projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b158e72) | patch
x86/hvm: CFI hardening for device emulation
authorAndrew Cooper <andrew.cooper3@citrix.com>
Fri, 29 Oct 2021 17:40:17 +0000 (18:40 +0100)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Wed, 23 Feb 2022 15:33:43 +0000 (15:33 +0000)
commited907a02148f372c7ae918234d1d6c08c1b8ac4a
treef6efa04be86cb51eafdb23508410d22701dac210tree | snapshot
parentb158e72abe30821bcef8867387f350d290804edccommit | diff
x86/hvm: CFI hardening for device emulation

Control Flow Integrity schemes use toolchain and optionally hardware support
to help protect against call/jump/return oriented programming attacks.

Use cf_check to annotate function pointer targets for the toolchain.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
17 files changed:
xen/arch/x86/emul-i8254.c diff | blob | history
xen/arch/x86/hvm/emulate.c diff | blob | history
xen/arch/x86/hvm/hpet.c diff | blob | history
xen/arch/x86/hvm/hvm.c diff | blob | history
xen/arch/x86/hvm/intercept.c diff | blob | history
xen/arch/x86/hvm/io.c diff | blob | history
xen/arch/x86/hvm/ioreq.c diff | blob | history
xen/arch/x86/hvm/pmtimer.c diff | blob | history
xen/arch/x86/hvm/rtc.c diff | blob | history
xen/arch/x86/hvm/stdvga.c diff | blob | history
xen/arch/x86/hvm/svm/svm.c diff | blob | history
xen/arch/x86/hvm/vioapic.c diff | blob | history
xen/arch/x86/hvm/vlapic.c diff | blob | history
xen/arch/x86/hvm/vmsi.c diff | blob | history
xen/arch/x86/hvm/vpic.c diff | blob | history
xen/arch/x86/include/asm/hvm/vioapic.h diff | blob | history
xen/drivers/passthrough/amd/iommu_guest.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.