From: Sami Tolvanen <samitolvanen@google.com>
To: Haibo Li <haibo.li@mediatek.com>
Cc: xiaoming.yu@mediatek.com, "Kees Cook" <keescook@chromium.org>,
"Nathan Chancellor" <nathan@kernel.org>,
"Nick Desaulniers" <ndesaulniers@google.com>,
"Matthias Brugger" <matthias.bgg@gmail.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Masami Hiramatsu" <mhiramat@kernel.org>,
"Christophe Leroy" <christophe.leroy@csgroup.eu>,
"André Almeida" <andrealmeid@igalia.com>,
"Luis Chamberlain" <mcgrof@kernel.org>,
"Juergen Gross" <jgross@suse.com>,
"Tiezhu Yang" <yangtiezhu@loongson.cn>,
"Aaron Tomlin" <atomlin@redhat.com>,
"Dmitry Torokhov" <dmitry.torokhov@gmail.com>,
LKML <linux-kernel@vger.kernel.org>,
llvm@lists.linux.dev,
linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
"moderated list:ARM/Mediatek SoC..."
<linux-mediatek@lists.infradead.org>,
"Lecopzer Chen" <lecopzer.chen@mediatek.com>
Subject: Re: [PATCH 1/2] ANDROID: cfi: enable sanitize for cfi.c
Date: Thu, 30 Jun 2022 09:19:17 -0700 [thread overview]
Message-ID: <CABCJKucgdTqDFyTumSCBHiyRVWgvJEhR2Fn=MxyMpTjWtvCV=Q@mail.gmail.com> (raw)
In-Reply-To: <20220630094646.91837-2-haibo.li@mediatek.com>
On Thu, Jun 30, 2022 at 2:47 AM Haibo Li <haibo.li@mediatek.com> wrote:
>
> currenly,cfi.c is excluded from cfi sanitize because of cfi handler.
> The side effect is that we can not transfer function pointer to
> other files which enable cfi sanitize.
>
> Enable cfi sanitize for cfi.c and bypass cfi check for __cfi_slowpath_diag
>
> Signed-off-by: Haibo Li <haibo.li@mediatek.com>
> Signed-off-by: Lecopzer Chen <lecopzer.chen@mediatek.com>
> ---
> kernel/Makefile | 3 ---
> kernel/cfi.c | 8 +++++++-
> 2 files changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/kernel/Makefile b/kernel/Makefile
> index a7e1f49ab2b3..a997bef1a200 100644
> --- a/kernel/Makefile
> +++ b/kernel/Makefile
> @@ -40,9 +40,6 @@ KCSAN_SANITIZE_kcov.o := n
> UBSAN_SANITIZE_kcov.o := n
> CFLAGS_kcov.o := $(call cc-option, -fno-conserve-stack) -fno-stack-protector
>
> -# Don't instrument error handlers
> -CFLAGS_REMOVE_cfi.o := $(CC_FLAGS_CFI)
> -
> obj-y += sched/
> obj-y += locking/
> obj-y += power/
> diff --git a/kernel/cfi.c b/kernel/cfi.c
> index 08102d19ec15..456771c8e454 100644
> --- a/kernel/cfi.c
> +++ b/kernel/cfi.c
> @@ -311,7 +311,7 @@ static inline cfi_check_fn find_check_fn(unsigned long ptr)
> return fn;
> }
>
> -void __cfi_slowpath_diag(uint64_t id, void *ptr, void *diag)
> +static inline void __nocfi _run_cfi_check(u64 id, void *ptr, void *diag)
> {
> cfi_check_fn fn = find_check_fn((unsigned long)ptr);
>
> @@ -320,6 +320,12 @@ void __cfi_slowpath_diag(uint64_t id, void *ptr, void *diag)
> else /* Don't allow unchecked modules */
> handle_cfi_failure(ptr);
> }
> +
> +void __cfi_slowpath_diag(u64 id, void *ptr, void *diag)
> +{
> + /*run cfi check without cfi sanitize to avoid calling cfi handler recursively*/
> + _run_cfi_check(id, ptr, diag);
> +}
> EXPORT_SYMBOL(__cfi_slowpath_diag);
You can just add __nocfi to __cfi_slowpath_diag, right? There's no
need for the separate function.
Sami
WARNING: multiple messages have this Message-ID (diff)
From: Sami Tolvanen <samitolvanen@google.com>
To: Haibo Li <haibo.li@mediatek.com>
Cc: xiaoming.yu@mediatek.com, "Kees Cook" <keescook@chromium.org>,
"Nathan Chancellor" <nathan@kernel.org>,
"Nick Desaulniers" <ndesaulniers@google.com>,
"Matthias Brugger" <matthias.bgg@gmail.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Masami Hiramatsu" <mhiramat@kernel.org>,
"Christophe Leroy" <christophe.leroy@csgroup.eu>,
"André Almeida" <andrealmeid@igalia.com>,
"Luis Chamberlain" <mcgrof@kernel.org>,
"Juergen Gross" <jgross@suse.com>,
"Tiezhu Yang" <yangtiezhu@loongson.cn>,
"Aaron Tomlin" <atomlin@redhat.com>,
"Dmitry Torokhov" <dmitry.torokhov@gmail.com>,
LKML <linux-kernel@vger.kernel.org>,
llvm@lists.linux.dev,
linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
"moderated list:ARM/Mediatek SoC..."
<linux-mediatek@lists.infradead.org>,
"Lecopzer Chen" <lecopzer.chen@mediatek.com>
Subject: Re: [PATCH 1/2] ANDROID: cfi: enable sanitize for cfi.c
Date: Thu, 30 Jun 2022 09:19:17 -0700 [thread overview]
Message-ID: <CABCJKucgdTqDFyTumSCBHiyRVWgvJEhR2Fn=MxyMpTjWtvCV=Q@mail.gmail.com> (raw)
In-Reply-To: <20220630094646.91837-2-haibo.li@mediatek.com>
On Thu, Jun 30, 2022 at 2:47 AM Haibo Li <haibo.li@mediatek.com> wrote:
>
> currenly,cfi.c is excluded from cfi sanitize because of cfi handler.
> The side effect is that we can not transfer function pointer to
> other files which enable cfi sanitize.
>
> Enable cfi sanitize for cfi.c and bypass cfi check for __cfi_slowpath_diag
>
> Signed-off-by: Haibo Li <haibo.li@mediatek.com>
> Signed-off-by: Lecopzer Chen <lecopzer.chen@mediatek.com>
> ---
> kernel/Makefile | 3 ---
> kernel/cfi.c | 8 +++++++-
> 2 files changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/kernel/Makefile b/kernel/Makefile
> index a7e1f49ab2b3..a997bef1a200 100644
> --- a/kernel/Makefile
> +++ b/kernel/Makefile
> @@ -40,9 +40,6 @@ KCSAN_SANITIZE_kcov.o := n
> UBSAN_SANITIZE_kcov.o := n
> CFLAGS_kcov.o := $(call cc-option, -fno-conserve-stack) -fno-stack-protector
>
> -# Don't instrument error handlers
> -CFLAGS_REMOVE_cfi.o := $(CC_FLAGS_CFI)
> -
> obj-y += sched/
> obj-y += locking/
> obj-y += power/
> diff --git a/kernel/cfi.c b/kernel/cfi.c
> index 08102d19ec15..456771c8e454 100644
> --- a/kernel/cfi.c
> +++ b/kernel/cfi.c
> @@ -311,7 +311,7 @@ static inline cfi_check_fn find_check_fn(unsigned long ptr)
> return fn;
> }
>
> -void __cfi_slowpath_diag(uint64_t id, void *ptr, void *diag)
> +static inline void __nocfi _run_cfi_check(u64 id, void *ptr, void *diag)
> {
> cfi_check_fn fn = find_check_fn((unsigned long)ptr);
>
> @@ -320,6 +320,12 @@ void __cfi_slowpath_diag(uint64_t id, void *ptr, void *diag)
> else /* Don't allow unchecked modules */
> handle_cfi_failure(ptr);
> }
> +
> +void __cfi_slowpath_diag(u64 id, void *ptr, void *diag)
> +{
> + /*run cfi check without cfi sanitize to avoid calling cfi handler recursively*/
> + _run_cfi_check(id, ptr, diag);
> +}
> EXPORT_SYMBOL(__cfi_slowpath_diag);
You can just add __nocfi to __cfi_slowpath_diag, right? There's no
need for the separate function.
Sami
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2022-06-30 16:19 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-30 9:46 [PATCH 0/2] ANDROID: cfi:free old cfi shadow asynchronously Haibo Li
2022-06-30 9:46 ` Haibo Li
2022-06-30 9:46 ` [PATCH 1/2] ANDROID: cfi: enable sanitize for cfi.c Haibo Li
2022-06-30 9:46 ` Haibo Li
2022-06-30 16:19 ` Sami Tolvanen [this message]
2022-06-30 16:19 ` Sami Tolvanen
2022-07-01 2:10 ` Haibo Li
2022-07-01 2:10 ` Haibo Li
2022-07-01 2:10 ` Haibo Li
2022-06-30 9:46 ` [PATCH 2/2] ANDROID: cfi: free old cfi shadow asynchronously Haibo Li
2022-06-30 9:46 ` Haibo Li
2022-06-30 16:16 ` Sami Tolvanen
2022-06-30 16:16 ` Sami Tolvanen
2022-07-01 2:27 ` Haibo Li
2022-07-01 2:27 ` Haibo Li
2022-07-01 2:42 ` Haibo Li
2022-07-01 2:42 ` Haibo Li
2022-07-01 2:42 ` Haibo Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CABCJKucgdTqDFyTumSCBHiyRVWgvJEhR2Fn=MxyMpTjWtvCV=Q@mail.gmail.com' \
--to=samitolvanen@google.com \
--cc=andrealmeid@igalia.com \
--cc=atomlin@redhat.com \
--cc=christophe.leroy@csgroup.eu \
--cc=dmitry.torokhov@gmail.com \
--cc=haibo.li@mediatek.com \
--cc=jgross@suse.com \
--cc=keescook@chromium.org \
--cc=lecopzer.chen@mediatek.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=llvm@lists.linux.dev \
--cc=matthias.bgg@gmail.com \
--cc=mcgrof@kernel.org \
--cc=mhiramat@kernel.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=peterz@infradead.org \
--cc=xiaoming.yu@mediatek.com \
--cc=yangtiezhu@loongson.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.