Commit 590e8a08 authored by Mark Rutland's avatar Mark Rutland Committed by Kees Cook
Browse files

CFI: Move function_nocfi() into compiler.h 



Currently the common definition of function_nocfi() is provided by
<linux/mm.h>, and architectures are expected to provide a definition in
<asm/memory.h>. Due to header dependencies, this can make it hard to use
function_nocfi() in low-level headers.

As function_nocfi() has no dependency on any mm code, nor on any memory
definitions, it doesn't need to live in <linux/mm.h> or <asm/memory.h>.
Generally, it would make more sense for it to live in
<linux/compiler.h>, where an architecture can override it in
<asm/compiler.h>.

Move the definitions accordingly.

Signed-off-by: default avatarMark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Nathan Chancellor <nathan@kernel.org>
Cc: Sami Tolvanen <samitolvanen@google.com>
Cc: Will Deacon <will@kernel.org>
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20210602153701.35957-1-mark.rutland@arm.com
parent 3f1639f8

arch/arm64/include/asm/compiler.h

+16 −0
Original line number Diff line number Diff line
@@ -23,4 +23,20 @@ 
#define __builtin_return_address(val)					\

	(void *)(ptrauth_clear_pac((unsigned long)__builtin_return_address(val)))



#ifdef CONFIG_CFI_CLANG

/*

 * With CONFIG_CFI_CLANG, the compiler replaces function address

 * references with the address of the function's CFI jump table

 * entry. The function_nocfi macro always returns the address of the

 * actual function instead.

 */

#define function_nocfi(x) ({						\

	void *addr;							\

	asm("adrp %0, " __stringify(x) "\n\t"				\

	    "add  %0, %0, :lo12:" __stringify(x)			\

	    : "=r" (addr));						\

	addr;								\

})

#endif



#endif /* __ASM_COMPILER_H */

arch/arm64/include/asm/memory.h

+0 −16
Original line number Diff line number Diff line
@@ -323,22 +323,6 @@ static inline void *phys_to_virt(phys_addr_t x) 
#define virt_to_pfn(x)		__phys_to_pfn(__virt_to_phys((unsigned long)(x)))

#define sym_to_pfn(x)		__phys_to_pfn(__pa_symbol(x))



#ifdef CONFIG_CFI_CLANG

/*

 * With CONFIG_CFI_CLANG, the compiler replaces function address

 * references with the address of the function's CFI jump table

 * entry. The function_nocfi macro always returns the address of the

 * actual function instead.

 */

#define function_nocfi(x) ({						\

	void *addr;							\

	asm("adrp %0, " __stringify(x) "\n\t"				\

	    "add  %0, %0, :lo12:" __stringify(x)			\

	    : "=r" (addr));						\

	addr;								\

})

#endif



/*

 *  virt_to_page(x)	convert a _valid_ virtual address to struct page *

 *  virt_addr_valid(x)	indicates whether a virtual address is valid

include/linux/compiler.h

+10 −0
Original line number Diff line number Diff line
@@ -213,6 +213,16 @@ void ftrace_likely_update(struct ftrace_likely_data *f, int val, 
	__v;								\

})



/*

 * With CONFIG_CFI_CLANG, the compiler replaces function addresses in

 * instrumented C code with jump table addresses. Architectures that

 * support CFI can define this macro to return the actual function address

 * when needed.

 */

#ifndef function_nocfi

#define function_nocfi(x) (x)

#endif



#endif /* __KERNEL__ */



/*

include/linux/mm.h

+0 −10
Original line number Diff line number Diff line
@@ -124,16 +124,6 @@ extern int mmap_rnd_compat_bits __read_mostly; 
#define lm_alias(x)	__va(__pa_symbol(x))

#endif



/*

 * With CONFIG_CFI_CLANG, the compiler replaces function addresses in

 * instrumented C code with jump table addresses. Architectures that

 * support CFI can define this macro to return the actual function address

 * when needed.

 */

#ifndef function_nocfi

#define function_nocfi(x) (x)

#endif



/*

 * To prevent common memory management code establishing

 * a zero page mapping on a read fault.