Re: [PATCH v2 0/6] Add support for Control-Flow Integrity

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 0/6] Add support for Control-Flow Integrity

From:	Eric Blake
Subject:	Re: [PATCH v2 0/6] Add support for Control-Flow Integrity
Date:	Fri, 23 Oct 2020 15:33:31 -0500
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.3.1

On 10/23/20 3:06 PM, Daniele Buono wrote:
> v2: Several months (and structural changes in QEMU) have passed since v1.
> While the spirit of the patch is similar, the implementation is changed
> in multiple points, and should address most if not all the comments
> received in v1.

> 5) Most of the logic to enable CFI goes in the configure, since it's
> just a matter of checking for dependencies and incompatible options.
> However, I had to disable CFI checks for a few TCG functions.
> This can only be done through a blacklist file. I added a file in the
> root of QEMU, called cfi-blacklist.txt for such purpose. I am open to
> suggestions on where the file should go, and I am willing to become the
> maintainer of it, if deemed necessary.

In the meantime, we have commits like:

commit b199c682f1f0aaee22b2170a5fb885250057eec2
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date:   Thu Sep 10 09:01:31 2020 +0200

    target/i386/kvm: Rename host_tsx_blacklisted() as host_tsx_broken()

    In order to use inclusive terminology, rename host_tsx_blacklisted()
    as host_tsx_broken().

which may help you in coming up with a more appropriate name for the new
file.

> 
>  MAINTAINERS                   |   5 +
>  accel/tcg/cpu-exec.c          |   9 ++
>  configure                     | 214 ++++++++++++++++++++++++++++++++++
>  include/qemu/sanitizers.h     |  22 ++++
>  meson.build                   |   3 +
>  plugins/core.c                |  25 ++++
>  plugins/loader.c              |   5 +
>  tcg/tci.c                     |   5 +
>  tests/check-block.sh          |  18 +--
>  tests/qtest/fuzz/fork_fuzz.ld |  12 +-
>  util/main-loop.c              |   9 ++
>  util/oslib-posix.c            |   9 ++
>  12 files changed, 328 insertions(+), 8 deletions(-)
>  create mode 100644 include/qemu/sanitizers.h

although I don't see a new file by that name here, so perhaps the v1
overview is now stale?

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v2 2/6] configure: avoid new clang 11+ warnings, (continued)
- [PATCH v2 3/6] configure: add option to enable LTO, Daniele Buono, 2020/10/23
  - Re: [PATCH v2 3/6] configure: add option to enable LTO, Paolo Bonzini, 2020/10/26
- [PATCH v2 4/6] cfi: Initial support for cfi-icall in QEMU, Daniele Buono, 2020/10/23
  - Re: [PATCH v2 4/6] cfi: Initial support for cfi-icall in QEMU, Paolo Bonzini, 2020/10/26
- [PATCH v2 5/6] check-block: enable iotests with cfi-icall, Daniele Buono, 2020/10/23
- [PATCH v2 6/6] configure: add support for Control-Flow Integrity, Daniele Buono, 2020/10/23
  - Re: [PATCH v2 6/6] configure: add support for Control-Flow Integrity, Paolo Bonzini, 2020/10/26
- Re: [PATCH v2 0/6] Add support for Control-Flow Integrity, Eric Blake <=
  - Re: [PATCH v2 0/6] Add support for Control-Flow Integrity, Daniele Buono, 2020/10/24
  - Re: [PATCH v2 0/6] Add support for Control-Flow Integrity, Daniel P . Berrangé, 2020/10/26

Prev by Date: Re: [PATCH v5 12/12] qapi: Use QAPI_LIST_ADD() where possible
Next by Date: [PATCH v3 0/6] Additional NPCM7xx features, devices and tests
Previous by thread: Re: [PATCH v2 6/6] configure: add support for Control-Flow Integrity
Next by thread: Re: [PATCH v2 0/6] Add support for Control-Flow Integrity
Index(es):
- Date
- Thread