Merge tag 'hardening-v6.18-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull hardening fixes from Kees Cook:
"This is a work-around for a (now fixed) corner case in the arm32 build
with Clang KCFI enabled.

- Introduce __nocfi_generic for arm32 Clang (Nathan Chancellor)"

* tag 'hardening-v6.18-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
libeth: xdp: Disable generic kCFI pass for libeth_xdp_tx_xmit_bulk()
ARM: Select ARCH_USES_CFI_GENERIC_LLVM_PASS
compiler_types: Introduce __nocfi_generic

Linus Torvalds 4 months ago c90841db c2c2ccfd

+16 -1

4 changed files

expand all

arch

Kconfig

arm

Kconfig

include

linux

compiler_types.h

net

libeth

xdp.h

arch/Kconfig

··· 917 917 An architecture should select this option if it requires the 918 918 .kcfi_traps section for KCFI trap handling. 919 919 920 + config ARCH_USES_CFI_GENERIC_LLVM_PASS 921 + bool 922 + help 923 + An architecture should select this option if it uses the generic 924 + KCFIPass in LLVM to expand kCFI bundles instead of architecture-specific 925 + lowering. 926 + 920 927 config CFI 921 928 bool "Use Kernel Control Flow Integrity (kCFI)" 922 929 default CFI_CLANG

arch/arm/Kconfig

··· 44 44 select ARCH_USE_BUILTIN_BSWAP 45 45 select ARCH_USE_CMPXCHG_LOCKREF 46 46 select ARCH_USE_MEMTEST 47 + # https://github.com/llvm/llvm-project/commit/d130f402642fba3d065aacb506cb061c899558de 48 + select ARCH_USES_CFI_GENERIC_LLVM_PASS if CLANG_VERSION < 220000 47 49 select ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT if MMU 48 50 select ARCH_WANT_GENERAL_HUGETLB 49 51 select ARCH_WANT_IPC_PARSE_VERSION

include/linux/compiler_types.h

··· 461 461 # define __nocfi 462 462 #endif 463 463 464 + #if defined(CONFIG_ARCH_USES_CFI_GENERIC_LLVM_PASS) 465 + # define __nocfi_generic __nocfi 466 + #else 467 + # define __nocfi_generic 468 + #endif 469 + 464 470 /* 465 471 * Any place that could be marked with the "alloc_size" attribute is also 466 472 * a place to be marked with the "malloc" attribute, except those that may

+1 -1

include/net/libeth/xdp.h

··· 513 513 * can't fail, but can send less frames if there's no enough free descriptors 514 514 * available. The actual free space is returned by @prep from the driver. 515 515 */ 516 - static __always_inline u32 516 + static __always_inline __nocfi_generic u32 517 517 libeth_xdp_tx_xmit_bulk(const struct libeth_xdp_tx_frame *bulk, void *xdpsq, 518 518 u32 n, bool unroll, u64 priv, 519 519 u32 (*prep)(void *xdpsq, struct libeth_xdpsq *sq),