c50d32859e
With CONFIG_CFI_CLANG, assembly functions indirectly called from C code must be annotated with type identifiers to pass CFI checking. Use SYM_TYPED_FUNC_START for the indirectly called functions, and ensure we emit `bti c` also with SYM_TYPED_FUNC_START. Signed-off-by: Sami Tolvanen <samitolvanen@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Tested-by: Kees Cook <keescook@chromium.org> Tested-by: Nathan Chancellor <nathan@kernel.org> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Tested-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20220908215504.3686827-10-samitolvanen@google.com
47 lines
1.1 KiB
C
47 lines
1.1 KiB
C
#ifndef __ASM_LINKAGE_H
|
|
#define __ASM_LINKAGE_H
|
|
|
|
#ifdef __ASSEMBLY__
|
|
#include <asm/assembler.h>
|
|
#endif
|
|
|
|
#define __ALIGN .align 2
|
|
#define __ALIGN_STR ".align 2"
|
|
|
|
/*
|
|
* When using in-kernel BTI we need to ensure that PCS-conformant
|
|
* assembly functions have suitable annotations. Override
|
|
* SYM_FUNC_START to insert a BTI landing pad at the start of
|
|
* everything, the override is done unconditionally so we're more
|
|
* likely to notice any drift from the overridden definitions.
|
|
*/
|
|
#define SYM_FUNC_START(name) \
|
|
SYM_START(name, SYM_L_GLOBAL, SYM_A_ALIGN) \
|
|
bti c ;
|
|
|
|
#define SYM_FUNC_START_NOALIGN(name) \
|
|
SYM_START(name, SYM_L_GLOBAL, SYM_A_NONE) \
|
|
bti c ;
|
|
|
|
#define SYM_FUNC_START_LOCAL(name) \
|
|
SYM_START(name, SYM_L_LOCAL, SYM_A_ALIGN) \
|
|
bti c ;
|
|
|
|
#define SYM_FUNC_START_LOCAL_NOALIGN(name) \
|
|
SYM_START(name, SYM_L_LOCAL, SYM_A_NONE) \
|
|
bti c ;
|
|
|
|
#define SYM_FUNC_START_WEAK(name) \
|
|
SYM_START(name, SYM_L_WEAK, SYM_A_ALIGN) \
|
|
bti c ;
|
|
|
|
#define SYM_FUNC_START_WEAK_NOALIGN(name) \
|
|
SYM_START(name, SYM_L_WEAK, SYM_A_NONE) \
|
|
bti c ;
|
|
|
|
#define SYM_TYPED_FUNC_START(name) \
|
|
SYM_TYPED_START(name, SYM_L_GLOBAL, SYM_A_ALIGN) \
|
|
bti c ;
|
|
|
|
#endif
|