Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp3333591iob; Mon, 16 May 2022 19:46:00 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwbVisuigAbFlwG/DMFAv1t+Y37xn8BaH+1lxG743zKNE0q82qFnW5BID1TE6nF1V8npP9D X-Received: by 2002:a17:902:9887:b0:151:6e1c:7082 with SMTP id s7-20020a170902988700b001516e1c7082mr19999393plp.162.1652755560581; Mon, 16 May 2022 19:46:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652755560; cv=none; d=google.com; s=arc-20160816; b=l70LSHpsQgFxkclGxby4XZLXfyTl1f4Qlhd1928SuYzRhi8QQrn7yBWtYyugQIn0vn AR22QirSlFSDud5WGmJEFdSq3cu8JFY44qG4jECCR4eCzgpW0+yG0Qf+wdW0xINLUQfR 59n3Dxte5+vYxitBLOefrDn3B5sGpaypQZ8ZUVDycZCbgbhanunWWdiYpZeQMvtm+N7c T4udf6W1XvYHCXO99JGE6eIRYTLBqqwDPcgDa1MmqxceZG2OtuehseO+/xBfFx57e8/c QXA4ih2T5HDJV8GeTz/gqodFycePDaZLI5ScVOIPZOIYp/WfmUF9WpkeNz7xnmiKqPgS w2FA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=L6QoMgtwgL3tJe4GB/Ih7yflwSG3aQ00OepOaXpJEe4=; b=ntvjvg7jxCw54ultKoWz4Hw2wekoT2iBgm6/ycjKtXovTEmcKOccfUPGTcXVh+y1jm hfh82hYprYJ4S6iflKk4B0sMNQ2GcgfaPzcE3AVlHnHlrBCaKAAQDwd332GvvMuhYRj+ Cf54xPSkHgxFKppu0Bfd8kCjJtmRdBsvjLKFaZcdhCjONOdMRhbLMICrjGlfMbA68GA5 t7MnxBY39OQr0vkH6vHf7axTqdT7C4obpIpU/v7ECpFOnVdC6LGrW79NKSsfo7kPA4q0 tzQidvcPnK1A/O0CBwRrIElupzUEgS7A/YuWcE2ZFeSRnvSpp/tEq40sBpk6AW2oB58g X6RA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Zc6rshDM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z16-20020a056a00241000b0051057863777si16360000pfh.260.2022.05.16.19.45.48; Mon, 16 May 2022 19:46:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Zc6rshDM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344420AbiEPR5z (ORCPT + 99 others); Mon, 16 May 2022 13:57:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57778 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S243687AbiEPR5x (ORCPT ); Mon, 16 May 2022 13:57:53 -0400 Received: from mail-yw1-x1136.google.com (mail-yw1-x1136.google.com [IPv6:2607:f8b0:4864:20::1136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3D0AE39BBA for ; Mon, 16 May 2022 10:57:52 -0700 (PDT) Received: by mail-yw1-x1136.google.com with SMTP id 00721157ae682-2fedd26615cso49672067b3.7 for ; Mon, 16 May 2022 10:57:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=L6QoMgtwgL3tJe4GB/Ih7yflwSG3aQ00OepOaXpJEe4=; b=Zc6rshDMluaKoextbWcKCqT45DJDCK0JaPZ3RS4WxflJ5a/2R1FtVZTwvZq/ZC+Hvw EfTgd2+B7ClPEcqSvU7y+b3GnV3yZWIyV0f1D6fXPWl0YrRfJlN8YBXVUZIakI1yYwgV W4b5WxKlmQsSVJR+9wPV9YQIYhgG0gWlW6dezlkbaCdnwmnqx3jrkWESEoyVo3pBP70l Qlwl1jFhJ0WQL2n/xxb4UQS1lDEFsNc2shbbjfcRimzgDljTstePWW/JNSIYVgBB78oh oE9ddI7QjLL2xzK+HSxXR23YnlhEVDKmwQwb9PS+RBv0cSQTk6RBLlYpJBELdGn4zXxI i1qw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=L6QoMgtwgL3tJe4GB/Ih7yflwSG3aQ00OepOaXpJEe4=; b=8CnED+wpqfszZU83+DYCb08g/vzmS1R6GlOizoAJ4LTwYercDYG5J2MLxff+HROXgU dV0cIEyDrzJGbDwCEPKa8jiIa1DqXGwMkH8+eV5Tfqs1/cNgtVtJgnUO2HhN8pw+bFWF MP9nNyfErf24Q6wDQKmrmCT1uwYwuz/zKIIGSGcE7j9BHCnFz1Ou6aCuIRxMuXatZbV+ UGVqSsFFuq34+668YiogbRgV89XGO/fiWtFbBXOyBynty0yS1JxEcGm2oWxyjcMlpvLa UagqdQdFxEjQ4WAgYnzORxVNNPDY4U6N7lwMeGGUaYI9y2lmptEEpdgA+0Bp+ulRCowU SXUA== X-Gm-Message-State: AOAM532F5k8mIWpDnkcLPJSBaIc24HiKjcpPaztfymKLivA9+qXCbZw3 N4gJre0Mj2SqvwpnZtDfreZqFbC0QqhzSeytDWRDwg== X-Received: by 2002:a81:7953:0:b0:2fe:f8a9:7e45 with SMTP id u80-20020a817953000000b002fef8a97e45mr6834348ywc.23.1652723871208; Mon, 16 May 2022 10:57:51 -0700 (PDT) MIME-Version: 1.0 References: <20220513202159.1550547-1-samitolvanen@google.com> In-Reply-To: From: Sami Tolvanen Date: Mon, 16 May 2022 10:57:15 -0700 Message-ID: Subject: Re: [RFC PATCH v2 00/21] KCFI support To: sedat.dilek@gmail.com Cc: linux-kernel@vger.kernel.org, Kees Cook , Josh Poimboeuf , Peter Zijlstra , x86@kernel.org, Catalin Marinas , Will Deacon , Mark Rutland , Nathan Chancellor , Nick Desaulniers , Joao Moreira , Steven Rostedt , linux-hardening@vger.kernel.org, linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 16, 2022 at 10:31 AM Sedat Dilek wrote: >> Anything Like LLVM cmake Options to be condidered and Set? > > > I activate Clang and LLD ad projects - OK - enough? Clang and LLD should be sufficient. >> This series is also available in GitHub: >> >> https://github.com/samitolvanen/linux/commits/kcfi-rfc-v2 >> >> >> > >> Can you please add a history of what changed? Oops, I forgot to include that. Changes in v2: - Changed the compiler patch to encode arm64 target and type details in the ESR, and updated the kernel error handling patch accordingly. - Changed the compiler patch to embed the x86_64 type hash in a valid instruction to avoid special casing objtool instruction decoding, and added a __cfi_ symbol for the preamble. Changed the kernel error handling and manual type annotations to match. - Dropped the .kcfi_types section as that=E2=80=99s no longer needed by objtool, and changed the objtool patch to simply ignore the __cfi_ preambles falling through. - Dropped the .kcfi_traps section on arm64 as it=E2=80=99s no longer needed= , and moved the trap look-up code behind CONFIG_ARCH_USES_CFI_TRAPS, which is selected only for x86_64. - Dropped __nocfi attributes from arm64 code where CFI was disabled due to address space confusion issues, and added type annotations to relevant assembly functions. - Dropped __nocfi from __init. > Nathan has a i915 cfi patch in His personal kernel.org Git. > Is this relevant to kcfi? It fixes a type mismatch, so in that sense it's relevant. > To distinguish between clang-cfi we should use different kbuild variables= for kcfi. The plan is to replace the current CFI implementation. Does reusing the kbuild variable names cause a problem? Sami