lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <Ymz7DWkRJy3PMaHm@hirez.programming.kicks-ass.net> Date: Sat, 30 Apr 2022 11:02:05 +0200 From: Peter Zijlstra <peterz@...radead.org> To: Kees Cook <keescook@...omium.org> Cc: Mark Rutland <mark.rutland@....com>, Josh Poimboeuf <jpoimboe@...hat.com>, Will Deacon <will@...nel.org>, Catalin Marinas <catalin.marinas@....com>, Sami Tolvanen <samitolvanen@...gle.com>, Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Joao Moreira <joao@...rdrivepizza.com>, Sedat Dilek <sedat.dilek@...il.com>, Steven Rostedt <rostedt@...dmis.org>, linux-kernel@...r.kernel.org, x86@...nel.org, linux-hardening@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, llvm@...ts.linux.dev Subject: Re: [RFC PATCH 00/21] KCFI support On Fri, Apr 29, 2022 at 03:53:12PM -0700, Kees Cook wrote: > On Fri, Apr 29, 2022 at 01:36:23PM -0700, Sami Tolvanen wrote: > > KCFI is a proposed forward-edge control-flow integrity scheme for > > Clang, which is more suitable for kernel use than the existing CFI > > scheme used by CONFIG_CFI_CLANG. KCFI doesn't require LTO, doesn't > > alter function references to point to a jump table, and won't break > > function address equality. > > 🎉 :) > > > The latest LLVM patches are here: > > > > https://reviews.llvm.org/D119296 > > https://reviews.llvm.org/D124211 > > > > [...] > > To test this series, you'll need to compile your own Clang toolchain > > with the patches linked above. You can also find the complete source > > tree here: > > > > https://github.com/samitolvanen/llvm-project/commits/kcfi-rfc > > And note that this RFC is seeking to break a bit of a circular dependency > with regard to the design of __builtin_kcfi_call_unchecked (D124211 > above), as the implementation has gone around a few times in review within > LLVM, and we want to make sure that kernel folks are okay with what was > settled on. If there are no objections on the kernel side, then we can > land the KCFI patches, as this is basically the only remaining blocker. So aside from the static_call usage, was there any other? Anyway, I think I hate that __builtin, I'd *much* rather see a variable attribute or qualifier for this, such that one can mark a function pointer as not doing CFI. I simply doesn't make sense to have a builtin that operates on an expression. The whole thing is about indirect calls, IOW function pointers.
Powered by blists - more mailing lists