projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7629460) | patch
xen: CFI hardening for notifier callbacks
authorAndrew Cooper <andrew.cooper3@citrix.com>
Fri, 29 Oct 2021 09:11:55 +0000 (10:11 +0100)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Wed, 23 Feb 2022 15:33:43 +0000 (15:33 +0000)
commit22939d3c83da3f94c612b1f49f6f91f11ee3490d
tree18962674fed856960fa734442675283cd5d8c6a6tree | snapshot
parent7629460eeb8487de8a13fefe6b73716cc0cdeafecommit | diff
xen: CFI hardening for notifier callbacks

Control Flow Integrity schemes use toolchain and optionally hardware support
to help protect against call/jump/return oriented programming attacks.

Use cf_check to annotate function pointer targets for the toolchain.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
24 files changed:
xen/arch/x86/acpi/cpu_idle.c diff | blob | history
xen/arch/x86/cpu/mcheck/mce.c diff | blob | history
xen/arch/x86/cpu/mcheck/mce_intel.c diff | blob | history
xen/arch/x86/cpu/mwait-idle.c diff | blob | history
xen/arch/x86/cpu/vpmu.c diff | blob | history
xen/arch/x86/genapic/x2apic.c diff | blob | history
xen/arch/x86/hvm/hvm.c diff | blob | history
xen/arch/x86/nmi.c diff | blob | history
xen/arch/x86/percpu.c diff | blob | history
xen/arch/x86/psr.c diff | blob | history
xen/arch/x86/smpboot.c diff | blob | history
xen/common/debugtrace.c diff | blob | history
xen/common/kexec.c diff | blob | history
xen/common/livepatch.c diff | blob | history
xen/common/rcupdate.c diff | blob | history
xen/common/sched/core.c diff | blob | history
xen/common/sched/cpupool.c diff | blob | history
xen/common/stop_machine.c diff | blob | history
xen/common/tasklet.c diff | blob | history
xen/common/timer.c diff | blob | history
xen/common/trace.c diff | blob | history
xen/drivers/cpufreq/cpufreq.c diff | blob | history
xen/drivers/cpufreq/cpufreq_misc_governors.c diff | blob | history
xen/drivers/passthrough/x86/hvm.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.