projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 078dfe2) | patch
xsm/flask/ss: CFI hardening
authorAndrew Cooper <andrew.cooper3@citrix.com>
Fri, 29 Oct 2021 14:32:08 +0000 (15:32 +0100)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Wed, 23 Feb 2022 15:33:43 +0000 (15:33 +0000)
commitc9e0a06259aff799b57b3180ba815081c914f4e8
tree6ea1bd9b1a5bead14f003eb332437f69e94cabeetree | snapshot
parent078dfe2fe0084e9a656928a186213821c5c5bad4commit | diff
xsm/flask/ss: CFI hardening

Control Flow Integrity schemes use toolchain and optionally hardware support
to help protect against call/jump/return oriented programming attacks.

Use cf_check to annotate function pointer targets for the toolchain.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Daniel P. Smith <dpsmith@apertussolutions.com>
xen/xsm/flask/ss/avtab.c diff | blob | history
xen/xsm/flask/ss/conditional.c diff | blob | history
xen/xsm/flask/ss/conditional.h diff | blob | history
xen/xsm/flask/ss/policydb.c diff | blob | history
xen/xsm/flask/ss/services.c diff | blob | history
xen/xsm/flask/ss/symtab.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.