[1/2] x86/events/amd/iommu: Fix sysfs type mismatch
diff mbox series

Message ID 20210415001112.3024673-1-nathan@kernel.org
State Accepted
Commit de5bc7b425d4c27ae5faa00ea7eb6b9780b9a355
Headers show
Series
  • [1/2] x86/events/amd/iommu: Fix sysfs type mismatch
Related show

Commit Message

Nathan Chancellor April 15, 2021, 12:11 a.m. UTC
dev_attr_show() calls _iommu_event_show() via an indirect call but
_iommu_event_show()'s type does not currently match the type of the
show() member in 'struct device_attribute', resulting in a Control Flow
Integrity violation.

$ cat /sys/devices/amd_iommu_1/events/mem_dte_hit
csource=0x0a

$ dmesg | grep "CFI failure"
[ 3526.735140] CFI failure (target: _iommu_event_show...):

Change _iommu_event_show() and 'struct amd_iommu_event_desc' to
'struct device_attribute' so that there is no more CFI violation.

Link: https://github.com/ClangBuiltLinux/linux/issues/1350
Fixes: 7be6296fdd75 ("perf/x86/amd: AMD IOMMU Performance Counter PERF uncore PMU implementation")
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
---
 arch/x86/events/amd/iommu.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)


base-commit: d434405aaab7d0ebc516b68a8fc4100922d7f5ef

Comments

Christoph Hellwig April 15, 2021, 7:53 a.m. UTC | #1
On Wed, Apr 14, 2021 at 05:11:11PM -0700, Nathan Chancellor wrote:
> dev_attr_show() calls _iommu_event_show() via an indirect call but
> _iommu_event_show()'s type does not currently match the type of the
> show() member in 'struct device_attribute', resulting in a Control Flow
> Integrity violation.

While the fix looks fine I think we need to solve this kind of problem
by better type checking.  The fact that we can use the wong type here
without a compiler warning is the real issue.
Nathan Chancellor April 15, 2021, 2:47 p.m. UTC | #2
On Thu, Apr 15, 2021 at 08:53:35AM +0100, Christoph Hellwig wrote:
> On Wed, Apr 14, 2021 at 05:11:11PM -0700, Nathan Chancellor wrote:
> > dev_attr_show() calls _iommu_event_show() via an indirect call but
> > _iommu_event_show()'s type does not currently match the type of the
> > show() member in 'struct device_attribute', resulting in a Control Flow
> > Integrity violation.
> 
> While the fix looks fine I think we need to solve this kind of problem
> by better type checking.  The fact that we can use the wong type here
> without a compiler warning is the real issue.

I agree. Unfortunately, it seems that is going to be a much longer tail
project because of how pervasive this is (using container_of() +
attributes to get callbacks).

https://lore.kernel.org/r/202006112217.2E6CE093@keescook/
https://lore.kernel.org/r/202104021823.64FA6119@keescook/

Cheers,
Nathan

Patch
diff mbox series

diff --git a/arch/x86/events/amd/iommu.c b/arch/x86/events/amd/iommu.c
index be50ef8572cc..6a98a7651621 100644
--- a/arch/x86/events/amd/iommu.c
+++ b/arch/x86/events/amd/iommu.c
@@ -81,12 +81,12 @@  static struct attribute_group amd_iommu_events_group = {
 };
 
 struct amd_iommu_event_desc {
-	struct kobj_attribute attr;
+	struct device_attribute attr;
 	const char *event;
 };
 
-static ssize_t _iommu_event_show(struct kobject *kobj,
-				struct kobj_attribute *attr, char *buf)
+static ssize_t _iommu_event_show(struct device *dev,
+				struct device_attribute *attr, char *buf)
 {
 	struct amd_iommu_event_desc *event =
 		container_of(attr, struct amd_iommu_event_desc, attr);