Re: [PATCH v3 01/10] x86/cfi: Add warn option

From: Kees Cook
Date: Wed Feb 19 2025 - 12:51:06 EST

Next message: Anna Schumaker: "Re: [RESEND PATCH][next] fs: nfs: acl: Avoid -Wflex-array-member-not-at-end warning"
Previous message: Manivannan Sadhasivam: "Re: [PATCH] tty: owl-uart: fix call balance of owl_port->clk handling routines"
In reply to: Peter Zijlstra: "[PATCH v3 01/10] x86/cfi: Add warn option"
Next in thread: Peter Zijlstra: "Re: [PATCH v3 01/10] x86/cfi: Add warn option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 19, 2025 at 05:21:08PM +0100, Peter Zijlstra wrote:
> Rebuilding with CFI_PERMISSIVE toggled is such a pain, esp. since
> clang is so slow.

This seems too complex; report_cfi_failure() already has the fail/warn
logic test. I would have expected cfi_warn to take CONFIG_CFI_PERMISSIVE
as a default instead, like:

+bool cfi_warn __ro_after_init = IS_ENABLED(CONFIG_CFI_PERMISSIVE);

and then just replace report_cfi_failure()'s check of
CONFIG_CFI_PERMISSIVE with cfi_warn:

- if (IS_ENABLED(CONFIG_CFI_PERMISSIVE)) {
+ if (cfi_warn) {

-Kees

(I do worry about data-only attacks going after page tables and flipping
pages to r/w and changing cfi_warn to 1, but that's probably on the same
order of difficulty as targeting the cfi handler function itself. Hmpf.)

--
Kees Cook

Next message: Anna Schumaker: "Re: [RESEND PATCH][next] fs: nfs: acl: Avoid -Wflex-array-member-not-at-end warning"
Previous message: Manivannan Sadhasivam: "Re: [PATCH] tty: owl-uart: fix call balance of owl_port->clk handling routines"
In reply to: Peter Zijlstra: "[PATCH v3 01/10] x86/cfi: Add warn option"
Next in thread: Peter Zijlstra: "Re: [PATCH v3 01/10] x86/cfi: Add warn option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]