diff mbox series

[v26,6/9] x86/vdso: Insert endbr32/endbr64 to vDSO

Message ID 20210427204720.25007-7-yu-cheng.yu@intel.com (mailing list archive)
State New, archived
Headers show
Series Control-flow Enforcement: Indirect Branch Tracking | expand

Commit Message

Yu-cheng Yu April 27, 2021, 8:47 p.m. UTC 
From: "H.J. Lu" <hjl.tools@gmail.com>

When Indirect Branch Tracking (IBT) is enabled, vDSO functions may be
called indirectly, and must have ENDBR32 or ENDBR64 as the first
instruction.  The compiler must support -fcf-protection=branch so that it
can be used to compile vDSO.

Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
---
v24:
- Replace CONFIG_X86_CET with CONFIG_X86_IBT to reflect splitting of shadow
  stack and ibt.

 arch/x86/entry/vdso/Makefile | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Kees Cook April 28, 2021, 8:38 p.m. UTC | #1 
On Tue, Apr 27, 2021 at 01:47:17PM -0700, Yu-cheng Yu wrote:
> From: "H.J. Lu" <hjl.tools@gmail.com>
> 
> When Indirect Branch Tracking (IBT) is enabled, vDSO functions may be
> called indirectly, and must have ENDBR32 or ENDBR64 as the first
> instruction.  The compiler must support -fcf-protection=branch so that it
> can be used to compile vDSO.
> 
> Signed-off-by: H.J. Lu <hjl.tools@gmail.com>

Reviewed-by: Kees Cook <keescook@chromium.org>
Yu-cheng Yu April 28, 2021, 8:49 p.m. UTC | #2 
On 4/28/2021 1:33 PM, Kees Cook wrote:
> On Tue, Apr 27, 2021 at 01:47:17PM -0700, Yu-cheng Yu wrote:
>> From: "H.J. Lu" <hjl.tools@gmail.com>
>>
>> When Indirect Branch Tracking (IBT) is enabled, vDSO functions may be
>> called indirectly, and must have ENDBR32 or ENDBR64 as the first
>> instruction.  The compiler must support -fcf-protection=branch so that it
>> can be used to compile vDSO.
> 
> If you respin this, you can maybe rephrase this since CONFIG_X86_IBT
> has already tested for the compiler support.
> 

Yes, I will fix this.  Thanks for reviewing!

Yu-cheng

>>
>> Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
>> Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com>
>> Cc: Andy Lutomirski <luto@kernel.org>
>> Cc: Kees Cook <keescook@chromium.org>
> 
> Reviewed-by: Kees Cook <keescook@chromium.org>
> 
> -Kees
> 
>> ---
>> v24:
>> - Replace CONFIG_X86_CET with CONFIG_X86_IBT to reflect splitting of shadow
>>    stack and ibt.
>>
>>   arch/x86/entry/vdso/Makefile | 4 ++++
>>   1 file changed, 4 insertions(+)
>>
>> diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile
>> index 05c4abc2fdfd..a773a5f03b63 100644
>> --- a/arch/x86/entry/vdso/Makefile
>> +++ b/arch/x86/entry/vdso/Makefile
>> @@ -93,6 +93,10 @@ endif
>>   
>>   $(vobjs): KBUILD_CFLAGS := $(filter-out $(CC_FLAGS_LTO) $(GCC_PLUGINS_CFLAGS) $(RETPOLINE_CFLAGS),$(KBUILD_CFLAGS)) $(CFL)
>>   
>> +ifdef CONFIG_X86_IBT
>> +$(vobjs) $(vobjs32): KBUILD_CFLAGS += -fcf-protection=branch
>> +endif
>> +
>>   #
>>   # vDSO code runs in userspace and -pg doesn't help with profiling anyway.
>>   #
>> -- 
>> 2.21.0
>>
>
diff mbox series

Patch

diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile
index 05c4abc2fdfd..a773a5f03b63 100644
--- a/arch/x86/entry/vdso/Makefile
+++ b/arch/x86/entry/vdso/Makefile
@@ -93,6 +93,10 @@  endif
 
 $(vobjs): KBUILD_CFLAGS := $(filter-out $(CC_FLAGS_LTO) $(GCC_PLUGINS_CFLAGS) $(RETPOLINE_CFLAGS),$(KBUILD_CFLAGS)) $(CFL)
 
+ifdef CONFIG_X86_IBT
+$(vobjs) $(vobjs32): KBUILD_CFLAGS += -fcf-protection=branch
+endif
+
 #
 # vDSO code runs in userspace and -pg doesn't help with profiling anyway.
 #