Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp3434051rwi; Fri, 21 Oct 2022 16:42:12 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7NDI6N12BtwKi0JliMAgxnBI3LFi0TxpFPCZJFoYDNMGM8HMOToJswgosUQSbf3+J7N4nL X-Received: by 2002:a17:902:dacf:b0:185:3735:ffc7 with SMTP id q15-20020a170902dacf00b001853735ffc7mr21004368plx.147.1666395732030; Fri, 21 Oct 2022 16:42:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666395732; cv=none; d=google.com; s=arc-20160816; b=e8ypLObM3Y2zXxQI1SNfXJX0zFM85u/3MYhX4CmWP7YUohClW4C/IWeZC9r8CuouRL peEqDDvROkXvq+cte8NldB5PamDfOxKcMY4PVePjKoKtieGYOTP6aUNU4ng/eSLXWyZk 6OEj+0FpfIBBRTwogfFUr94uIZi6OvFMgxVdLwkCnWskKpAKlrWFaIggYb5TMHyTZbYf NZWJtiba7NdOgvlbQO3jqxNrVkpTuHzBED3dOzMKYqjUrlgsdweH+AvjITw8MX06CPZY tKdE3Ts/6+pOuJb3Qe3znWXs/k75N8qpg/nt2R8yIH0IYokBvHt1UUIW+x2YpZcz8ZUp IiBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=ekQjIFkEcGQsC27bHYJYTv105S8on5ec6PCn3zicMgk=; b=Gtc5MsEQR/lLKvyG54YLBm9HUlvZdqn9mKOQn0FWVAXVxTRShAjhM4e4cWZPDQEoQm W3USoqhkvYb82Soj+Tb0HwrMsxXaUJ5P9T/Pup9nem4Us0xu+3yQ/KYASVAJvD+XLQR6 2ws3cyU6eFPFNHtFoCHqmQyzgTYQK9n+I0vFcoC9PJF/CH04pIXXRnXO6k6uwCkOaOSj 26TsMLgwK7gni65tRhDKPZUyAB9V+jlSR4v03O+DnummXliFFzOAHwKONjl8dWDEQO6B rxBnmUWA09SMSwkaHj+yMJ/zmp7BcJxrCGECwetnTO2p9bsy3tIo6DQREhLrSD5G8WJe UYpA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="Col0fq/5"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j8-20020a056a00130800b00561898445bdsi28061906pfu.273.2022.10.21.16.41.58; Fri, 21 Oct 2022 16:42:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="Col0fq/5"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229664AbiJUXJG (ORCPT + 99 others); Fri, 21 Oct 2022 19:09:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51276 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229497AbiJUXJE (ORCPT ); Fri, 21 Oct 2022 19:09:04 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E69B52A934E for ; Fri, 21 Oct 2022 16:09:03 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 9822DB82D8A for ; Fri, 21 Oct 2022 23:09:02 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id EF3F1C433D7; Fri, 21 Oct 2022 23:09:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1666393741; bh=/209B5q5fAsMzd57io+X83Y3V+4/3rfLq9Maz8bcl6k=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Col0fq/5u/mfv2kRTF+GOen4HTlJk29yNGMnXqLrGmelTlJig8A057pO8eQ3Weznr v+aVKZP14/mAoViQo7itBNV2CShVXZBW3dplXRv1BXZxGhdtoZIgChOqrPLe+DL17N p4ioI6WIsWOQNrDgKryxwv11imfNu4KEsr5K6wSj053C4VcNOZBiKMdHsa+H3MZXHn ETbdTEHqUbYm1ZhMBcJoSV7YLBsFdr//Caa1CSdE+YtAdnLGQp7PIIR4awUrSjVaMh IEtYVoyefRmBAona0/fALTTVfI/MgW1NX878H9JX2c+6WCtVxrgGa+p3lWIiSVQqCm 3fkP0A4/KfWaw== Date: Fri, 21 Oct 2022 16:08:59 -0700 From: Josh Poimboeuf To: Peter Zijlstra Cc: x86@kernel.org, Kees Cook , Sami Tolvanen , Joao Moreira , linux-kernel@vger.kernel.org, Mark Rutland , Josh Poimboeuf Subject: Re: [PATCH] x86/ibt: Implement FineIBT Message-ID: <20221021230859.gysp5v3yzfqz4xgb@treble> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Oct 18, 2022 at 03:35:50PM +0200, Peter Zijlstra wrote: > +#ifdef CONFIG_FINEIBT > +/* > + * kCFI FineIBT > + * > + * __cfi_\func: __cfi_\func: > + * movl $0x12345678,%eax endbr64 // 4 > + * nop subl $0x12345678,%r10d // 7 > + * nop jz 1f // 2 > + * nop ud2 // 2 > + * nop 1: nop // 1 > + * nop > + * nop > + * nop > + * nop > + * nop > + * nop > + * nop All the "CFI" naming everywhere is very unfortunate. We already have "call frame information" in both the toolchain and objtool. The feature is called "kCFI" anyway, can Clang call the symbols '__kcfi_*'? > +++ b/tools/objtool/builtin-check.c > @@ -79,6 +79,7 @@ const struct option check_options[] = { > OPT_BOOLEAN('s', "stackval", &opts.stackval, "validate frame pointer rules"), > OPT_BOOLEAN('t', "static-call", &opts.static_call, "annotate static calls"), > OPT_BOOLEAN('u', "uaccess", &opts.uaccess, "validate uaccess rules for SMAP"), > + OPT_BOOLEAN(0 , "cfi", &opts.cfi, "generate cfi_sites"), "annotate kernel control flow integrity (kCFI) function preambles" ? > +++ b/tools/objtool/check.c > @@ -861,6 +861,62 @@ static int create_ibt_endbr_seal_section > return 0; > } > > +static int create_cfi_sections(struct objtool_file *file) > +{ > + struct section *sec, *s; > + struct symbol *sym; > + unsigned int *loc; > + int idx; > + > + sec = find_section_by_name(file->elf, ".cfi_sites"); > + if (sec) { > + INIT_LIST_HEAD(&file->call_list); > + WARN("file already has .cfi_sites section, skipping"); > + return 0; > + } > + > + idx = 0; > + for_each_sec(file, s) { > + if (!s->text) > + continue; > + > + list_for_each_entry(sym, &s->symbol_list, list) { > + if (strncmp(sym->name, "__cfi_", 6)) > + continue; Also make sure it's STT_FUNC. > + > + idx++; > + } > + } > + > + sec = elf_create_section(file->elf, ".cfi_sites", 0, sizeof(unsigned int), idx); > + if (!sec) > + return -1; > + > + idx = 0; > + for_each_sec(file, s) { > + if (!s->text) > + continue; > + > + list_for_each_entry(sym, &s->symbol_list, list) { > + if (strncmp(sym->name, "__cfi_", 6)) > + continue; Ditto. -- Josh