From: Eric Biggers <[email protected]>
aesbs_ecb_encrypt(), aesbs_ecb_decrypt(), aesbs_xts_encrypt(), and
aesbs_xts_decrypt() are called via indirect function calls. Therefore
they need to use SYM_TYPED_FUNC_START instead of SYM_FUNC_START to cause
their type hashes to be emitted when the kernel is built with
CONFIG_CFI_CLANG=y. Otherwise, the code crashes with a CFI failure if
the compiler doesn't happen to optimize out the indirect calls.
Fixes: c50d32859e70 ("arm64: Add types to indirect called assembly functions")
Cc: [email protected]
Signed-off-by: Eric Biggers <[email protected]>
---
arch/arm64/crypto/aes-neonbs-core.S | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/arch/arm64/crypto/aes-neonbs-core.S b/arch/arm64/crypto/aes-neonbs-core.S
index 7278a37c2d5c..baf450717b24 100644
--- a/arch/arm64/crypto/aes-neonbs-core.S
+++ b/arch/arm64/crypto/aes-neonbs-core.S
@@ -15,6 +15,7 @@
*/
#include <linux/linkage.h>
+#include <linux/cfi_types.h>
#include <asm/assembler.h>
.text
@@ -620,12 +621,12 @@ SYM_FUNC_END(aesbs_decrypt8)
.endm
.align 4
-SYM_FUNC_START(aesbs_ecb_encrypt)
+SYM_TYPED_FUNC_START(aesbs_ecb_encrypt)
__ecb_crypt aesbs_encrypt8, v0, v1, v4, v6, v3, v7, v2, v5
SYM_FUNC_END(aesbs_ecb_encrypt)
.align 4
-SYM_FUNC_START(aesbs_ecb_decrypt)
+SYM_TYPED_FUNC_START(aesbs_ecb_decrypt)
__ecb_crypt aesbs_decrypt8, v0, v1, v6, v4, v2, v7, v3, v5
SYM_FUNC_END(aesbs_ecb_decrypt)
@@ -799,11 +800,11 @@ SYM_FUNC_END(__xts_crypt8)
ret
.endm
-SYM_FUNC_START(aesbs_xts_encrypt)
+SYM_TYPED_FUNC_START(aesbs_xts_encrypt)
__xts_crypt aesbs_encrypt8, v0, v1, v4, v6, v3, v7, v2, v5
SYM_FUNC_END(aesbs_xts_encrypt)
-SYM_FUNC_START(aesbs_xts_decrypt)
+SYM_TYPED_FUNC_START(aesbs_xts_decrypt)
__xts_crypt aesbs_decrypt8, v0, v1, v6, v4, v2, v7, v3, v5
SYM_FUNC_END(aesbs_xts_decrypt)
base-commit: f3a2439f20d918930cc4ae8f76fe1c1afd26958f
--
2.39.2
On Mon, 27 Feb 2023 at 07:33, Eric Biggers <[email protected]> wrote:
>
> From: Eric Biggers <[email protected]>
>
> aesbs_ecb_encrypt(), aesbs_ecb_decrypt(), aesbs_xts_encrypt(), and
> aesbs_xts_decrypt() are called via indirect function calls. Therefore
> they need to use SYM_TYPED_FUNC_START instead of SYM_FUNC_START to cause
> their type hashes to be emitted when the kernel is built with
> CONFIG_CFI_CLANG=y. Otherwise, the code crashes with a CFI failure if
> the compiler doesn't happen to optimize out the indirect calls.
>
> Fixes: c50d32859e70 ("arm64: Add types to indirect called assembly functions")
> Cc: [email protected]
> Signed-off-by: Eric Biggers <[email protected]>
Reviewed-by: Ard Biesheuvel <[email protected]>
> ---
> arch/arm64/crypto/aes-neonbs-core.S | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/arch/arm64/crypto/aes-neonbs-core.S b/arch/arm64/crypto/aes-neonbs-core.S
> index 7278a37c2d5c..baf450717b24 100644
> --- a/arch/arm64/crypto/aes-neonbs-core.S
> +++ b/arch/arm64/crypto/aes-neonbs-core.S
> @@ -15,6 +15,7 @@
> */
>
> #include <linux/linkage.h>
> +#include <linux/cfi_types.h>
> #include <asm/assembler.h>
>
> .text
> @@ -620,12 +621,12 @@ SYM_FUNC_END(aesbs_decrypt8)
> .endm
>
> .align 4
> -SYM_FUNC_START(aesbs_ecb_encrypt)
> +SYM_TYPED_FUNC_START(aesbs_ecb_encrypt)
> __ecb_crypt aesbs_encrypt8, v0, v1, v4, v6, v3, v7, v2, v5
> SYM_FUNC_END(aesbs_ecb_encrypt)
>
> .align 4
> -SYM_FUNC_START(aesbs_ecb_decrypt)
> +SYM_TYPED_FUNC_START(aesbs_ecb_decrypt)
> __ecb_crypt aesbs_decrypt8, v0, v1, v6, v4, v2, v7, v3, v5
> SYM_FUNC_END(aesbs_ecb_decrypt)
>
> @@ -799,11 +800,11 @@ SYM_FUNC_END(__xts_crypt8)
> ret
> .endm
>
> -SYM_FUNC_START(aesbs_xts_encrypt)
> +SYM_TYPED_FUNC_START(aesbs_xts_encrypt)
> __xts_crypt aesbs_encrypt8, v0, v1, v4, v6, v3, v7, v2, v5
> SYM_FUNC_END(aesbs_xts_encrypt)
>
> -SYM_FUNC_START(aesbs_xts_decrypt)
> +SYM_TYPED_FUNC_START(aesbs_xts_decrypt)
> __xts_crypt aesbs_decrypt8, v0, v1, v6, v4, v2, v7, v3, v5
> SYM_FUNC_END(aesbs_xts_decrypt)
>
>
> base-commit: f3a2439f20d918930cc4ae8f76fe1c1afd26958f
> --
> 2.39.2
>
Eric Biggers <[email protected]> wrote:
> From: Eric Biggers <[email protected]>
>
> aesbs_ecb_encrypt(), aesbs_ecb_decrypt(), aesbs_xts_encrypt(), and
> aesbs_xts_decrypt() are called via indirect function calls. Therefore
> they need to use SYM_TYPED_FUNC_START instead of SYM_FUNC_START to cause
> their type hashes to be emitted when the kernel is built with
> CONFIG_CFI_CLANG=y. Otherwise, the code crashes with a CFI failure if
> the compiler doesn't happen to optimize out the indirect calls.
>
> Fixes: c50d32859e70 ("arm64: Add types to indirect called assembly functions")
> Cc: [email protected]
> Signed-off-by: Eric Biggers <[email protected]>
> ---
> arch/arm64/crypto/aes-neonbs-core.S | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
Patch applied. Thanks.
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt