[PATCH] D65629: cfi-icall: Allow the jump table to be optionally made non-canonical.
Kees Cook via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Aug 9 01:00:27 PDT 2019
kees added a comment.
Just FYI, I can confirm a happily running arm64 kernel with CFI enabled built with this patch series. The C wrappers aren't needed and CFI is still triggering on mismatches:
[ 106.656280] lkdtm: Performing direct entry CFI_FORWARD_PROTO
[ 106.657307] lkdtm: Calling matched prototype ...
[ 106.657432] lkdtm: Calling mismatched prototype ...
[ 106.658216] ------------[ cut here ]------------
[ 106.659084] CFI failure (target: lkdtm_increment_int$53641d38e2dc4a151b75cbe816cbb86b.cfi_jt+0x0/0x4):
[ 106.671576] WARNING: CPU: 1 PID: 2716 at kernel/cfi.c:29 __cfi_check_fail+0x44/0x4c
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D65629/new/
https://reviews.llvm.org/D65629
More information about the cfe-commits
mailing list