projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 69f14d2) | patch
xen/keyhandler: CFI hardening
authorAndrew Cooper <andrew.cooper3@citrix.com>
Thu, 28 Oct 2021 10:18:45 +0000 (11:18 +0100)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Wed, 23 Feb 2022 15:33:43 +0000 (15:33 +0000)
commitef0434ae38030d0a002805c72f5c2819c20d9dcc
treefd890757ea18e9a123f2ec1cca382b5bf8641c1ctree | snapshot
parent69f14d2ad9f7b23cdf2aad3b907b06c7f94cffabcommit | diff
xen/keyhandler: CFI hardening

Control Flow Integrity schemes use toolchain and optionally hardware support
to help protect against call/jump/return oriented programming attacks.

Use cf_check to annotate function pointer targets for the toolchain.

Tweak {IRQ_,}KEYHANDLER() to use a named initialiser instead of requiring a
pointer cast to compile in the IRQ case.

Reposition iommu_dump_page_tables() to avoid a forward declaration.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
33 files changed:
xen/arch/x86/acpi/cpu_idle.c diff | blob | history
xen/arch/x86/hvm/irq.c diff | blob | history
xen/arch/x86/hvm/svm/vmcb.c diff | blob | history
xen/arch/x86/hvm/vmx/vmcs.c diff | blob | history
xen/arch/x86/io_apic.c diff | blob | history
xen/arch/x86/irq.c diff | blob | history
xen/arch/x86/mm/p2m-ept.c diff | blob | history
xen/arch/x86/mm/shadow/common.c diff | blob | history
xen/arch/x86/msi.c diff | blob | history
xen/arch/x86/nmi.c diff | blob | history
xen/arch/x86/numa.c diff | blob | history
xen/arch/x86/time.c diff | blob | history
xen/common/debugtrace.c diff | blob | history
xen/common/event_channel.c diff | blob | history
xen/common/grant_table.c diff | blob | history
xen/common/kexec.c diff | blob | history
xen/common/keyhandler.c diff | blob | history
xen/common/livepatch.c diff | blob | history
xen/common/page_alloc.c diff | blob | history
xen/common/perfc.c diff | blob | history
xen/common/sched/cpupool.c diff | blob | history
xen/common/spinlock.c diff | blob | history
xen/common/timer.c diff | blob | history
xen/drivers/char/console.c diff | blob | history
xen/drivers/passthrough/amd/iommu.h diff | blob | history
xen/drivers/passthrough/amd/iommu_intr.c diff | blob | history
xen/drivers/passthrough/iommu.c diff | blob | history
xen/drivers/passthrough/pci.c diff | blob | history
xen/drivers/passthrough/vtd/extern.h diff | blob | history
xen/drivers/passthrough/vtd/utils.c diff | blob | history
xen/include/xen/perfc.h diff | blob | history
xen/include/xen/sched.h diff | blob | history
xen/include/xen/spinlock.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.