lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20210416203844.3803177-1-samitolvanen@google.com>
Date:   Fri, 16 Apr 2021 13:38:29 -0700
From:   Sami Tolvanen <samitolvanen@...gle.com>
To:     x86@...nel.org
Cc:     Kees Cook <keescook@...omium.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Nathan Chancellor <nathan@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Sedat Dilek <sedat.dilek@...il.com>,
        linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org,
        clang-built-linux@...glegroups.com,
        Sami Tolvanen <samitolvanen@...gle.com>
Subject: [PATCH 00/15] x86: Add support for Clang CFI

This series adds support for Clang's Control-Flow Integrity (CFI)
checking for x86_64. With CFI, the compiler injects a runtime check
before each indirect function call to ensure the target is a valid
function with the correct static type. This restricts possible call
targets and makes it more difficult for an attacker to exploit bugs
that allow the modification of stored function pointers. For more
details, see:

  https://clang.llvm.org/docs/ControlFlowIntegrity.html

The first two patches contain objtool support for CFI, and the
remaining patches disable CFI where it shouldn't be used and fix
other smaller issues, such as type conflicts that confuse the
compiler.

Note that the patches are based on next-20210416. You can also pull
the series from

  https://github.com/samitolvanen/linux.git x86-cfi-v1


Kees Cook (3):
  x86/extable: Do not mark exception callback as CFI
  x86/alternatives: Use C int3 selftest but disable KASAN
  x86, relocs: Ignore __typeid__ relocations

Sami Tolvanen (12):
  objtool: Find a destination for jumps beyond the section end
  objtool: Add CONFIG_CFI_CLANG support
  objtool: Add ASM_STACK_FRAME_NON_STANDARD
  static_call: Use global functions for the self-test
  x86: Implement function_nocfi
  x86: Avoid CFI jump tables in IDT and entry points
  x86/ftrace: Use function_nocfi in MCOUNT_ADDR
  x86/purgatory: Disable CFI
  x86, module: Ignore __typeid__ relocations
  x86, cpu: Use LTO for cpu.c with CFI
  x86, kprobes: Fix optprobe_template_func type mismatch
  x86, build: Allow CONFIG_CFI_CLANG to be selected

 arch/x86/Kconfig                    |  1 +
 arch/x86/include/asm/desc.h         |  8 ++++-
 arch/x86/include/asm/ftrace.h       |  2 +-
 arch/x86/include/asm/page.h         | 14 +++++++++
 arch/x86/kernel/Makefile            |  3 ++
 arch/x86/kernel/alternative.c       | 21 +++----------
 arch/x86/kernel/cpu/common.c        |  8 ++---
 arch/x86/kernel/idt.c               |  2 +-
 arch/x86/kernel/kprobes/opt.c       |  4 +--
 arch/x86/kernel/module.c            |  4 +++
 arch/x86/kernel/traps.c             |  2 +-
 arch/x86/mm/extable.c               |  1 +
 arch/x86/power/Makefile             |  2 ++
 arch/x86/purgatory/Makefile         |  2 +-
 arch/x86/tools/relocs.c             |  7 +++++
 arch/x86/xen/Makefile               |  2 ++
 include/linux/objtool.h             |  5 +++
 kernel/static_call.c                |  4 +--
 tools/include/linux/objtool.h       |  5 +++
 tools/objtool/check.c               |  4 +++
 tools/objtool/elf.c                 | 48 +++++++++++++++++++++++++++++
 tools/objtool/include/objtool/elf.h |  2 +-
 22 files changed, 119 insertions(+), 32 deletions(-)


base-commit: 18250b538735142307082e4e99e3ae5c12d44013
-- 
2.31.1.368.gbe11c130af-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ