Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp2314340ybh; Fri, 24 Jul 2020 09:38:24 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzXvQLNuQhRAVATfTzir4wFPzyu2Pbfkr9vJPY6va2azuiaQpFdlnxS2jlZdnqEiiuT2Dwz X-Received: by 2002:a50:bf07:: with SMTP id f7mr1261356edk.356.1595608704005; Fri, 24 Jul 2020 09:38:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1595608704; cv=none; d=google.com; s=arc-20160816; b=Y0fTLQjaKQ7kwiWp/QqEuD9gvgqxiQRxtgHRMokSdr60hRHY+PNUdTYgHJMzRivh30 0ObEXNJpYNs+BLu5S3a5JCk9hV9f5bqZY3x1Zae6yh2xRi4sjL1mS1motNmHV+P+jR8Z AW2qY3idKD5rotDvpQffL29CEY8X9sbziRMYXDN07c5vpK9Glm7lR2JE4Ht9Q9Ni8uZI rVezACW/T+i30Vsv+sHtAjEPLb9GIA1nimdSHUMxBdVGDBsI3T7NuyHOZmd8c34wVb1k KgnhhrF+37etHbysty/26QIR5+reGIc+BNiiSYeWM6zLfpLCPrjIWQpipIfTQH/UWm+U 3mWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=29ksJ8TL8Ompgtx8cCcKoEQQ6PegWrhlbIvTLfgSnQI=; b=oKuNGc8sv2EIi5jsYQneE4mZwwntc9cFK3gkT7h/A0iL4JudAl/cicxJzMOf74CnaX PvzJkAyng2Svoy/eZxWkd7lK4GLG6NicsGSUgRFfmm6291kaFdXof9sIz57lMcqEj1pc 0BVTPwUtm2LmW/4xAOODhfXGBA+JsjLf1xbsJWt3knt5zqefFyrZ3rEIUien2A1I5arP zlNeLUlp8GyH/67pnkqkpHXUHrH1xAxz3oCO/UqdnRjWBzAgXRLXx1c9ftcX91jJahn5 8UzCvSIC/MBfVSRrAA1hNDDD9hq8ttyexTCczeARKoATs+ewYZ6Bz3iS0RGrFEhVD8a1 56mw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s21si835000edy.104.2020.07.24.09.38.00; Fri, 24 Jul 2020 09:38:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726861AbgGXQfb (ORCPT + 99 others); Fri, 24 Jul 2020 12:35:31 -0400 Received: from mail.kernel.org ([198.145.29.99]:54466 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726719AbgGXQfb (ORCPT ); Fri, 24 Jul 2020 12:35:31 -0400 Received: from oasis.local.home (cpe-66-24-58-225.stny.res.rr.com [66.24.58.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 2CCFA20674; Fri, 24 Jul 2020 16:35:30 +0000 (UTC) Date: Fri, 24 Jul 2020 12:35:28 -0400 From: Steven Rostedt To: Oscar Carter Cc: Ingo Molnar , Kees Cook , linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Jann Horn Subject: Re: [PATCH v2 2/2] kernel/trace: Remove function callback casts Message-ID: <20200724123528.36ea9c9e@oasis.local.home> In-Reply-To: <20200724161921.GA3123@ubuntu> References: <20200719155033.24201-1-oscar.carter@gmx.com> <20200719155033.24201-3-oscar.carter@gmx.com> <20200721140545.445f0258@oasis.local.home> <20200724161921.GA3123@ubuntu> X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 24 Jul 2020 18:19:21 +0200 Oscar Carter wrote: > > The linker trick is far less intrusive, and I believe less error prone. > > If we use the linker trick, the warning -Wcast-function-type dissapears, > but in a way that makes impossible to the compiler to get the necessary > info about function prototypes to insert the commented check. As far I > know, this linker trick (redirection of a function) is hidden for the > CFI build. > > So, in my opinion, the linker trick is not suitable if we want to protect > the function pointers of the ftrace subsystem against an attack that > modifiy the normal flow of the kernel. The linker trick should only affect architectures that don't implement the needed features. I can make it so the linker trick is only applied to those archs, and other archs that want more protection only need to add these features to their architectures. It's much less intrusive than this patch. -- Steve