Re: [PATCH v2 4/6] cfi: Initial support for cfi-icall in QEMU

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 4/6] cfi: Initial support for cfi-icall in QEMU

From:	Alex Bennée
Subject:	Re: [PATCH v2 4/6] cfi: Initial support for cfi-icall in QEMU
Date:	Tue, 27 Oct 2020 10:11:18 +0000
User-agent:	mu4e 1.5.6; emacs 28.0.50

Daniele Buono <dbuono@linux.vnet.ibm.com> writes:

> LLVM/Clang, supports runtime checks for forward-edge Control-Flow
> Integrity (CFI).
>
> CFI on indirect function calls (cfi-icall) ensures that, in indirect
> function calls, the function called is of the right signature for the
> pointer type defined at compile time.
>
> For this check to work, the code must always respect the function
> signature when using function pointer, the function must be defined
> at compile time, and be compiled with link-time optimization.
>
> This rules out, for example, shared libraries that are dynamically loaded
> (given that functions are not known at compile time), and code that is
> dynamically generated at run-time.
>
> This patch:
>
> 1) Introduces the CONFIG_CFI flag to support cfi in QEMU
>
> 2) Introduces a decorator to allow the definition of "sensitive"
> functions, where a non-instrumented function may be called at runtime
> through a pointer. The decorator will take care of disabling cfi-icall
> checks on such functions, when cfi is enabled.
>
> 3) Marks functions currently in QEMU that exhibit such behavior,
> in particular:
> - The function in TCG that calls pre-compiled TBs
> - The function in TCI that interprets instructions
> - Functions in the plugin infrastructures that jump to callbacks
> - Functions in util that directly call a signal handler
>
> 4) Add a new section in MAINTAINERS with me as a maintainer for
> include/qemu/sanitizers.h, in case a maintainer is deemed
> necessary for this feature
>
> Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
> ---
>  MAINTAINERS               |  5 +++++
>  accel/tcg/cpu-exec.c      |  9 +++++++++
>  include/qemu/sanitizers.h | 22 ++++++++++++++++++++++
>  plugins/core.c            | 25 +++++++++++++++++++++++++
>  plugins/loader.c          |  5 +++++

With the changes Paolo suggested (QEMU_DISABLE_CFI and use compilers.h)
then for the plugin bits:

Acked-by: Alex Bennée <alex.bennee@linaro.org>

-- 
Alex Bennée

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v2 2/6] configure: avoid new clang 11+ warnings, (continued)
- [PATCH v2 3/6] configure: add option to enable LTO, Daniele Buono, 2020/10/23
  - Re: [PATCH v2 3/6] configure: add option to enable LTO, Paolo Bonzini, 2020/10/26
    - Re: [PATCH v2 3/6] configure: add option to enable LTO, Daniel P . Berrangé, 2020/10/26
- [PATCH v2 4/6] cfi: Initial support for cfi-icall in QEMU, Daniele Buono, 2020/10/23
  - Re: [PATCH v2 4/6] cfi: Initial support for cfi-icall in QEMU, Paolo Bonzini, 2020/10/26
  - Re: [PATCH v2 4/6] cfi: Initial support for cfi-icall in QEMU, Alex Bennée <=
- [PATCH v2 5/6] check-block: enable iotests with cfi-icall, Daniele Buono, 2020/10/23
- [PATCH v2 6/6] configure: add support for Control-Flow Integrity, Daniele Buono, 2020/10/23
  - Re: [PATCH v2 6/6] configure: add support for Control-Flow Integrity, Paolo Bonzini, 2020/10/26
- Re: [PATCH v2 0/6] Add support for Control-Flow Integrity, Eric Blake, 2020/10/23
  - Re: [PATCH v2 0/6] Add support for Control-Flow Integrity, Daniele Buono, 2020/10/24
  - Re: [PATCH v2 0/6] Add support for Control-Flow Integrity, Daniel P . Berrangé, 2020/10/26

Prev by Date: Re: [PATCH v6 11/11] qapi: Use QAPI_LIST_ADD() where possible
Next by Date: [PULL 0/2] QMP patches patches for 2020-10-27
Previous by thread: Re: [PATCH v2 4/6] cfi: Initial support for cfi-icall in QEMU
Next by thread: [PATCH v2 5/6] check-block: enable iotests with cfi-icall
Index(es):
- Date
- Thread