diff mbox series

[v2,52/70] x86/apei: CFI hardening

Message ID 20220214125127.17985-53-andrew.cooper3@citrix.com (mailing list archive)
State New, archived
Headers show
Series x86: Support for CET Indirect Branch Tracking | expand

Commit Message

Andrew Cooper Feb. 14, 2022, 12:51 p.m. UTC 
Control Flow Integrity schemes use toolchain and optionally hardware support
to help protect against call/jump/return oriented programming attacks.

Use cf_check to annotate function pointer targets for the toolchain.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
---
 xen/drivers/acpi/apei/apei-base.c     | 32 ++++++++++----------
 xen/drivers/acpi/apei/apei-internal.h | 20 ++++++------
 xen/drivers/acpi/apei/erst.c          | 57 +++++++++++++++++------------------
 3 files changed, 54 insertions(+), 55 deletions(-)
diff mbox series

Patch

diff --git a/xen/drivers/acpi/apei/apei-base.c b/xen/drivers/acpi/apei/apei-base.c
index 6f81e7fa366a..de75c1cef992 100644
--- a/xen/drivers/acpi/apei/apei-base.c
+++ b/xen/drivers/acpi/apei/apei-base.c
@@ -80,8 +80,8 @@  int __apei_exec_read_register(struct acpi_whea_header *entry, u64 *val)
 	return 0;
 }
 
-int apei_exec_read_register(struct apei_exec_context *ctx,
-			    struct acpi_whea_header *entry)
+int cf_check apei_exec_read_register(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	int rc;
 	u64 val = 0;
@@ -94,8 +94,8 @@  int apei_exec_read_register(struct apei_exec_context *ctx,
 	return 0;
 }
 
-int apei_exec_read_register_value(struct apei_exec_context *ctx,
-				  struct acpi_whea_header *entry)
+int cf_check apei_exec_read_register_value(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	int rc;
 
@@ -126,14 +126,14 @@  int __apei_exec_write_register(struct acpi_whea_header *entry, u64 val)
 	return rc;
 }
 
-int apei_exec_write_register(struct apei_exec_context *ctx,
-			     struct acpi_whea_header *entry)
+int cf_check apei_exec_write_register(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	return __apei_exec_write_register(entry, ctx->value);
 }
 
-int apei_exec_write_register_value(struct apei_exec_context *ctx,
-				   struct acpi_whea_header *entry)
+int cf_check apei_exec_write_register_value(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	int rc;
 
@@ -143,8 +143,8 @@  int apei_exec_write_register_value(struct apei_exec_context *ctx,
 	return rc;
 }
 
-int apei_exec_noop(struct apei_exec_context *ctx,
-		   struct acpi_whea_header *entry)
+int cf_check apei_exec_noop(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	return 0;
 }
@@ -230,9 +230,9 @@  static int __init apei_exec_for_each_entry(struct apei_exec_context *ctx,
 	return 0;
 }
 
-static int __init pre_map_gar_callback(struct apei_exec_context *ctx,
-				       struct acpi_whea_header *entry,
-				       void *data)
+static int __init cf_check pre_map_gar_callback(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry,
+	void *data)
 {
 	u8 ins = entry->instruction;
 
@@ -259,9 +259,9 @@  int __init apei_exec_pre_map_gars(struct apei_exec_context *ctx)
 	return rc;
 }
 
-static int __init post_unmap_gar_callback(struct apei_exec_context *ctx,
-					  struct acpi_whea_header *entry,
-					  void *data)
+static int __init cf_check post_unmap_gar_callback(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry,
+	void *data)
 {
 	u8 ins = entry->instruction;
 
diff --git a/xen/drivers/acpi/apei/apei-internal.h b/xen/drivers/acpi/apei/apei-internal.h
index b813d55b92a9..360e94b9c877 100644
--- a/xen/drivers/acpi/apei/apei-internal.h
+++ b/xen/drivers/acpi/apei/apei-internal.h
@@ -68,16 +68,16 @@  static inline int apei_exec_run_optional(struct apei_exec_context *ctx, u8 actio
 
 int __apei_exec_read_register(struct acpi_whea_header *entry, u64 *val);
 int __apei_exec_write_register(struct acpi_whea_header *entry, u64 val);
-int apei_exec_read_register(struct apei_exec_context *ctx,
-			    struct acpi_whea_header *entry);
-int apei_exec_read_register_value(struct apei_exec_context *ctx,
-				  struct acpi_whea_header *entry);
-int apei_exec_write_register(struct apei_exec_context *ctx,
-			     struct acpi_whea_header *entry);
-int apei_exec_write_register_value(struct apei_exec_context *ctx,
-				   struct acpi_whea_header *entry);
-int apei_exec_noop(struct apei_exec_context *ctx,
-		   struct acpi_whea_header *entry);
+int cf_check apei_exec_read_register(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry);
+int cf_check apei_exec_read_register_value(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry);
+int cf_check apei_exec_write_register(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry);
+int cf_check apei_exec_write_register_value(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry);
+int cf_check apei_exec_noop(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry);
 int apei_exec_pre_map_gars(struct apei_exec_context *ctx);
 int apei_exec_post_unmap_gars(struct apei_exec_context *ctx);
 
diff --git a/xen/drivers/acpi/apei/erst.c b/xen/drivers/acpi/apei/erst.c
index c5df512b9838..40d8f00270d0 100644
--- a/xen/drivers/acpi/apei/erst.c
+++ b/xen/drivers/acpi/apei/erst.c
@@ -114,40 +114,40 @@  static int erst_timedout(u64 *t, u64 spin_unit)
 	return 0;
 }
 
-static int erst_exec_load_var1(struct apei_exec_context *ctx,
-			       struct acpi_whea_header *entry)
+static int cf_check erst_exec_load_var1(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	return __apei_exec_read_register(entry, &ctx->var1);
 }
 
-static int erst_exec_load_var2(struct apei_exec_context *ctx,
-			       struct acpi_whea_header *entry)
+static int cf_check erst_exec_load_var2(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	return __apei_exec_read_register(entry, &ctx->var2);
 }
 
-static int erst_exec_store_var1(struct apei_exec_context *ctx,
-				struct acpi_whea_header *entry)
+static int cf_check erst_exec_store_var1(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	return __apei_exec_write_register(entry, ctx->var1);
 }
 
-static int erst_exec_add(struct apei_exec_context *ctx,
-			 struct acpi_whea_header *entry)
+static int cf_check erst_exec_add(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	ctx->var1 += ctx->var2;
 	return 0;
 }
 
-static int erst_exec_subtract(struct apei_exec_context *ctx,
-			      struct acpi_whea_header *entry)
+static int cf_check erst_exec_subtract(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	ctx->var1 -= ctx->var2;
 	return 0;
 }
 
-static int erst_exec_add_value(struct apei_exec_context *ctx,
-			       struct acpi_whea_header *entry)
+static int cf_check erst_exec_add_value(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	int rc;
 	u64 val;
@@ -160,8 +160,8 @@  static int erst_exec_add_value(struct apei_exec_context *ctx,
 	return rc;
 }
 
-static int erst_exec_subtract_value(struct apei_exec_context *ctx,
-				    struct acpi_whea_header *entry)
+static int cf_check erst_exec_subtract_value(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	int rc;
 	u64 val;
@@ -174,8 +174,8 @@  static int erst_exec_subtract_value(struct apei_exec_context *ctx,
 	return rc;
 }
 
-static int erst_exec_stall(struct apei_exec_context *ctx,
-			   struct acpi_whea_header *entry)
+static int cf_check erst_exec_stall(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	udelay((ctx->var1 > FIRMWARE_MAX_STALL) ? 
 			FIRMWARE_MAX_STALL : 
@@ -183,8 +183,8 @@  static int erst_exec_stall(struct apei_exec_context *ctx,
 	return 0;
 }
 
-static int erst_exec_stall_while_true(struct apei_exec_context *ctx,
-				      struct acpi_whea_header *entry)
+static int cf_check erst_exec_stall_while_true(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	int rc;
 	u64 val;
@@ -205,9 +205,8 @@  static int erst_exec_stall_while_true(struct apei_exec_context *ctx,
 	return 0;
 }
 
-static int erst_exec_skip_next_instruction_if_true(
-	struct apei_exec_context *ctx,
-	struct acpi_whea_header *entry)
+static int cf_check erst_exec_skip_next_instruction_if_true(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	int rc;
 	u64 val;
@@ -223,27 +222,27 @@  static int erst_exec_skip_next_instruction_if_true(
 	return 0;
 }
 
-static int erst_exec_goto(struct apei_exec_context *ctx,
-			  struct acpi_whea_header *entry)
+static int cf_check erst_exec_goto(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	ctx->ip = ctx->value;
 	return APEI_EXEC_SET_IP;
 }
 
-static int erst_exec_set_src_address_base(struct apei_exec_context *ctx,
-					  struct acpi_whea_header *entry)
+static int cf_check erst_exec_set_src_address_base(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	return __apei_exec_read_register(entry, &ctx->src_base);
 }
 
-static int erst_exec_set_dst_address_base(struct apei_exec_context *ctx,
-					  struct acpi_whea_header *entry)
+static int cf_check erst_exec_set_dst_address_base(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	return __apei_exec_read_register(entry, &ctx->dst_base);
 }
 
-static int erst_exec_move_data(struct apei_exec_context *ctx,
-			       struct acpi_whea_header *entry)
+static int cf_check erst_exec_move_data(
+	struct apei_exec_context *ctx, struct acpi_whea_header *entry)
 {
 	int rc;
 	u64 offset;