From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org
Cc: x86@kernel.org, linux-arm-kernel@lists.infradead.org,
Sami Tolvanen <samitolvanen@google.com>
Subject: [PATCH 05/11] crypto: x86/sha256 - fix possible crash with CFI enabled
Date: Fri, 18 Nov 2022 01:02:14 -0800 [thread overview]
Message-ID: <20221118090220.398819-6-ebiggers@kernel.org> (raw)
In-Reply-To: <20221118090220.398819-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
sha256_transform_ssse3(), sha256_transform_avx(),
sha256_transform_rorx(), and sha256_transform_ni() are called via
indirect function calls. These functions need to use
SYM_TYPED_FUNC_START instead of SYM_FUNC_START to cause type hashes to
be emitted when the kernel is built with CONFIG_CFI_CLANG=y. Otherwise,
the code crashes with a CFI failure (if the compiler didn't happen to
optimize out the indirect calls).
Fixes: 3c516f89e17e ("x86: Add support for CONFIG_CFI_CLANG")
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
arch/x86/crypto/sha256-avx-asm.S | 3 ++-
arch/x86/crypto/sha256-avx2-asm.S | 3 ++-
arch/x86/crypto/sha256-ssse3-asm.S | 3 ++-
arch/x86/crypto/sha256_ni_asm.S | 3 ++-
4 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/arch/x86/crypto/sha256-avx-asm.S b/arch/x86/crypto/sha256-avx-asm.S
index 3baa1ec390974..06ea30c20828d 100644
--- a/arch/x86/crypto/sha256-avx-asm.S
+++ b/arch/x86/crypto/sha256-avx-asm.S
@@ -48,6 +48,7 @@
########################################################################
#include <linux/linkage.h>
+#include <linux/cfi_types.h>
## assume buffers not aligned
#define VMOVDQ vmovdqu
@@ -346,7 +347,7 @@ a = TMP_
## arg 3 : Num blocks
########################################################################
.text
-SYM_FUNC_START(sha256_transform_avx)
+SYM_TYPED_FUNC_START(sha256_transform_avx)
.align 32
pushq %rbx
pushq %r12
diff --git a/arch/x86/crypto/sha256-avx2-asm.S b/arch/x86/crypto/sha256-avx2-asm.S
index 9bcdbc47b8b4b..2d2be531a11ed 100644
--- a/arch/x86/crypto/sha256-avx2-asm.S
+++ b/arch/x86/crypto/sha256-avx2-asm.S
@@ -49,6 +49,7 @@
########################################################################
#include <linux/linkage.h>
+#include <linux/cfi_types.h>
## assume buffers not aligned
#define VMOVDQ vmovdqu
@@ -523,7 +524,7 @@ STACK_SIZE = _CTX + _CTX_SIZE
## arg 3 : Num blocks
########################################################################
.text
-SYM_FUNC_START(sha256_transform_rorx)
+SYM_TYPED_FUNC_START(sha256_transform_rorx)
.align 32
pushq %rbx
pushq %r12
diff --git a/arch/x86/crypto/sha256-ssse3-asm.S b/arch/x86/crypto/sha256-ssse3-asm.S
index c4a5db612c327..7db28839108dd 100644
--- a/arch/x86/crypto/sha256-ssse3-asm.S
+++ b/arch/x86/crypto/sha256-ssse3-asm.S
@@ -47,6 +47,7 @@
########################################################################
#include <linux/linkage.h>
+#include <linux/cfi_types.h>
## assume buffers not aligned
#define MOVDQ movdqu
@@ -355,7 +356,7 @@ a = TMP_
## arg 3 : Num blocks
########################################################################
.text
-SYM_FUNC_START(sha256_transform_ssse3)
+SYM_TYPED_FUNC_START(sha256_transform_ssse3)
.align 32
pushq %rbx
pushq %r12
diff --git a/arch/x86/crypto/sha256_ni_asm.S b/arch/x86/crypto/sha256_ni_asm.S
index 94d50dd27cb53..47f93937f798a 100644
--- a/arch/x86/crypto/sha256_ni_asm.S
+++ b/arch/x86/crypto/sha256_ni_asm.S
@@ -54,6 +54,7 @@
*/
#include <linux/linkage.h>
+#include <linux/cfi_types.h>
#define DIGEST_PTR %rdi /* 1st arg */
#define DATA_PTR %rsi /* 2nd arg */
@@ -97,7 +98,7 @@
.text
.align 32
-SYM_FUNC_START(sha256_ni_transform)
+SYM_TYPED_FUNC_START(sha256_ni_transform)
shl $6, NUM_BLKS /* convert to bytes */
jz .Ldone_hash
--
2.38.1
next prev parent reply other threads:[~2022-11-18 9:04 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-18 9:02 [PATCH 0/11] crypto: CFI fixes Eric Biggers
2022-11-18 9:02 ` [PATCH 01/11] crypto: x86/aegis128 - fix crash with CFI enabled Eric Biggers
2022-11-18 9:02 ` [PATCH 02/11] crypto: x86/aria " Eric Biggers
2022-11-18 9:02 ` [PATCH 03/11] crypto: x86/nhpoly1305 - eliminate unnecessary CFI wrappers Eric Biggers
2022-11-18 9:02 ` [PATCH 04/11] crypto: x86/sha1 - fix possible crash with CFI enabled Eric Biggers
2022-11-18 9:02 ` Eric Biggers [this message]
2022-11-18 9:02 ` [PATCH 06/11] crypto: x86/sha512 " Eric Biggers
2022-11-18 9:02 ` [PATCH 07/11] crypto: x86/sm3 " Eric Biggers
2022-11-18 9:02 ` [PATCH 08/11] crypto: arm64/nhpoly1305 - eliminate unnecessary CFI wrapper Eric Biggers
2022-11-18 9:02 ` [PATCH 09/11] crypto: arm64/sm3 - fix possible crash with CFI enabled Eric Biggers
2022-11-18 9:02 ` [PATCH 10/11] crypto: arm/nhpoly1305 - eliminate unnecessary CFI wrapper Eric Biggers
2022-11-18 9:02 ` [PATCH 11/11] Revert "crypto: shash - avoid comparing pointers to exported functions under CFI" Eric Biggers
2022-11-18 9:51 ` [PATCH 0/11] crypto: CFI fixes Peter Zijlstra
2022-11-18 15:43 ` Elliott, Robert (Servers)
2022-11-18 18:49 ` Eric Biggers
2022-11-18 19:14 ` Elliott, Robert (Servers)
2022-11-18 19:18 ` Eric Biggers
2022-11-18 17:21 ` Sami Tolvanen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221118090220.398819-6-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=samitolvanen@google.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox