projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0cccb04) | patch
xen/tasklet: CFI hardening
authorAndrew Cooper <andrew.cooper3@citrix.com>
Thu, 28 Oct 2021 09:58:37 +0000 (10:58 +0100)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Wed, 23 Feb 2022 15:33:43 +0000 (15:33 +0000)
commit69f14d2ad9f7b23cdf2aad3b907b06c7f94cffab
tree3b9ed5b59da57670db7ede6a24d39c4c65328332tree | snapshot
parent0cccb0416e5480822a54bd74066f73c14238b168commit | diff
xen/tasklet: CFI hardening

Control Flow Integrity schemes use toolchain and optionally hardware support
to help protect against call/jump/return oriented programming attacks.

Use cf_check to annotate function pointer targets for the toolchain.

The function pointer cast in hvm_vcpu_initialise() is undefined behaviour.

While it happens to function correctly, it is not compatible with control flow
typechecking, so introduce a new hvm_assert_evtchn_irq_tasklet() to handle the
parameter type conversion in a legal way.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
13 files changed:
xen/arch/x86/hvm/hvm.c diff | blob | history
xen/arch/x86/hvm/vlapic.c diff | blob | history
xen/arch/x86/include/asm/shadow.h diff | blob | history
xen/arch/x86/mm/shadow/common.c diff | blob | history
xen/common/domain.c diff | blob | history
xen/common/keyhandler.c diff | blob | history
xen/common/livepatch.c diff | blob | history
xen/common/stop_machine.c diff | blob | history
xen/common/trace.c diff | blob | history
xen/drivers/char/console.c diff | blob | history
xen/drivers/passthrough/amd/iommu_guest.c diff | blob | history
xen/drivers/passthrough/amd/iommu_init.c diff | blob | history
xen/drivers/passthrough/vtd/iommu.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.