From: Peter Zijlstra <peterz@infradead.org>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, Mark Rutland <mark.rutland@arm.com>,
Quentin Perret <qperret@google.com>,
Catalin Marinas <catalin.marinas@arm.com>,
James Morse <james.morse@arm.com>, Will Deacon <will@kernel.org>,
Frederic Weisbecker <frederic@kernel.org>,
Kees Cook <keescook@chromium.org>,
Sami Tolvanen <samitolvanen@google.com>,
Andy Lutomirski <luto@kernel.org>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Steven Rostedt <rostedt@goodmis.org>
Subject: Re: [PATCH v6 1/2] static_call: use non-function types to refer to the trampolines
Date: Mon, 8 Nov 2021 11:08:04 +0100 [thread overview]
Message-ID: <YYj3BMbuP/mkPAIn@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <20211105145917.2828911-2-ardb@kernel.org>
On Fri, Nov 05, 2021 at 03:59:16PM +0100, Ard Biesheuvel wrote:
> In order to prevent CFI enabled code from grabbing a jump table entry
> that jumps to the trampoline, rather than the trampoline itself, use an
> incomplete non-function type for the trampoline, and cast it to the
> right type only when invoking it.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Very grudingly:
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
> ---
> include/linux/static_call.h | 4 ++--
> include/linux/static_call_types.h | 11 ++++++++---
> 2 files changed, 10 insertions(+), 5 deletions(-)
>
> diff --git a/include/linux/static_call.h b/include/linux/static_call.h
> index 3e56a9751c06..616607393273 100644
> --- a/include/linux/static_call.h
> +++ b/include/linux/static_call.h
> @@ -151,7 +151,7 @@ extern void arch_static_call_transform(void *site, void *tramp, void *func, bool
>
> #define static_call_update(name, func) \
> ({ \
> - typeof(&STATIC_CALL_TRAMP(name)) __F = (func); \
> + typeof(&STATIC_CALL_TYPE(name)) __F = (func); \
> __static_call_update(&STATIC_CALL_KEY(name), \
> STATIC_CALL_TRAMP_ADDR(name), __F); \
> })
> @@ -306,7 +306,7 @@ static inline void __static_call_nop(void) { }
> void *func = READ_ONCE(STATIC_CALL_KEY(name).func); \
> if (!func) \
> func = &__static_call_nop; \
> - (typeof(STATIC_CALL_TRAMP(name))*)func; \
> + (typeof(&STATIC_CALL_TYPE(name)))func; \
> })
>
> #define static_call_cond(name) (void)__static_call_cond(name)
> diff --git a/include/linux/static_call_types.h b/include/linux/static_call_types.h
> index 5a00b8b2cf9f..5e658ef537e4 100644
> --- a/include/linux/static_call_types.h
> +++ b/include/linux/static_call_types.h
> @@ -18,6 +18,9 @@
> #define STATIC_CALL_TRAMP(name) __PASTE(STATIC_CALL_TRAMP_PREFIX, name)
> #define STATIC_CALL_TRAMP_STR(name) __stringify(STATIC_CALL_TRAMP(name))
>
> +#define STATIC_CALL_TYPE_PREFIX __SCtype__
> +#define STATIC_CALL_TYPE(name) __PASTE(STATIC_CALL_TYPE_PREFIX, name)
> +
> /*
> * Flags in the low bits of static_call_site::key.
> */
> @@ -36,11 +39,13 @@ struct static_call_site {
>
> #define DECLARE_STATIC_CALL(name, func) \
> extern struct static_call_key STATIC_CALL_KEY(name); \
> - extern typeof(func) STATIC_CALL_TRAMP(name);
> + extern struct static_call_tramp STATIC_CALL_TRAMP(name); \
> + extern typeof(func) STATIC_CALL_TYPE(name)
>
> #ifdef CONFIG_HAVE_STATIC_CALL
>
> -#define __raw_static_call(name) (&STATIC_CALL_TRAMP(name))
> +#define __raw_static_call(name) \
> + ((typeof(&STATIC_CALL_TYPE(name)))&STATIC_CALL_TRAMP(name))
>
> #ifdef CONFIG_HAVE_STATIC_CALL_INLINE
>
> @@ -96,7 +101,7 @@ struct static_call_key {
> };
>
> #define static_call(name) \
> - ((typeof(STATIC_CALL_TRAMP(name))*)(STATIC_CALL_KEY(name).func))
> + ((typeof(&STATIC_CALL_TYPE(name)))(STATIC_CALL_KEY(name).func))
>
> #endif /* CONFIG_HAVE_STATIC_CALL */
>
> --
> 2.30.2
>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-11-08 10:10 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-05 14:59 [PATCH v6 0/2] static call support for arm64 Ard Biesheuvel
2021-11-05 14:59 ` [PATCH v6 1/2] static_call: use non-function types to refer to the trampolines Ard Biesheuvel
2021-11-08 10:08 ` Peter Zijlstra [this message]
2021-11-05 14:59 ` [PATCH v6 2/2] arm64: implement support for static call trampolines Ard Biesheuvel
2021-11-08 10:23 ` Peter Zijlstra
2021-11-08 11:29 ` Ard Biesheuvel
2021-11-08 11:52 ` Peter Zijlstra
2021-11-09 17:55 ` Mark Rutland
2021-11-09 18:09 ` Ard Biesheuvel
2021-11-09 19:02 ` Quentin Perret
2021-11-10 11:09 ` Mark Rutland
2021-11-10 12:05 ` Quentin Perret
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YYj3BMbuP/mkPAIn@hirez.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=frederic@kernel.org \
--cc=james.morse@arm.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=qperret@google.com \
--cc=rostedt@goodmis.org \
--cc=samitolvanen@google.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).