[PATCH v8 0/9] CFI for ARM32 using LLVM
Sami Tolvanen
samitolvanen at google.com
Mon Apr 29 08:06:26 PDT 2024
On Mon, Apr 29, 2024 at 7:54 AM Ard Biesheuvel <ardb at kernel.org> wrote:
>
> On Mon, 29 Apr 2024 at 15:22, Russell King (Oracle)
> <linux at armlinux.org.uk> wrote:
> >
> > I've applied this to a separate branch, and it should be in
> > linux-next by tomorrow.
> >
> > As mentioned today on a previous iteration of the patch series,
> > I'm not all that happy with the introduction of delay-inducing
> > branches to solve CFI issues especially on the early CPUs where
> > a branch causes the CPUs pipeline to be flushed - thus making
> > branches expensive.
> >
> > Can we make these branches conditional on the use of CFI?
> >
> > Didn't Ard mention there was a way to do this using symbol aliases?
> >
>
> Yes, but only if the prototypes are identical. Not sure why Linus
> decided to keep this separate, but 9386/2 implements this for
> flush_user_cache_all() vs. flush_kern_cache_all().
>
> For coherent_user_range() vs. coherent_kern_range(), the return type
> is different (void vs int)
>
> So we could either make coherent_kern_range() return int as well, or
> alternatively, we could emit the branch instructions only when CFI is
> enabled (as in that case, SYM_TYPED_FUNC_START() expands to something
> that prevents a fall through)
>
> E.g.,
>
> --- a/arch/arm/mm/cache-v4wt.S
> +++ b/arch/arm/mm/cache-v4wt.S
> @@ -108,7 +108,9 @@ SYM_FUNC_END(v4wt_flush_user_cache_range)
> * - end - virtual end address
> */
> SYM_TYPED_FUNC_START(v4wt_coherent_kern_range)
> +#ifdef CONFIG_CFI_CLANG
> b v4wt_coherent_user_range
> +#endif
> SYM_FUNC_END(v4wt_coherent_kern_range)
>
> /*
>
> AFAICT, SYM_TYPED_FUNC_START() does not prevent a fall through if
> CFI_CLANG is disabled, but someone should double check.
Correct, it's a normal function entry without CFI_CLANG and falling
through should work just fine.
Sami
More information about the linux-arm-kernel
mailing list