lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <PAXPR04MB83044938120EC7C8C55FB2A6EBBA9@PAXPR04MB8304.eurprd04.prod.outlook.com>
Date:   Thu, 30 Jun 2022 06:20:27 +0000
From:   Zhipeng Wang <zhipeng.wang_1@....com>
To:     Wolfram Sang <wsa@...nel.org>,
        "samitolvanen@...gle.com" <samitolvanen@...gle.com>
CC:     "linux-i2c@...r.kernel.org" <linux-i2c@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [EXT] Re: [PATCH] i2c: core: Disable i2c_generic_scl_recovery
 callback checks with CFI

CONFIG_CFI_CLANG breaks cross-module function address equality because the jump tables are built at link time. That works for the monolithic kernel, but loadable modules are linked separately. CFI in loadable modules works, but each module gets its own jump tables. That function pointers are replaced by pointers into the jump tables; since modules have different jump tables, they will get different pointers as well. In other words, the values of two pointers to the same function will differ if one of them is in a loadable module.

In summary. info->recover_bus = i2c_generic_scl_recovery in I2C adapter driver, and in the I2C core to judge whether bri->recover_bus and i2c_generic_scl_recovery are equal, the case cannot work, after enabling CFI.

From a) to fix this issue, we can only avoid the case mentioned above. I didn't find a better way, so I submitted this patch.
From b) CFI to fix this issue, does Sami @samitolvanen@...gle.com have a solution? According to my understanding, this is a side effect of Control Flow Integrity (CFI).

BRs
Zhipeng

-----Original Message-----
From: Wolfram Sang <wsa@...nel.org> 
Sent: 2022年6月30日 3:29
To: Zhipeng Wang <zhipeng.wang_1@....com>
Cc: linux-i2c@...r.kernel.org; linux-kernel@...r.kernel.org
Subject: [EXT] Re: [PATCH] i2c: core: Disable i2c_generic_scl_recovery callback checks with CFI

On Tue, Jun 28, 2022 at 10:41:55AM +0800, Zhipeng Wang wrote:
> CONFIG_CFI_CLANG breaks cross-module function address equality, which 
> breaks i2c_generic_scl_recovery as it compares a locally taken 
> function address to a one passed from a different module. Remove these 
> sanity checks for now.

Can't we better fix a) the code or b) CFI?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ