoCV39vhDREn4QvtP4cSuW3xOnNgbscrOMSnFcCUOfc6opMLf1H+ci9dMeT esscoZZjx/LeBOkM2wWX0tOoUczHHGpRvbZJojs6kJMR7UXZfLmzOYEthPEdaRUzbQax IsPw== X-Gm-Message-State: AOAM532mgeOL8CRIdAqwxtMPSLuPMMbLhCFQ13LST/mNVIVsEnAblsmy 0d5NoVtdZ69LyqqOHr55K3HwvQ== X-Google-Smtp-Source: ABdhPJwNGYAgvTtCZCfqoTzrGucnX+Au6SP7AwK9Lksq8TmXWNj5pXjk02YfGRDJ6vy/A2hT+sBLtA== X-Received: by 2002:a17:90a:10:: with SMTP id 16mr1218998pja.50.1634152072795; Wed, 13 Oct 2021 12:07:52 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id y2sm262614pjl.6.2021.10.13.12.07.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 Oct 2021 12:07:52 -0700 (PDT) Date: Wed, 13 Oct 2021 12:07:51 -0700 From: Kees Cook To: x86@kernel.org, Josh Poimboeuf , Peter Zijlstra Cc: Sami Tolvanen , Nathan Chancellor , Nick Desaulniers , Sedat Dilek , Steven Rostedt , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: Re: [PATCH v5 00/15] x86: Add support for Clang CFI Message-ID: <202110131206.9D4B6A7F0@keescook> References: <20211013181658.1020262-1-samitolvanen@google.com> Precedence: bulk X-Mailing-List: llvm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20211013181658.1020262-1-samitolvanen@google.com> On Wed, Oct 13, 2021 at 11:16:43AM -0700, Sami Tolvanen wrote: > This series adds support for Clang's Control-Flow Integrity (CFI) > checking to x86_64. With CFI, the compiler injects a runtime > check before each indirect function call to ensure the target is > a valid function with the correct static type. This restricts > possible call targets and makes it more difficult for an attacker > to exploit bugs that allow the modification of stored function > pointers. For more details, see: > > https://clang.llvm.org/docs/ControlFlowIntegrity.html > > Note that v5 is based on tip/master. The first two patches contain > objtool support for CFI, the remaining patches change function > declarations to use opaque types, fix type mismatch issues that > confuse the compiler, and disable CFI where it can't be used. x86 folks: I'd prefer this series went via -tip, but I can carry it for -next as well. What would you like to do here? I think it's ready. Thanks! -Kees -- Kees Cook