Commit c50d3285 authored by Sami Tolvanen's avatar Sami Tolvanen Committed by Kees Cook
Browse files

arm64: Add types to indirect called assembly functions 



With CONFIG_CFI_CLANG, assembly functions indirectly called from C
code must be annotated with type identifiers to pass CFI checking. Use
SYM_TYPED_FUNC_START for the indirectly called functions, and ensure
we emit `bti c` also with SYM_TYPED_FUNC_START.

Signed-off-by: default avatarSami Tolvanen <samitolvanen@google.com>
Reviewed-by: default avatarKees Cook <keescook@chromium.org>
Tested-by: default avatarKees Cook <keescook@chromium.org>
Tested-by: default avatarNathan Chancellor <nathan@kernel.org>
Acked-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220908215504.3686827-10-samitolvanen@google.com
parent 44f665b6

arch/arm64/crypto/ghash-ce-core.S

+3 −2
Original line number Diff line number Diff line
@@ -6,6 +6,7 @@ 
 */



#include <linux/linkage.h>

#include <linux/cfi_types.h>

#include <asm/assembler.h>



	SHASH		.req	v0
@@ -350,11 +351,11 @@ CPU_LE( rev64 T1.16b, T1.16b ) 
	 * void pmull_ghash_update(int blocks, u64 dg[], const char *src,

	 *			   struct ghash_key const *k, const char *head)

	 */

SYM_FUNC_START(pmull_ghash_update_p64)

SYM_TYPED_FUNC_START(pmull_ghash_update_p64)

	__pmull_ghash	p64

SYM_FUNC_END(pmull_ghash_update_p64)



SYM_FUNC_START(pmull_ghash_update_p8)

SYM_TYPED_FUNC_START(pmull_ghash_update_p8)

	__pmull_ghash	p8

SYM_FUNC_END(pmull_ghash_update_p8)

arch/arm64/crypto/sm3-ce-core.S

+2 −1
Original line number Diff line number Diff line
@@ -6,6 +6,7 @@ 
 */



#include <linux/linkage.h>

#include <linux/cfi_types.h>

#include <asm/assembler.h>



	.irp		b, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12
@@ -73,7 +74,7 @@ 
	 *                       int blocks)

	 */

	.text

SYM_FUNC_START(sm3_ce_transform)

SYM_TYPED_FUNC_START(sm3_ce_transform)

	/* load state */

	ld1		{v8.4s-v9.4s}, [x0]

	rev64		v8.4s, v8.4s

arch/arm64/include/asm/linkage.h

+4 −0
Original line number Diff line number Diff line
@@ -39,4 +39,8 @@ 
	SYM_START(name, SYM_L_WEAK, SYM_A_NONE)		\

	bti c ;



#define SYM_TYPED_FUNC_START(name)				\

	SYM_TYPED_START(name, SYM_L_GLOBAL, SYM_A_ALIGN)	\

	bti c ;



#endif

arch/arm64/kernel/cpu-reset.S

+3 −2
Original line number Diff line number Diff line
@@ -8,6 +8,7 @@ 
 */



#include <linux/linkage.h>

#include <linux/cfi_types.h>

#include <asm/assembler.h>

#include <asm/sysreg.h>

#include <asm/virt.h>
@@ -28,7 +29,7 @@ 
 * branch to what would be the reset vector. It must be executed with the

 * flat identity mapping.

 */

SYM_CODE_START(cpu_soft_restart)

SYM_TYPED_FUNC_START(cpu_soft_restart)

	mov_q	x12, INIT_SCTLR_EL1_MMU_OFF

	pre_disable_mmu_workaround

	/*
@@ -47,6 +48,6 @@ SYM_CODE_START(cpu_soft_restart) 
	mov	x1, x3				// arg1

	mov	x2, x4				// arg2

	br	x8

SYM_CODE_END(cpu_soft_restart)

SYM_FUNC_END(cpu_soft_restart)



.popsection

arch/arm64/mm/proc.S

+3 −2
Original line number Diff line number Diff line
@@ -10,6 +10,7 @@ 
#include <linux/init.h>

#include <linux/linkage.h>

#include <linux/pgtable.h>

#include <linux/cfi_types.h>

#include <asm/assembler.h>

#include <asm/asm-offsets.h>

#include <asm/asm_pointer_auth.h>
@@ -185,7 +186,7 @@ SYM_FUNC_END(cpu_do_resume) 
 * This is the low-level counterpart to cpu_replace_ttbr1, and should not be

 * called by anything else. It can only be executed from a TTBR0 mapping.

 */

SYM_FUNC_START(idmap_cpu_replace_ttbr1)

SYM_TYPED_FUNC_START(idmap_cpu_replace_ttbr1)

	save_and_disable_daif flags=x2



	__idmap_cpu_set_reserved_ttbr1 x1, x3
@@ -253,7 +254,7 @@ SYM_FUNC_END(idmap_cpu_replace_ttbr1) 
SYM_DATA(__idmap_kpti_flag, .long 1)

	.popsection



SYM_FUNC_START(idmap_kpti_install_ng_mappings)

SYM_TYPED_FUNC_START(idmap_kpti_install_ng_mappings)

	cpu		.req	w0

	temp_pte	.req	x0

	num_cpus	.req	w1