mbox series

[bpf-next,v2,0/2] bpf: Build with -Wcast-function-type

Message ID 20210928230946.4062144-1-keescook@chromium.org (mailing list archive)
Headers show
Series bpf: Build with -Wcast-function-type | expand

Message

Kees Cook Sept. 28, 2021, 11:09 p.m. UTC 
Hi,

In order to keep ahead of cases in the kernel where Control Flow Integrity
(CFI) may trip over function call casts, enabling -Wcast-function-type
is helpful. To that end, replace BPF_CAST_CALL() as it triggers warnings
with this option and is now one of the last places in the kernel in need
of fixing.

Thanks,

-Kees

v2:
- rebase to bpf-next
- add acks
v1: https://lore.kernel.org/lkml/20210927182700.2980499-1-keescook@chromium.org

Kees Cook (2):
  bpf: Replace "want address" users of BPF_CAST_CALL with BPF_CALL_IMM
  bpf: Replace callers of BPF_CAST_CALL with proper function typedef

 include/linux/bpf.h    |  4 +++-
 include/linux/filter.h |  7 +++----
 kernel/bpf/arraymap.c  |  7 +++----
 kernel/bpf/hashtab.c   | 13 ++++++-------
 kernel/bpf/helpers.c   |  5 ++---
 kernel/bpf/verifier.c  | 26 +++++++++-----------------
 lib/test_bpf.c         |  2 +-
 7 files changed, 27 insertions(+), 37 deletions(-)

Comments

Alexei Starovoitov Sept. 28, 2021, 11:33 p.m. UTC | #1 
On Tue, Sep 28, 2021 at 4:09 PM Kees Cook <keescook@chromium.org> wrote:
>
> Hi,
>
> In order to keep ahead of cases in the kernel where Control Flow Integrity
> (CFI) may trip over function call casts, enabling -Wcast-function-type
> is helpful. To that end, replace BPF_CAST_CALL() as it triggers warnings
> with this option and is now one of the last places in the kernel in need
> of fixing.
>
> Thanks,
>
> -Kees
>
> v2:
> - rebase to bpf-next
> - add acks
> v1: https://lore.kernel.org/lkml/20210927182700.2980499-1-keescook@chromium.org

Applied. Thanks