Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp656521pxb; Fri, 16 Apr 2021 15:01:54 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwC8mAIdOXFAZBxYRoOvYMOnGFNc7zs7GX/equ07cwlzTNZwjI22qj3WI6jPUqz2DgKN+SO X-Received: by 2002:a17:903:18e:b029:ec:7e58:fbe1 with SMTP id z14-20020a170903018eb02900ec7e58fbe1mr3909631plg.70.1618610514726; Fri, 16 Apr 2021 15:01:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618610514; cv=none; d=google.com; s=arc-20160816; b=WzcMQHmrF+AUDQ5vOCEFLhr8mtn9GbhWLxzLmIoq3jNnOVbJPaZCGPdbnqZyd0rmEh g71x1rzp+7iyGjHe/jbNyGPTSGPO6sgGUJa+kk7ohHoeXcA0Z8t+KV9k1wKArXuTLdyt EhGFO9+sOBaIf8+hqdp6Z+rQE4kejwuONBRlpr/liGUwAkY5b4aMK5lqcMym9+xIDQXC vKo2AeXcOWhvE4WU2cktWQpqHrQY9oU8ranmIi0O2c/370yN7dJ6JoVgROfqmBif8i46 QKe2XotceeJG9pgBca8Q39jiJYCr/3OLH535qcXihR2M3JEg7IZfu1sRLNcGd5uFd1bC PIKw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=gU1hOjx3K7IYMK70RtBuGAoh0CWdKH9ubIz9k5V8HEI=; b=QLNOPKMNkRY0wAP5Y5NEWwsK7JlZZchgeWWxgZCB8IQoq8pK/abA5UsQ7PpBwIJbu+ WRY317c7lK5kzL9ugfsQ56y6kyhLFuPOQgKel/0E2rlsMj7/H2MzS1+zB2rJkLGnUhVL /RwIwvImE4yeFLaU5OQ/c6W5LFL79YdNWLUnfFKSAAMKrz5v5BwkAPPQVCW+S/vtVCi3 hBKa0K9MyWxYy0ozz/Y1E+a7DYT9HqD9H22as9p4hYsGJuaLOXDCIgJHbie2teVPKVaD 6N/V21qm4XEl5NCBFKBS/C3pu+CI7wFydBqcB86dJxq0jEhYbc62fM7M6yOul3K9aOdu R2hA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="qnTY33/T"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p8si7578848pfo.339.2021.04.16.15.01.42; Fri, 16 Apr 2021 15:01:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="qnTY33/T"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343988AbhDPUjp (ORCPT + 99 others); Fri, 16 Apr 2021 16:39:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41284 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343883AbhDPUj3 (ORCPT ); Fri, 16 Apr 2021 16:39:29 -0400 Received: from mail-qt1-x84a.google.com (mail-qt1-x84a.google.com [IPv6:2607:f8b0:4864:20::84a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08CABC061760 for ; Fri, 16 Apr 2021 13:39:02 -0700 (PDT) Received: by mail-qt1-x84a.google.com with SMTP id w21-20020ac871950000b02901b1a8294c46so2774697qto.7 for ; Fri, 16 Apr 2021 13:39:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=gU1hOjx3K7IYMK70RtBuGAoh0CWdKH9ubIz9k5V8HEI=; b=qnTY33/TYDr9Xvg5TYrpjX+9v7evpKhX+xdQCGNu5E4HtLXpDdp8wSbAU0J2BsOxwD KA8muBta7k72GkBdRtBSqH1brqL6Ycbe2m1pQ8/lq9lhaikv86shjHyMXNuO+fhlMQlE /CryjQTT5qVpt+pPBec2b3fKR3MvJ5jFf0WHv2LauKYtfORG1xa5cC9/sXGKGaS6v01l LWo8YYdakTDtVSqEVaDmQQ7ItC+FPQkba8mWEDHKKBaEkEk4PuHopVzWU0wWYNSEV93B mh2CEdnxEeEPFnhVbVF1+QGqL6jsaqwfXF9+Lh1x4oAo3/SbE0nii88Jx5RLnZUbgkId o/pA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=gU1hOjx3K7IYMK70RtBuGAoh0CWdKH9ubIz9k5V8HEI=; b=Oz9RDTEXU4BXLhK+xcBeVwy5ZRWL30DFfFWtvBzR5URVub6ZBkv1fYD3jskbP3Okje 6FDKmDdP6Tw3kPJ1w3Mp6Idla+F1CE3wRaCbIqmchPpzGI5l84lTYFmDqLYHvjjjTyo1 f8YDMukO5WyS0z2uxNZWYSccizIf0GAOI/mPT0Zo8o1kb+SHdd5s//oDE1MXLVCGMYeB 6ljSN33IQNHhICIvY5aTuP8Vjf0g66nAp8H39c91wJxxEOIsa6CAaWGuEn2LEmRuCoU5 QxqjRWlUgWnnq31jx1yH1OeIZ+pwyE8qjq5jIYPRFIKvNOKzuubUvk0+6wEuPwqmr0Rs 4Few== X-Gm-Message-State: AOAM531gRP5Ks5DXIuAK4f4txberdXXbnx1YNLpQciZbPaFfEwOzcLke 737IXCqPOdQIY6Tm0zmsvE7MmvvdzuFbSzdunVw= X-Received: from samitolvanen1.mtv.corp.google.com ([2620:15c:201:2:e262:3d8e:cbf:6164]) (user=samitolvanen job=sendgmr) by 2002:a05:6214:176a:: with SMTP id et10mr10444816qvb.23.1618605542149; Fri, 16 Apr 2021 13:39:02 -0700 (PDT) Date: Fri, 16 Apr 2021 13:38:37 -0700 In-Reply-To: <20210416203844.3803177-1-samitolvanen@google.com> Message-Id: <20210416203844.3803177-9-samitolvanen@google.com> Mime-Version: 1.0 References: <20210416203844.3803177-1-samitolvanen@google.com> X-Mailer: git-send-email 2.31.1.368.gbe11c130af-goog Subject: [PATCH 08/15] x86/extable: Do not mark exception callback as CFI From: Sami Tolvanen To: x86@kernel.org Cc: Kees Cook , Josh Poimboeuf , Peter Zijlstra , Nathan Chancellor , Nick Desaulniers , Sedat Dilek , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, clang-built-linux@googlegroups.com, Sami Tolvanen Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Kees Cook The exception table entries are constructed out of a relative offset and point to the actual function, not the CFI table entry. For now, just mark the caller as not checking CFI. The failure is most visible at boot with CONFIG_DEBUG_RODATA_TEST=y. Signed-off-by: Kees Cook Signed-off-by: Sami Tolvanen --- arch/x86/mm/extable.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/mm/extable.c b/arch/x86/mm/extable.c index b93d6cd08a7f..a7eae1c4c59f 100644 --- a/arch/x86/mm/extable.c +++ b/arch/x86/mm/extable.c @@ -155,6 +155,7 @@ enum handler_type ex_get_fault_handler_type(unsigned long ip) return EX_HANDLER_OTHER; } +__nocfi int fixup_exception(struct pt_regs *regs, int trapnr, unsigned long error_code, unsigned long fault_addr) { -- 2.31.1.368.gbe11c130af-goog