Re: [PATCH 17/17] arm64: allow CONFIG_CFI_CLANG to be selected

From: Kees Cook
Date: Tue Mar 16 2021 - 19:03:36 EST

Next message: Andrii Nakryiko: "Re: [PATCH bpf-next 3/5] libbpf: Initialize the bpf_seq_printf parameters array field by field"
Previous message: patchwork-bot+netdevbpf: "Re: [PATCH] selftests/bpf: fix warning comparing pointer to 0"
In reply to: Sami Tolvanen: "Re: [PATCH 17/17] arm64: allow CONFIG_CFI_CLANG to be selected"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Mar 16, 2021 at 01:44:33PM -0700, Sami Tolvanen wrote:
> On Thu, Mar 11, 2021 at 6:51 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> >
> > On Thu, Mar 11, 2021 at 04:49:19PM -0800, Sami Tolvanen wrote:
> > > Select ARCH_SUPPORTS_CFI_CLANG to allow CFI to be enabled.
> > >
> > > Signed-off-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx>
> >
> > Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
> >
> > Random thought: the vDSO doesn't need special handling because it
> > doesn't make any indirect calls, yes?
>
> That might be true, but we also filter out CC_FLAGS_LTO for the vDSO,
> which disables CFI as well.

Oh right! That would do it. :)

--
Kees Cook

Next message: Andrii Nakryiko: "Re: [PATCH bpf-next 3/5] libbpf: Initialize the bpf_seq_printf parameters array field by field"
Previous message: patchwork-bot+netdevbpf: "Re: [PATCH] selftests/bpf: fix warning comparing pointer to 0"
In reply to: Sami Tolvanen: "Re: [PATCH 17/17] arm64: allow CONFIG_CFI_CLANG to be selected"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]