| Message ID | 20220513202159.1550547-12-samitolvanen@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KCFI support | expand |
On Fri, May 13, 2022 at 01:21:49PM -0700, Sami Tolvanen wrote: > With -fsanitize=kcfi, CONFIG_CFI_CLANG no longer has issues > with address space confusion in functions that switch to linear > mapping. Now that the indirectly called assembly functions have > type annotations, drop the __nocfi attributes. > > Suggested-by: Mark Rutland <mark.rutland@arm.com> > Signed-off-by: Sami Tolvanen <samitolvanen@google.com> It looks like there are still other cases that continue to require __nocfi, yes? It looks like after this series, it's still BPF? Reviewed-by: Kees Cook <keescook@chromium.org>
On Sat, May 14, 2022 at 2:54 PM Kees Cook <keescook@chromium.org> wrote: > > On Fri, May 13, 2022 at 01:21:49PM -0700, Sami Tolvanen wrote: > > With -fsanitize=kcfi, CONFIG_CFI_CLANG no longer has issues > > with address space confusion in functions that switch to linear > > mapping. Now that the indirectly called assembly functions have > > type annotations, drop the __nocfi attributes. > > > > Suggested-by: Mark Rutland <mark.rutland@arm.com> > > Signed-off-by: Sami Tolvanen <samitolvanen@google.com> > > It looks like there are still other cases that continue to require > __nocfi, yes? It looks like after this series, it's still BPF? Yes, BPF is the only remaining user of __nocfi after this series. Sami
diff --git a/arch/arm64/include/asm/mmu_context.h b/arch/arm64/include/asm/mmu_context.h index 6770667b34a3..ca0140d0b8cf 100644 --- a/arch/arm64/include/asm/mmu_context.h +++ b/arch/arm64/include/asm/mmu_context.h @@ -143,7 +143,7 @@ static inline void cpu_install_ttbr0(phys_addr_t ttbr0, unsigned long t0sz) * Atomically replaces the active TTBR1_EL1 PGD with a new VA-compatible PGD, * avoiding the possibility of conflicting TLB entries being allocated. */ -static inline void __nocfi cpu_replace_ttbr1(pgd_t *pgdp) +static inline void cpu_replace_ttbr1(pgd_t *pgdp) { typedef void (ttbr_replace_func)(phys_addr_t); extern ttbr_replace_func idmap_cpu_replace_ttbr1; diff --git a/arch/arm64/kernel/alternative.c b/arch/arm64/kernel/alternative.c index 7bbf5104b7b7..e98466bab633 100644 --- a/arch/arm64/kernel/alternative.c +++ b/arch/arm64/kernel/alternative.c @@ -133,7 +133,7 @@ static void clean_dcache_range_nopatch(u64 start, u64 end) } while (cur += d_size, cur < end); } -static void __nocfi __apply_alternatives(struct alt_region *region, bool is_module, +static void __apply_alternatives(struct alt_region *region, bool is_module, unsigned long *feature_mask) { struct alt_instr *alt; diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index d72c4b4d389c..af78dcacf9fe 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -1596,7 +1596,7 @@ static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, } #ifdef CONFIG_UNMAP_KERNEL_AT_EL0 -static void __nocfi +static void kpti_install_ng_mappings(const struct arm64_cpu_capabilities *__unused) { typedef void (kpti_remap_fn)(int, int, phys_addr_t);
With -fsanitize=kcfi, CONFIG_CFI_CLANG no longer has issues with address space confusion in functions that switch to linear mapping. Now that the indirectly called assembly functions have type annotations, drop the __nocfi attributes. Suggested-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Sami Tolvanen <samitolvanen@google.com> --- arch/arm64/include/asm/mmu_context.h | 2 +- arch/arm64/kernel/alternative.c | 2 +- arch/arm64/kernel/cpufeature.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-)