From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 31AE72F25 for ; Sat, 14 May 2022 21:49:38 +0000 (UTC) Received: by mail-pg1-f174.google.com with SMTP id h24so5367505pgh.12 for ; Sat, 14 May 2022 14:49:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=s6gyFIzNx3uPs0E9QTdHeabUUHOLCiS5BRmtEkTrJ0M=; b=c7bt5Yyim6jXKVU+nad9I6JP2/SU4szhm6beG8K9aijDODZgSy0Agoa/TRIPhM8F1M rmYwZd8/LYOr0N85MfiL1hP82YXqGevzNXXADwKiS+C2Z1EidmmFYt0rEWxDNpDTeDfz isXaa8uHnFoI1HAe6xmc8AxSjWofOHnUnKFTc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=s6gyFIzNx3uPs0E9QTdHeabUUHOLCiS5BRmtEkTrJ0M=; b=zuaKyOFPMsoVch7Ax/7qmL5K39iQW8MIYxhcer0l+8ZDpipSJg2iZX8B5dg7SlGj5l oiJZApFVpTW1/F9Mlc56OQAXbuxUWo7mffk/kiJyh+DFGjX3pIZ6V1fHUXMJPGJJtDFD 0fKhbVwQU4xp6mHi0PVuAJXmYsorJbdh4COfT5oPqf1TXkmSkvQVAOrXTIzdAL7gjRfr W8qzsat9yk0sFCIe5XrMiyI4dOvBQiHucQp0v/loRAqKT5ltkyvoVBI1LvGOmH7Ijz3D lVTbDsRpEvpSTsZL82LEXzgQlOTPXDUWzqOwLhNdFggPtuhVuRt7VkH3+MoQraYRqCRc TVzw== X-Gm-Message-State: AOAM530yTHb141/VScgE7j7mBT0j6K4V7eebyzy3LMzqSkzg7P+SAubY +SoPd5w7e4dy4iexU6KSxRcMJQ== X-Google-Smtp-Source: ABdhPJwk8CcBX6QnXuAE6iXMXjeE8Vq7UImMhCQwh4Vg8IjNOXTMawTzaFXfXJRgS9HCVdGKlVDekA== X-Received: by 2002:a65:4ccd:0:b0:3c2:428d:d13b with SMTP id n13-20020a654ccd000000b003c2428dd13bmr9330640pgt.425.1652564977729; Sat, 14 May 2022 14:49:37 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id f1-20020a170902ff0100b0015e8d4eb26asm4114685plj.180.2022.05.14.14.49.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 14 May 2022 14:49:37 -0700 (PDT) Date: Sat, 14 May 2022 14:49:36 -0700 From: Kees Cook To: Sami Tolvanen Cc: linux-kernel@vger.kernel.org, Josh Poimboeuf , Peter Zijlstra , x86@kernel.org, Catalin Marinas , Will Deacon , Mark Rutland , Nathan Chancellor , Nick Desaulniers , Joao Moreira , Sedat Dilek , Steven Rostedt , linux-hardening@vger.kernel.org, linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev Subject: Re: [RFC PATCH v2 07/21] cfi: Add type helper macros Message-ID: <202205141447.E3B5A29@keescook> References: <20220513202159.1550547-1-samitolvanen@google.com> <20220513202159.1550547-8-samitolvanen@google.com> Precedence: bulk X-Mailing-List: llvm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220513202159.1550547-8-samitolvanen@google.com> On Fri, May 13, 2022 at 01:21:45PM -0700, Sami Tolvanen wrote: > With CONFIG_CFI_CLANG, assembly functions called indirectly > from C code must be annotated with type identifiers to pass CFI > checking. The compiler emits a __kcfi_typeid_ symbol for > each address-taken function declaration in C, which contains the > expected type identifier. Add typed versions of SYM_FUNC_START and > SYM_FUNC_START_ALIAS, which emit the type identifier before the > function. > > Signed-off-by: Sami Tolvanen And the reason to not make this change universally (i.e. directly in SYM_FUNC_START) is to minimize how many of these symbol annotations get emitted? (And to more directly indicate which asm is called indirectly?) What happens if an asm function is called indirectly and it doesn't have this annotation? (Is this case detectable at compile-time?) Regardless: Reviewed-by: Kees Cook -- Kees Cook From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 4B034C433F5 for ; Sat, 14 May 2022 21:50:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=DIw9ZT0XpPY3kbZKAOoefbxXgaf0hJjRWjRUtwCQHV0=; b=H40T4ia3++MLJR YnNXiQtPZPMVFAKAfbg+W+dy6e45ka/6ZJysqnpd83rX3t1onrCgXDw/QFsNWAGw9h9cZldliMf7l JWq9XBnn8HZ2hzvMz7pIDP8nT9Vyx+kao8R3RCzV5ljUHn2fMbTLom/fIzx3H9f+0OSagTB1jESZe o2jwf9NNKfenRa/ETbmVKFB4M7U+flKpQk2qg3dIQj2oC0I5ya67TFwLqv6Owr4/A3gocS8qB2+gL VXWY7Wo3XXsSQLLwQdwgtrQXE7LtUAXf3SuoWUb12toIp+xIz8r41WSzuCJDGbArvn0mySeTC/c+W WSeIJ65iPTVUmKMrV0kA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1npzdu-002N07-Ms; Sat, 14 May 2022 21:49:42 +0000 Received: from mail-pg1-x531.google.com ([2607:f8b0:4864:20::531]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1npzdq-002Myb-V0 for linux-arm-kernel@lists.infradead.org; Sat, 14 May 2022 21:49:40 +0000 Received: by mail-pg1-x531.google.com with SMTP id r71so10340436pgr.0 for ; Sat, 14 May 2022 14:49:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=s6gyFIzNx3uPs0E9QTdHeabUUHOLCiS5BRmtEkTrJ0M=; b=c7bt5Yyim6jXKVU+nad9I6JP2/SU4szhm6beG8K9aijDODZgSy0Agoa/TRIPhM8F1M rmYwZd8/LYOr0N85MfiL1hP82YXqGevzNXXADwKiS+C2Z1EidmmFYt0rEWxDNpDTeDfz isXaa8uHnFoI1HAe6xmc8AxSjWofOHnUnKFTc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=s6gyFIzNx3uPs0E9QTdHeabUUHOLCiS5BRmtEkTrJ0M=; b=Ats9N0qZTlqzKbZWyFj+YPeyjvn6D8c/nYTKHWDV5LenyZ7n6P8Ac4fr+BbYRzjqh3 FkEZWbi2yDH2QcwNkQcbZo0UWBKsn3PAIbfY0i3+g84iCVX4zxyEPxPKaTHLFY2QgIMx cWDfYhVVZTQ8bATMQ7Su2Wo/+zlMnTpSjU035EqPMIdd7jmhfxctkCD82GkzsYfNy4uX FPA5W9tbC0dfgj/JjLgj+j4qFEvLSrhqBGvsScK0835/mzPTV3BRkn3gehiN4itvo2ex eJgcESYnF2xyWw5yWKSVtdPA30TrQqXuZs4EJBBlCgC4DX1b4Wg2hkqb/z75l90dmGJ9 r37Q== X-Gm-Message-State: AOAM531xJFKM0MuOIUymOJK3OJsftc2zsyRPSYHZEErQOW9EybB9LnOU yDZlhsl7d1bgXauVW63X1kvm+g== X-Google-Smtp-Source: ABdhPJwk8CcBX6QnXuAE6iXMXjeE8Vq7UImMhCQwh4Vg8IjNOXTMawTzaFXfXJRgS9HCVdGKlVDekA== X-Received: by 2002:a65:4ccd:0:b0:3c2:428d:d13b with SMTP id n13-20020a654ccd000000b003c2428dd13bmr9330640pgt.425.1652564977729; Sat, 14 May 2022 14:49:37 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id f1-20020a170902ff0100b0015e8d4eb26asm4114685plj.180.2022.05.14.14.49.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 14 May 2022 14:49:37 -0700 (PDT) Date: Sat, 14 May 2022 14:49:36 -0700 From: Kees Cook To: Sami Tolvanen Cc: linux-kernel@vger.kernel.org, Josh Poimboeuf , Peter Zijlstra , x86@kernel.org, Catalin Marinas , Will Deacon , Mark Rutland , Nathan Chancellor , Nick Desaulniers , Joao Moreira , Sedat Dilek , Steven Rostedt , linux-hardening@vger.kernel.org, linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev Subject: Re: [RFC PATCH v2 07/21] cfi: Add type helper macros Message-ID: <202205141447.E3B5A29@keescook> References: <20220513202159.1550547-1-samitolvanen@google.com> <20220513202159.1550547-8-samitolvanen@google.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20220513202159.1550547-8-samitolvanen@google.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220514_144939_024482_71B31787 X-CRM114-Status: GOOD ( 13.53 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Fri, May 13, 2022 at 01:21:45PM -0700, Sami Tolvanen wrote: > With CONFIG_CFI_CLANG, assembly functions called indirectly > from C code must be annotated with type identifiers to pass CFI > checking. The compiler emits a __kcfi_typeid_ symbol for > each address-taken function declaration in C, which contains the > expected type identifier. Add typed versions of SYM_FUNC_START and > SYM_FUNC_START_ALIAS, which emit the type identifier before the > function. > > Signed-off-by: Sami Tolvanen And the reason to not make this change universally (i.e. directly in SYM_FUNC_START) is to minimize how many of these symbol annotations get emitted? (And to more directly indicate which asm is called indirectly?) What happens if an asm function is called indirectly and it doesn't have this annotation? (Is this case detectable at compile-time?) Regardless: Reviewed-by: Kees Cook -- Kees Cook _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel