xenbits.xensource.com Git - xen.git/commit

author	Andrew Cooper <andrew.cooper3@citrix.com>
	Thu, 28 Oct 2021 09:58:37 +0000 (10:58 +0100)
committer	Andrew Cooper <andrew.cooper3@citrix.com>
	Wed, 23 Feb 2022 15:33:43 +0000 (15:33 +0000)
commit	69f14d2ad9f7b23cdf2aad3b907b06c7f94cffab
tree	3b9ed5b59da57670db7ede6a24d39c4c65328332	tree
parent	0cccb0416e5480822a54bd74066f73c14238b168	commit \| diff

xen/tasklet: CFI hardening

Control Flow Integrity schemes use toolchain and optionally hardware support
to help protect against call/jump/return oriented programming attacks.

Use cf_check to annotate function pointer targets for the toolchain.

The function pointer cast in hvm_vcpu_initialise() is undefined behaviour.

While it happens to function correctly, it is not compatible with control flow
typechecking, so introduce a new hvm_assert_evtchn_irq_tasklet() to handle the
parameter type conversion in a legal way.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>

xen/arch/x86/hvm/hvm.c		diff \| blob \| blame \| history
xen/arch/x86/hvm/vlapic.c		diff \| blob \| blame \| history
xen/arch/x86/include/asm/shadow.h		diff \| blob \| blame \| history
xen/arch/x86/mm/shadow/common.c		diff \| blob \| blame \| history
xen/common/domain.c		diff \| blob \| blame \| history
xen/common/keyhandler.c		diff \| blob \| blame \| history
xen/common/livepatch.c		diff \| blob \| blame \| history
xen/common/stop_machine.c		diff \| blob \| blame \| history
xen/common/trace.c		diff \| blob \| blame \| history
xen/drivers/char/console.c		diff \| blob \| blame \| history
xen/drivers/passthrough/amd/iommu_guest.c		diff \| blob \| blame \| history
xen/drivers/passthrough/amd/iommu_init.c		diff \| blob \| blame \| history
xen/drivers/passthrough/vtd/iommu.c		diff \| blob \| blame \| history