| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241216233704.3208607-7-dwmw2@infradead.org>
Date: Mon, 16 Dec 2024 23:24:13 +0000
From: David Woodhouse <dwmw2@...radead.org>
To: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
x86@...nel.org,
"H. Peter Anvin" <hpa@...or.com>,
Eric Biederman <ebiederm@...ssion.com>,
David Woodhouse <dwmw@...zon.co.uk>,
Sourabh Jain <sourabhjain@...ux.ibm.com>,
Hari Bathini <hbathini@...ux.ibm.com>,
Michael Ellerman <mpe@...erman.id.au>,
Thomas Zimmermann <tzimmermann@...e.de>,
Andrew Morton <akpm@...ux-foundation.org>,
Baoquan He <bhe@...hat.com>,
Yuntao Wang <ytcoode@...il.com>,
David Kaplan <david.kaplan@....com>,
Tao Liu <ltao@...hat.com>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Kai Huang <kai.huang@...el.com>,
Ard Biesheuvel <ardb@...nel.org>,
Josh Poimboeuf <jpoimboe@...nel.org>,
Breno Leitao <leitao@...ian.org>,
Wei Yang <richard.weiyang@...il.com>,
Rong Xu <xur@...gle.com>,
Thomas Weißschuh <thomas.weissschuh@...utronix.de>,
linux-kernel@...r.kernel.org,
kexec@...ts.infradead.org,
Simon Horman <horms@...nel.org>,
Dave Young <dyoung@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
bsz@...zon.de,
nathan@...nel.org
Subject: [PATCH 6/9] x86/kexec: Mark machine_kexec() with __nocfi
From: David Woodhouse <dwmw@...zon.co.uk>
A recent commit caused the relocate_kernel() function to be invoked
through a function pointer, but it does not have CFI information. The
resulting trap occurs after the IDT and GDT have been invalidated,
leading to a triple-fault if CONFIG_CFI_CLANG is enabled.
Using SYM_TYPED_FUNC_START() to provide the CFI information looks like
it will require a prolonged battle with objtool. And is fairly pointless
anyway, as the actual signature comes from a __kcfi_typeid_… symbol
emitted from the C code based on the function prototype it thinks that
relocate_kernel has, rendering the check somewhat tautological.
The simple fix is just to mark machine_kexec() with __nocfi.
Reported-by: Nathan Chancellor <nathan@...nel.org>
Suggested-by: Nathan Chancellor <nathan@...nel.org>
Fixes: eeebbde57113 ("x86/kexec: Invoke copy of relocate_kernel() instead of
the original")
Signed-off-by: David Woodhouse <dwmw@...zon.co.uk>
---
arch/x86/kernel/machine_kexec_64.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
index 9232ad1562c8..1440f792a86d 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -342,7 +342,7 @@ void machine_kexec_cleanup(struct kimage *image)
* Do not allocate memory (or fail in any way) in machine_kexec().
* We are past the point of no return, committed to rebooting now.
*/
-void machine_kexec(struct kimage *image)
+void __nocfi machine_kexec(struct kimage *image)
{
unsigned long (*relocate_kernel_ptr)(unsigned long indirection_page,
unsigned long pa_control_page,
--
2.47.0
Powered by blists - more mailing lists