projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ed907a0) | patch
x86/emul: CFI hardening
authorAndrew Cooper <andrew.cooper3@citrix.com>
Fri, 29 Oct 2021 16:28:04 +0000 (17:28 +0100)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Wed, 23 Feb 2022 15:33:43 +0000 (15:33 +0000)
commitd5905b4ddea8f4e023be7c2ed89747b82a3766cd
tree88e9178af68f86a187dd37441102f3243a807911tree | snapshot
parented907a02148f372c7ae918234d1d6c08c1b8ac4acommit | diff
x86/emul: CFI hardening

Control Flow Integrity schemes use toolchain and optionally hardware support
to help protect against call/jump/return oriented programming attacks.

Use cf_check to annotate function pointer targets for the toolchain.

pv_emul_is_mem_write() is only used in a single file.  Move it out of its
header file, so it doesn't risk being duplicated in multiple translation
units.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
14 files changed:
xen/arch/x86/hvm/emulate.c diff | blob | history
xen/arch/x86/hvm/hvm.c diff | blob | history
xen/arch/x86/hvm/svm/svm.c diff | blob | history
xen/arch/x86/include/asm/hvm/emulate.h diff | blob | history
xen/arch/x86/include/asm/mm.h diff | blob | history
xen/arch/x86/mm.c diff | blob | history
xen/arch/x86/mm/shadow/hvm.c diff | blob | history
xen/arch/x86/pv/emul-gate-op.c diff | blob | history
xen/arch/x86/pv/emul-priv-op.c diff | blob | history
xen/arch/x86/pv/emulate.h diff | blob | history
xen/arch/x86/pv/ro-page-fault.c diff | blob | history
xen/arch/x86/x86_emulate.c diff | blob | history
xen/arch/x86/x86_emulate/x86_emulate.c diff | blob | history
xen/arch/x86/x86_emulate/x86_emulate.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.