| Message ID | 20221118194421.160414-1-ebiggers@kernel.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | crypto: CFI fixes | expand |
Eric Biggers <ebiggers@kernel.org> wrote: > This series fixes some crashes when CONFIG_CFI_CLANG (Control Flow > Integrity) is enabled, with the new CFI implementation that was merged > in 6.1 and is supported on x86. Some of them were unconditional > crashes, while others depended on whether the compiler optimized out the > indirect calls or not. This series also simplifies some code that was > intended to work around limitations of the old CFI implementation and is > unnecessary for the new CFI implementation. > > Changed in v2: > - Added patch "crypto: x86/sm4 - fix crash with CFI enabled" > - Restored accidentally-deleted include of <asm/assembler.h> > - Tweaked some commit messages and added Reviewed-by and Acked-by tags > > Eric Biggers (12): > crypto: x86/aegis128 - fix possible crash with CFI enabled > crypto: x86/aria - fix crash with CFI enabled > crypto: x86/nhpoly1305 - eliminate unnecessary CFI wrappers > crypto: x86/sha1 - fix possible crash with CFI enabled > crypto: x86/sha256 - fix possible crash with CFI enabled > crypto: x86/sha512 - fix possible crash with CFI enabled > crypto: x86/sm3 - fix possible crash with CFI enabled > crypto: x86/sm4 - fix crash with CFI enabled > crypto: arm64/nhpoly1305 - eliminate unnecessary CFI wrapper > crypto: arm64/sm3 - fix possible crash with CFI enabled > crypto: arm/nhpoly1305 - eliminate unnecessary CFI wrapper > Revert "crypto: shash - avoid comparing pointers to exported functions > under CFI" > > arch/arm/crypto/nh-neon-core.S | 2 +- > arch/arm/crypto/nhpoly1305-neon-glue.c | 11 ++--------- > arch/arm64/crypto/nh-neon-core.S | 5 +++-- > arch/arm64/crypto/nhpoly1305-neon-glue.c | 11 ++--------- > arch/arm64/crypto/sm3-neon-core.S | 3 ++- > arch/x86/crypto/aegis128-aesni-asm.S | 9 +++++---- > arch/x86/crypto/aria-aesni-avx-asm_64.S | 13 +++++++------ > arch/x86/crypto/nh-avx2-x86_64.S | 5 +++-- > arch/x86/crypto/nh-sse2-x86_64.S | 5 +++-- > arch/x86/crypto/nhpoly1305-avx2-glue.c | 11 ++--------- > arch/x86/crypto/nhpoly1305-sse2-glue.c | 11 ++--------- > arch/x86/crypto/sha1_ni_asm.S | 3 ++- > arch/x86/crypto/sha1_ssse3_asm.S | 3 ++- > arch/x86/crypto/sha256-avx-asm.S | 3 ++- > arch/x86/crypto/sha256-avx2-asm.S | 3 ++- > arch/x86/crypto/sha256-ssse3-asm.S | 3 ++- > arch/x86/crypto/sha256_ni_asm.S | 3 ++- > arch/x86/crypto/sha512-avx-asm.S | 3 ++- > arch/x86/crypto/sha512-avx2-asm.S | 3 ++- > arch/x86/crypto/sha512-ssse3-asm.S | 3 ++- > arch/x86/crypto/sm3-avx-asm_64.S | 3 ++- > arch/x86/crypto/sm4-aesni-avx-asm_64.S | 7 ++++--- > arch/x86/crypto/sm4-aesni-avx2-asm_64.S | 7 ++++--- > crypto/shash.c | 18 +++--------------- > include/crypto/internal/hash.h | 8 +++++++- > 25 files changed, 70 insertions(+), 86 deletions(-) > > > base-commit: 75df46b598b5b46b0857ee7d2410deaf215e23d1 All applied. Thanks.
This series fixes some crashes when CONFIG_CFI_CLANG (Control Flow Integrity) is enabled, with the new CFI implementation that was merged in 6.1 and is supported on x86. Some of them were unconditional crashes, while others depended on whether the compiler optimized out the indirect calls or not. This series also simplifies some code that was intended to work around limitations of the old CFI implementation and is unnecessary for the new CFI implementation. Changed in v2: - Added patch "crypto: x86/sm4 - fix crash with CFI enabled" - Restored accidentally-deleted include of <asm/assembler.h> - Tweaked some commit messages and added Reviewed-by and Acked-by tags Eric Biggers (12): crypto: x86/aegis128 - fix possible crash with CFI enabled crypto: x86/aria - fix crash with CFI enabled crypto: x86/nhpoly1305 - eliminate unnecessary CFI wrappers crypto: x86/sha1 - fix possible crash with CFI enabled crypto: x86/sha256 - fix possible crash with CFI enabled crypto: x86/sha512 - fix possible crash with CFI enabled crypto: x86/sm3 - fix possible crash with CFI enabled crypto: x86/sm4 - fix crash with CFI enabled crypto: arm64/nhpoly1305 - eliminate unnecessary CFI wrapper crypto: arm64/sm3 - fix possible crash with CFI enabled crypto: arm/nhpoly1305 - eliminate unnecessary CFI wrapper Revert "crypto: shash - avoid comparing pointers to exported functions under CFI" arch/arm/crypto/nh-neon-core.S | 2 +- arch/arm/crypto/nhpoly1305-neon-glue.c | 11 ++--------- arch/arm64/crypto/nh-neon-core.S | 5 +++-- arch/arm64/crypto/nhpoly1305-neon-glue.c | 11 ++--------- arch/arm64/crypto/sm3-neon-core.S | 3 ++- arch/x86/crypto/aegis128-aesni-asm.S | 9 +++++---- arch/x86/crypto/aria-aesni-avx-asm_64.S | 13 +++++++------ arch/x86/crypto/nh-avx2-x86_64.S | 5 +++-- arch/x86/crypto/nh-sse2-x86_64.S | 5 +++-- arch/x86/crypto/nhpoly1305-avx2-glue.c | 11 ++--------- arch/x86/crypto/nhpoly1305-sse2-glue.c | 11 ++--------- arch/x86/crypto/sha1_ni_asm.S | 3 ++- arch/x86/crypto/sha1_ssse3_asm.S | 3 ++- arch/x86/crypto/sha256-avx-asm.S | 3 ++- arch/x86/crypto/sha256-avx2-asm.S | 3 ++- arch/x86/crypto/sha256-ssse3-asm.S | 3 ++- arch/x86/crypto/sha256_ni_asm.S | 3 ++- arch/x86/crypto/sha512-avx-asm.S | 3 ++- arch/x86/crypto/sha512-avx2-asm.S | 3 ++- arch/x86/crypto/sha512-ssse3-asm.S | 3 ++- arch/x86/crypto/sm3-avx-asm_64.S | 3 ++- arch/x86/crypto/sm4-aesni-avx-asm_64.S | 7 ++++--- arch/x86/crypto/sm4-aesni-avx2-asm_64.S | 7 ++++--- crypto/shash.c | 18 +++--------------- include/crypto/internal/hash.h | 8 +++++++- 25 files changed, 70 insertions(+), 86 deletions(-) base-commit: 75df46b598b5b46b0857ee7d2410deaf215e23d1