| Message ID | 20210914191045.2234020-8-samitolvanen@google.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | x86: Add support for Clang CFI | expand |
On Tue, Sep 14, 2021 at 12:10:36PM -0700, Sami Tolvanen wrote: > Disable the UNSET_SMEP test when CONFIG_CFI_CLANG is enabled as > jumping to a call gadget would always trip CFI instead. > > Signed-off-by: Sami Tolvanen <samitolvanen@google.com> Yeah, (thankfully) this test can't work sanely under CFI. Acked-by: Kees Cook <keescook@chromium.org>
diff --git a/drivers/misc/lkdtm/bugs.c b/drivers/misc/lkdtm/bugs.c index 4282b625200f..6e8677852262 100644 --- a/drivers/misc/lkdtm/bugs.c +++ b/drivers/misc/lkdtm/bugs.c @@ -367,7 +367,7 @@ void lkdtm_STACK_GUARD_PAGE_TRAILING(void) void lkdtm_UNSET_SMEP(void) { -#if IS_ENABLED(CONFIG_X86_64) && !IS_ENABLED(CONFIG_UML) +#if IS_ENABLED(CONFIG_X86_64) && !IS_ENABLED(CONFIG_UML) && !IS_ENABLED(CONFIG_CFI_CLANG) #define MOV_CR4_DEPTH 64 void (*direct_write_cr4)(unsigned long val); unsigned char *insn;
Disable the UNSET_SMEP test when CONFIG_CFI_CLANG is enabled as jumping to a call gadget would always trip CFI instead. Signed-off-by: Sami Tolvanen <samitolvanen@google.com> --- drivers/misc/lkdtm/bugs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)