[PATCH v5 03/18] mm: add generic function_nocfi macro
Mark Rutland
mark.rutland at arm.com
Tue Apr 6 12:27:06 BST 2021
On Thu, Apr 01, 2021 at 04:32:01PM -0700, Sami Tolvanen wrote:
> With CONFIG_CFI_CLANG, the compiler replaces function addresses
> in instrumented C code with jump table addresses. This means that
> __pa_symbol(function) returns the physical address of the jump table
> entry instead of the actual function, which may not work as the jump
> table code will immediately jump to a virtual address that may not be
> mapped.
>
> To avoid this address space confusion, this change adds a generic
> definition for function_nocfi(), which architectures that support CFI
> can override. The typical implementation of would use inline assembly
> to take the function address, which avoids compiler instrumentation.
>
> Signed-off-by: Sami Tolvanen <samitolvanen at google.com>
> Reviewed-by: Kees Cook <keescook at chromium.org>
FWIW:
Acked-by: Mark Rutland <mark.rutland at arm.com>
Mark.
> ---
> include/linux/mm.h | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/include/linux/mm.h b/include/linux/mm.h
> index 8ba434287387..22cce9c7dd05 100644
> --- a/include/linux/mm.h
> +++ b/include/linux/mm.h
> @@ -124,6 +124,16 @@ extern int mmap_rnd_compat_bits __read_mostly;
> #define lm_alias(x) __va(__pa_symbol(x))
> #endif
>
> +/*
> + * With CONFIG_CFI_CLANG, the compiler replaces function addresses in
> + * instrumented C code with jump table addresses. Architectures that
> + * support CFI can define this macro to return the actual function address
> + * when needed.
> + */
> +#ifndef function_nocfi
> +#define function_nocfi(x) (x)
> +#endif
> +
> /*
> * To prevent common memory management code establishing
> * a zero page mapping on a read fault.
> --
> 2.31.0.208.g409f899ff0-goog
>
More information about the linux-arm-kernel
mailing list