From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 4B034C433F5 for ; Sat, 14 May 2022 21:50:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=DIw9ZT0XpPY3kbZKAOoefbxXgaf0hJjRWjRUtwCQHV0=; b=H40T4ia3++MLJR YnNXiQtPZPMVFAKAfbg+W+dy6e45ka/6ZJysqnpd83rX3t1onrCgXDw/QFsNWAGw9h9cZldliMf7l JWq9XBnn8HZ2hzvMz7pIDP8nT9Vyx+kao8R3RCzV5ljUHn2fMbTLom/fIzx3H9f+0OSagTB1jESZe o2jwf9NNKfenRa/ETbmVKFB4M7U+flKpQk2qg3dIQj2oC0I5ya67TFwLqv6Owr4/A3gocS8qB2+gL VXWY7Wo3XXsSQLLwQdwgtrQXE7LtUAXf3SuoWUb12toIp+xIz8r41WSzuCJDGbArvn0mySeTC/c+W WSeIJ65iPTVUmKMrV0kA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1npzdu-002N07-Ms; Sat, 14 May 2022 21:49:42 +0000 Received: from mail-pg1-x531.google.com ([2607:f8b0:4864:20::531]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1npzdq-002Myb-V0 for linux-arm-kernel@lists.infradead.org; Sat, 14 May 2022 21:49:40 +0000 Received: by mail-pg1-x531.google.com with SMTP id r71so10340436pgr.0 for ; Sat, 14 May 2022 14:49:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=s6gyFIzNx3uPs0E9QTdHeabUUHOLCiS5BRmtEkTrJ0M=; b=c7bt5Yyim6jXKVU+nad9I6JP2/SU4szhm6beG8K9aijDODZgSy0Agoa/TRIPhM8F1M rmYwZd8/LYOr0N85MfiL1hP82YXqGevzNXXADwKiS+C2Z1EidmmFYt0rEWxDNpDTeDfz isXaa8uHnFoI1HAe6xmc8AxSjWofOHnUnKFTc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=s6gyFIzNx3uPs0E9QTdHeabUUHOLCiS5BRmtEkTrJ0M=; b=Ats9N0qZTlqzKbZWyFj+YPeyjvn6D8c/nYTKHWDV5LenyZ7n6P8Ac4fr+BbYRzjqh3 FkEZWbi2yDH2QcwNkQcbZo0UWBKsn3PAIbfY0i3+g84iCVX4zxyEPxPKaTHLFY2QgIMx cWDfYhVVZTQ8bATMQ7Su2Wo/+zlMnTpSjU035EqPMIdd7jmhfxctkCD82GkzsYfNy4uX FPA5W9tbC0dfgj/JjLgj+j4qFEvLSrhqBGvsScK0835/mzPTV3BRkn3gehiN4itvo2ex eJgcESYnF2xyWw5yWKSVtdPA30TrQqXuZs4EJBBlCgC4DX1b4Wg2hkqb/z75l90dmGJ9 r37Q== X-Gm-Message-State: AOAM531xJFKM0MuOIUymOJK3OJsftc2zsyRPSYHZEErQOW9EybB9LnOU yDZlhsl7d1bgXauVW63X1kvm+g== X-Google-Smtp-Source: ABdhPJwk8CcBX6QnXuAE6iXMXjeE8Vq7UImMhCQwh4Vg8IjNOXTMawTzaFXfXJRgS9HCVdGKlVDekA== X-Received: by 2002:a65:4ccd:0:b0:3c2:428d:d13b with SMTP id n13-20020a654ccd000000b003c2428dd13bmr9330640pgt.425.1652564977729; Sat, 14 May 2022 14:49:37 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id f1-20020a170902ff0100b0015e8d4eb26asm4114685plj.180.2022.05.14.14.49.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 14 May 2022 14:49:37 -0700 (PDT) Date: Sat, 14 May 2022 14:49:36 -0700 From: Kees Cook To: Sami Tolvanen Cc: linux-kernel@vger.kernel.org, Josh Poimboeuf , Peter Zijlstra , x86@kernel.org, Catalin Marinas , Will Deacon , Mark Rutland , Nathan Chancellor , Nick Desaulniers , Joao Moreira , Sedat Dilek , Steven Rostedt , linux-hardening@vger.kernel.org, linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev Subject: Re: [RFC PATCH v2 07/21] cfi: Add type helper macros Message-ID: <202205141447.E3B5A29@keescook> References: <20220513202159.1550547-1-samitolvanen@google.com> <20220513202159.1550547-8-samitolvanen@google.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20220513202159.1550547-8-samitolvanen@google.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220514_144939_024482_71B31787 X-CRM114-Status: GOOD ( 13.53 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Fri, May 13, 2022 at 01:21:45PM -0700, Sami Tolvanen wrote: > With CONFIG_CFI_CLANG, assembly functions called indirectly > from C code must be annotated with type identifiers to pass CFI > checking. The compiler emits a __kcfi_typeid_ symbol for > each address-taken function declaration in C, which contains the > expected type identifier. Add typed versions of SYM_FUNC_START and > SYM_FUNC_START_ALIAS, which emit the type identifier before the > function. > > Signed-off-by: Sami Tolvanen And the reason to not make this change universally (i.e. directly in SYM_FUNC_START) is to minimize how many of these symbol annotations get emitted? (And to more directly indicate which asm is called indirectly?) What happens if an asm function is called indirectly and it doesn't have this annotation? (Is this case detectable at compile-time?) Regardless: Reviewed-by: Kees Cook -- Kees Cook _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel