[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen master] x86/mtrr: CFI hardening
commit 142923eaaf71f6cf38053da13c6dba598aff8839 Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> AuthorDate: Thu Oct 28 13:48:54 2021 +0100 Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> CommitDate: Wed Feb 23 15:33:43 2022 +0000 x86/mtrr: CFI hardening Control Flow Integrity schemes use toolchain and optionally hardware support to help protect against call/jump/return oriented programming attacks. Use cf_check to annotate function pointer targets for the toolchain. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Acked-by: Jan Beulich <jbeulich@xxxxxxxx> --- xen/arch/x86/cpu/mtrr/generic.c | 18 ++++++++++-------- xen/arch/x86/cpu/mtrr/mtrr.h | 8 ++++---- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/xen/arch/x86/cpu/mtrr/generic.c b/xen/arch/x86/cpu/mtrr/generic.c index 7cf4cd01f3..47aaf76226 100644 --- a/xen/arch/x86/cpu/mtrr/generic.c +++ b/xen/arch/x86/cpu/mtrr/generic.c @@ -287,7 +287,8 @@ static void set_fixed_range(int msr, bool *changed, unsigned int *msrwords) } } -int generic_get_free_region(unsigned long base, unsigned long size, int replace_reg) +int cf_check generic_get_free_region( + unsigned long base, unsigned long size, int replace_reg) /* [SUMMARY] Get a free MTRR. <base> The starting (base) address of the region. <size> The size (in bytes) of the region. @@ -309,8 +310,8 @@ int generic_get_free_region(unsigned long base, unsigned long size, int replace_ return -ENOSPC; } -static void generic_get_mtrr(unsigned int reg, unsigned long *base, - unsigned long *size, mtrr_type *type) +static void cf_check generic_get_mtrr( + unsigned int reg, unsigned long *base, unsigned long *size, mtrr_type *type) { uint64_t _mask, _base; @@ -499,7 +500,7 @@ static void post_set(bool pge) spin_unlock(&set_atomicity_lock); } -static void generic_set_all(void) +static void cf_check generic_set_all(void) { unsigned long mask, count; unsigned long flags; @@ -522,8 +523,8 @@ static void generic_set_all(void) } } -static void generic_set_mtrr(unsigned int reg, unsigned long base, - unsigned long size, mtrr_type type) +static void cf_check generic_set_mtrr( + unsigned int reg, unsigned long base, unsigned long size, mtrr_type type) /* [SUMMARY] Set variable MTRR register on the local CPU. <reg> The register to set. <base> The base address of the region. @@ -566,7 +567,8 @@ static void generic_set_mtrr(unsigned int reg, unsigned long base, local_irq_restore(flags); } -int generic_validate_add_page(unsigned long base, unsigned long size, unsigned int type) +int cf_check generic_validate_add_page( + unsigned long base, unsigned long size, unsigned int type) { unsigned long lbase, last; @@ -584,7 +586,7 @@ int generic_validate_add_page(unsigned long base, unsigned long size, unsigned i } -static int generic_have_wrcomb(void) +static int cf_check generic_have_wrcomb(void) { unsigned long config; rdmsrl(MSR_MTRRcap, config); diff --git a/xen/arch/x86/cpu/mtrr/mtrr.h b/xen/arch/x86/cpu/mtrr/mtrr.h index 9a406e6f61..c7fd44daab 100644 --- a/xen/arch/x86/cpu/mtrr/mtrr.h +++ b/xen/arch/x86/cpu/mtrr/mtrr.h @@ -24,10 +24,10 @@ struct mtrr_ops { int (*have_wrcomb)(void); }; -extern int generic_get_free_region(unsigned long base, unsigned long size, - int replace_reg); -extern int generic_validate_add_page(unsigned long base, unsigned long size, - unsigned int type); +int cf_check generic_get_free_region( + unsigned long base, unsigned long size, int replace_reg); +int cf_check generic_validate_add_page( + unsigned long base, unsigned long size, unsigned int type); extern const struct mtrr_ops generic_mtrr_ops; -- generated by git-patchbot for /home/xen/git/xen.git#master
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |