[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen master] xen/hypfs: CFI hardening



commit 0cccb0416e5480822a54bd74066f73c14238b168
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Fri Oct 29 15:42:42 2021 +0100
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Wed Feb 23 15:33:43 2022 +0000

    xen/hypfs: CFI hardening
    
    Control Flow Integrity schemes use toolchain and optionally hardware support
    to help protect against call/jump/return oriented programming attacks.
    
    Use cf_check to annotate function pointer targets for the toolchain.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Juergen Gross <jgross@xxxxxxxx>
---
 xen/common/hypfs.c         | 57 +++++++++++++++++++++++-----------------------
 xen/common/sched/cpupool.c | 25 ++++++++++----------
 xen/include/xen/hypfs.h    | 49 +++++++++++++++++++--------------------
 3 files changed, 65 insertions(+), 66 deletions(-)

diff --git a/xen/common/hypfs.c b/xen/common/hypfs.c
index 1526bcc528..0d22396f5d 100644
--- a/xen/common/hypfs.c
+++ b/xen/common/hypfs.c
@@ -113,12 +113,13 @@ static void hypfs_unlock(void)
     }
 }
 
-const struct hypfs_entry *hypfs_node_enter(const struct hypfs_entry *entry)
+const struct hypfs_entry *cf_check hypfs_node_enter(
+    const struct hypfs_entry *entry)
 {
     return entry;
 }
 
-void hypfs_node_exit(const struct hypfs_entry *entry)
+void cf_check hypfs_node_exit(const struct hypfs_entry *entry)
 {
 }
 
@@ -289,16 +290,14 @@ static int hypfs_get_path_user(char *buf,
     return 0;
 }
 
-struct hypfs_entry *hypfs_leaf_findentry(const struct hypfs_entry_dir *dir,
-                                         const char *name,
-                                         unsigned int name_len)
+struct hypfs_entry *cf_check hypfs_leaf_findentry(
+    const struct hypfs_entry_dir *dir, const char *name, unsigned int name_len)
 {
     return ERR_PTR(-ENOTDIR);
 }
 
-struct hypfs_entry *hypfs_dir_findentry(const struct hypfs_entry_dir *dir,
-                                        const char *name,
-                                        unsigned int name_len)
+struct hypfs_entry *cf_check hypfs_dir_findentry(
+    const struct hypfs_entry_dir *dir, const char *name, unsigned int name_len)
 {
     struct hypfs_entry *entry;
 
@@ -360,7 +359,7 @@ static struct hypfs_entry *hypfs_get_entry(const char *path)
     return hypfs_get_entry_rel(&hypfs_root, path + 1);
 }
 
-unsigned int hypfs_getsize(const struct hypfs_entry *entry)
+unsigned int cf_check hypfs_getsize(const struct hypfs_entry *entry)
 {
     return entry->size;
 }
@@ -396,7 +395,7 @@ int hypfs_read_dyndir_id_entry(const struct hypfs_entry_dir 
*template,
     return 0;
 }
 
-static const struct hypfs_entry *hypfs_dyndir_enter(
+static const struct hypfs_entry *cf_check hypfs_dyndir_enter(
     const struct hypfs_entry *entry)
 {
     const struct hypfs_dyndir_id *data;
@@ -407,7 +406,7 @@ static const struct hypfs_entry *hypfs_dyndir_enter(
     return data->template->e.funcs->enter(&data->template->e);
 }
 
-static struct hypfs_entry *hypfs_dyndir_findentry(
+static struct hypfs_entry *cf_check hypfs_dyndir_findentry(
     const struct hypfs_entry_dir *dir, const char *name, unsigned int name_len)
 {
     const struct hypfs_dyndir_id *data;
@@ -418,8 +417,8 @@ static struct hypfs_entry *hypfs_dyndir_findentry(
     return data->template->e.funcs->findentry(data->template, name, name_len);
 }
 
-static int hypfs_read_dyndir(const struct hypfs_entry *entry,
-                             XEN_GUEST_HANDLE_PARAM(void) uaddr)
+static int cf_check hypfs_read_dyndir(
+    const struct hypfs_entry *entry, XEN_GUEST_HANDLE_PARAM(void) uaddr)
 {
     const struct hypfs_dyndir_id *data;
 
@@ -463,8 +462,8 @@ unsigned int hypfs_dynid_entry_size(const struct 
hypfs_entry *template,
     return DIRENTRY_SIZE(snprintf(NULL, 0, template->name, id));
 }
 
-int hypfs_read_dir(const struct hypfs_entry *entry,
-                   XEN_GUEST_HANDLE_PARAM(void) uaddr)
+int cf_check hypfs_read_dir(const struct hypfs_entry *entry,
+                            XEN_GUEST_HANDLE_PARAM(void) uaddr)
 {
     const struct hypfs_entry_dir *d;
     const struct hypfs_entry *e;
@@ -510,8 +509,8 @@ int hypfs_read_dir(const struct hypfs_entry *entry,
     return 0;
 }
 
-int hypfs_read_leaf(const struct hypfs_entry *entry,
-                    XEN_GUEST_HANDLE_PARAM(void) uaddr)
+int cf_check hypfs_read_leaf(
+    const struct hypfs_entry *entry, XEN_GUEST_HANDLE_PARAM(void) uaddr)
 {
     const struct hypfs_entry_leaf *l;
     unsigned int size = entry->funcs->getsize(entry);
@@ -555,9 +554,9 @@ static int hypfs_read(const struct hypfs_entry *entry,
     return ret;
 }
 
-int hypfs_write_leaf(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
-                     unsigned int ulen)
+int cf_check hypfs_write_leaf(
+    struct hypfs_entry_leaf *leaf, XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+    unsigned int ulen)
 {
     char *buf;
     int ret;
@@ -596,9 +595,9 @@ int hypfs_write_leaf(struct hypfs_entry_leaf *leaf,
     return ret;
 }
 
-int hypfs_write_bool(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
-                     unsigned int ulen)
+int cf_check hypfs_write_bool(
+    struct hypfs_entry_leaf *leaf, XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+    unsigned int ulen)
 {
     bool buf;
 
@@ -618,9 +617,9 @@ int hypfs_write_bool(struct hypfs_entry_leaf *leaf,
     return 0;
 }
 
-int hypfs_write_custom(struct hypfs_entry_leaf *leaf,
-                       XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
-                       unsigned int ulen)
+int cf_check hypfs_write_custom(
+    struct hypfs_entry_leaf *leaf, XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+    unsigned int ulen)
 {
     struct param_hypfs *p;
     char *buf;
@@ -653,9 +652,9 @@ int hypfs_write_custom(struct hypfs_entry_leaf *leaf,
     return ret;
 }
 
-int hypfs_write_deny(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
-                     unsigned int ulen)
+int cf_check hypfs_write_deny(
+    struct hypfs_entry_leaf *leaf, XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+    unsigned int ulen)
 {
     return -EACCES;
 }
diff --git a/xen/common/sched/cpupool.c b/xen/common/sched/cpupool.c
index b9d4babd0d..07f984a659 100644
--- a/xen/common/sched/cpupool.c
+++ b/xen/common/sched/cpupool.c
@@ -1026,8 +1026,8 @@ static struct notifier_block cpu_nfb = {
 
 static HYPFS_DIR_INIT(cpupool_pooldir, "%u");
 
-static int cpupool_dir_read(const struct hypfs_entry *entry,
-                            XEN_GUEST_HANDLE_PARAM(void) uaddr)
+static int cf_check cpupool_dir_read(
+    const struct hypfs_entry *entry, XEN_GUEST_HANDLE_PARAM(void) uaddr)
 {
     int ret = 0;
     struct cpupool *c;
@@ -1050,7 +1050,8 @@ static int cpupool_dir_read(const struct hypfs_entry 
*entry,
     return ret;
 }
 
-static unsigned int cpupool_dir_getsize(const struct hypfs_entry *entry)
+static unsigned int cf_check cpupool_dir_getsize(
+    const struct hypfs_entry *entry)
 {
     const struct cpupool *c;
     unsigned int size = 0;
@@ -1061,7 +1062,7 @@ static unsigned int cpupool_dir_getsize(const struct 
hypfs_entry *entry)
     return size;
 }
 
-static const struct hypfs_entry *cpupool_dir_enter(
+static const struct hypfs_entry *cf_check cpupool_dir_enter(
     const struct hypfs_entry *entry)
 {
     struct hypfs_dyndir_id *data;
@@ -1076,14 +1077,14 @@ static const struct hypfs_entry *cpupool_dir_enter(
     return entry;
 }
 
-static void cpupool_dir_exit(const struct hypfs_entry *entry)
+static void cf_check cpupool_dir_exit(const struct hypfs_entry *entry)
 {
     spin_unlock(&cpupool_lock);
 
     hypfs_free_dyndata();
 }
 
-static struct hypfs_entry *cpupool_dir_findentry(
+static struct hypfs_entry *cf_check cpupool_dir_findentry(
     const struct hypfs_entry_dir *dir, const char *name, unsigned int name_len)
 {
     unsigned long id;
@@ -1102,8 +1103,8 @@ static struct hypfs_entry *cpupool_dir_findentry(
     return hypfs_gen_dyndir_id_entry(&cpupool_pooldir, id, cpupool);
 }
 
-static int cpupool_gran_read(const struct hypfs_entry *entry,
-                             XEN_GUEST_HANDLE_PARAM(void) uaddr)
+static int cf_check cpupool_gran_read(
+    const struct hypfs_entry *entry, XEN_GUEST_HANDLE_PARAM(void) uaddr)
 {
     const struct hypfs_dyndir_id *data;
     const struct cpupool *cpupool;
@@ -1121,7 +1122,7 @@ static int cpupool_gran_read(const struct hypfs_entry 
*entry,
     return copy_to_guest(uaddr, gran, strlen(gran) + 1) ? -EFAULT : 0;
 }
 
-static unsigned int hypfs_gran_getsize(const struct hypfs_entry *entry)
+static unsigned int cf_check hypfs_gran_getsize(const struct hypfs_entry 
*entry)
 {
     const struct hypfs_dyndir_id *data;
     const struct cpupool *cpupool;
@@ -1136,9 +1137,9 @@ static unsigned int hypfs_gran_getsize(const struct 
hypfs_entry *entry)
     return strlen(gran) + 1;
 }
 
-static int cpupool_gran_write(struct hypfs_entry_leaf *leaf,
-                              XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
-                              unsigned int ulen)
+static int cf_check cpupool_gran_write(
+    struct hypfs_entry_leaf *leaf, XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+    unsigned int ulen)
 {
     const struct hypfs_dyndir_id *data;
     struct cpupool *cpupool;
diff --git a/xen/include/xen/hypfs.h b/xen/include/xen/hypfs.h
index e9d4c2555b..1b65a9188c 100644
--- a/xen/include/xen/hypfs.h
+++ b/xen/include/xen/hypfs.h
@@ -168,31 +168,30 @@ void hypfs_add_dyndir(struct hypfs_entry_dir *parent,
                       struct hypfs_entry_dir *template);
 int hypfs_add_leaf(struct hypfs_entry_dir *parent,
                    struct hypfs_entry_leaf *leaf, bool nofault);
-const struct hypfs_entry *hypfs_node_enter(const struct hypfs_entry *entry);
-void hypfs_node_exit(const struct hypfs_entry *entry);
-int hypfs_read_dir(const struct hypfs_entry *entry,
-                   XEN_GUEST_HANDLE_PARAM(void) uaddr);
-int hypfs_read_leaf(const struct hypfs_entry *entry,
-                    XEN_GUEST_HANDLE_PARAM(void) uaddr);
-int hypfs_write_deny(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
-                     unsigned int ulen);
-int hypfs_write_leaf(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
-                     unsigned int ulen);
-int hypfs_write_bool(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
-                     unsigned int ulen);
-int hypfs_write_custom(struct hypfs_entry_leaf *leaf,
-                       XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
-                       unsigned int ulen);
-unsigned int hypfs_getsize(const struct hypfs_entry *entry);
-struct hypfs_entry *hypfs_leaf_findentry(const struct hypfs_entry_dir *dir,
-                                         const char *name,
-                                         unsigned int name_len);
-struct hypfs_entry *hypfs_dir_findentry(const struct hypfs_entry_dir *dir,
-                                        const char *name,
-                                        unsigned int name_len);
+const struct hypfs_entry *cf_check hypfs_node_enter(
+    const struct hypfs_entry *entry);
+void cf_check hypfs_node_exit(const struct hypfs_entry *entry);
+int cf_check hypfs_read_dir(const struct hypfs_entry *entry,
+                            XEN_GUEST_HANDLE_PARAM(void) uaddr);
+int cf_check hypfs_read_leaf(const struct hypfs_entry *entry,
+                             XEN_GUEST_HANDLE_PARAM(void) uaddr);
+int cf_check hypfs_write_deny(struct hypfs_entry_leaf *leaf,
+                              XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                              unsigned int ulen);
+int cf_check hypfs_write_leaf(struct hypfs_entry_leaf *leaf,
+                              XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                              unsigned int ulen);
+int cf_check hypfs_write_bool(struct hypfs_entry_leaf *leaf,
+                              XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                              unsigned int ulen);
+int cf_check hypfs_write_custom(struct hypfs_entry_leaf *leaf,
+                                XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                                unsigned int ulen);
+unsigned int cf_check hypfs_getsize(const struct hypfs_entry *entry);
+struct hypfs_entry *cf_check hypfs_leaf_findentry(
+    const struct hypfs_entry_dir *dir, const char *name, unsigned int 
name_len);
+struct hypfs_entry *cf_check hypfs_dir_findentry(
+    const struct hypfs_entry_dir *dir, const char *name, unsigned int 
name_len);
 void *hypfs_alloc_dyndata(unsigned long size);
 #define hypfs_alloc_dyndata(type) ((type *)hypfs_alloc_dyndata(sizeof(type)))
 void *hypfs_get_dyndata(void);
--
generated by git-patchbot for /home/xen/git/xen.git#master



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.