Re: [PATCH v2 08/14] x86/extable: Do not mark exception callback as CFI
From: Andy Lutomirski
Date: Thu Aug 26 2021 - 12:56:45 EST
On 8/23/21 10:13 AM, Sami Tolvanen wrote:
> From: Kees Cook <keescook@xxxxxxxxxxxx>
>
> The exception table entries are constructed out of a relative offset
> and point to the actual function, not the CFI table entry. For now,
> just mark the caller as not checking CFI
Does this *mark* the caller as not checking CFI or does it actually make
the caller stop checking CFI? What are the semantics of a __nocfi function?
> The failure is most visible
> at boot with CONFIG_DEBUG_RODATA_TEST=y.
What's the failure?
>
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> Signed-off-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx>
> ---
> arch/x86/mm/extable.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/arch/x86/mm/extable.c b/arch/x86/mm/extable.c
> index e1664e9f969c..d150d4d12d53 100644
> --- a/arch/x86/mm/extable.c
> +++ b/arch/x86/mm/extable.c
> @@ -155,6 +155,7 @@ enum handler_type ex_get_fault_handler_type(unsigned long ip)
> return EX_HANDLER_OTHER;
> }
>
> +__nocfi
> int fixup_exception(struct pt_regs *regs, int trapnr, unsigned long error_code,
> unsigned long fault_addr)
> {
>
This at least needs a comment explaining what's going on. But maybe it
could be fixed better by either having the extable entry resolve to the
magic CFI table entry (can this be done?) or by marking the actual
indirect call or the type of the variable through which the call is done
as being a non-CFI call.
--Andy