[PATCH 08/15] x86/extable: Do not mark exception callback as CFI

From: Sami Tolvanen
Date: Fri Apr 16 2021 - 16:39:29 EST


From: Kees Cook <keescook@xxxxxxxxxxxx>

The exception table entries are constructed out of a relative offset
and point to the actual function, not the CFI table entry. For now,
just mark the caller as not checking CFI. The failure is most visible
at boot with CONFIG_DEBUG_RODATA_TEST=y.

Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Signed-off-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx>
---
arch/x86/mm/extable.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/arch/x86/mm/extable.c b/arch/x86/mm/extable.c
index b93d6cd08a7f..a7eae1c4c59f 100644
--- a/arch/x86/mm/extable.c
+++ b/arch/x86/mm/extable.c
@@ -155,6 +155,7 @@ enum handler_type ex_get_fault_handler_type(unsigned long ip)
return EX_HANDLER_OTHER;
}

+__nocfi
int fixup_exception(struct pt_regs *regs, int trapnr, unsigned long error_code,
unsigned long fault_addr)
{
--
2.31.1.368.gbe11c130af-goog