x86/guest: CFI hardening

Control Flow Integrity schemes use toolchain and optionally hardware support
to help protect against call/jump/return oriented programming attacks.

Use cf_check to annotate function pointer targets for the toolchain.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>

diff --git a/xen/arch/x86/guest/hyperv/hyperv.c b/xen/arch/x86/guest/hyperv/hyperv.c
index 84221b75145331fce48bd65a1896d76c188d46f2..b101ba3080b44a95cadd893c521454eb321572e6 100644 (file)
--- a/xen/arch/x86/guest/hyperv/hyperv.c
+++ b/xen/arch/x86/guest/hyperv/hyperv.c
@@ -175,7 +175,7 @@ static int setup_vp_assist(void)
     return 0;
 }
 
-static void __init setup(void)
+static void __init cf_check setup(void)
 {
     ASM_CONSTANT(HV_HCALL_PAGE, __fix_x_to_virt(FIX_X_HYPERV_HCALL));
 
@@ -188,7 +188,7 @@ static void __init setup(void)
         panic("VP assist page setup failed\n");
 }
 
-static int ap_setup(void)
+static int cf_check ap_setup(void)
 {
     int rc;
 
@@ -199,7 +199,7 @@ static int ap_setup(void)
     return setup_vp_assist();
 }
 
-static void __init e820_fixup(struct e820map *e820)
+static void __init cf_check e820_fixup(struct e820map *e820)
 {
     uint64_t s = HV_HCALL_MFN << PAGE_SHIFT;
 
@@ -207,8 +207,8 @@ static void __init e820_fixup(struct e820map *e820)
         panic("Unable to reserve Hyper-V hypercall range\n");
 }
 
-static int flush_tlb(const cpumask_t *mask, const void *va,
-                     unsigned int flags)
+static int cf_check flush_tlb(
+    const cpumask_t *mask, const void *va, unsigned int flags)
 {
     if ( !(ms_hyperv.hints & HV_X64_REMOTE_TLB_FLUSH_RECOMMENDED) )
         return -EOPNOTSUPP;

diff --git a/xen/arch/x86/guest/xen/xen.c b/xen/arch/x86/guest/xen/xen.c
index 17807cdea688e794a78320f87e29ff68fcbad28e..9c2defaa6621864e359ea45e554ae8322c1d4610 100644 (file)
--- a/xen/arch/x86/guest/xen/xen.c
+++ b/xen/arch/x86/guest/xen/xen.c
@@ -237,7 +237,7 @@ static int init_evtchn(void)
     return rc;
 }
 
-static void __init setup(void)
+static void __init cf_check setup(void)
 {
     init_memmap();
 
@@ -265,7 +265,7 @@ static void __init setup(void)
     BUG_ON(init_evtchn());
 }
 
-static int ap_setup(void)
+static int cf_check ap_setup(void)
 {
     set_vcpu_id();
 
@@ -295,7 +295,7 @@ static void cf_check ap_resume(void *unused)
     BUG_ON(init_evtchn());
 }
 
-static void resume(void)
+static void cf_check resume(void)
 {
     /* Reset shared info page. */
     map_shared_info();
@@ -318,13 +318,14 @@ static void resume(void)
         pv_console_init();
 }
 
-static void __init e820_fixup(struct e820map *e820)
+static void __init cf_check e820_fixup(struct e820map *e820)
 {
     if ( pv_shim )
         pv_shim_fixup_e820(e820);
 }
 
-static int flush_tlb(const cpumask_t *mask, const void *va, unsigned int flags)
+static int cf_check flush_tlb(
+    const cpumask_t *mask, const void *va, unsigned int flags)
 {
     return xen_hypercall_hvm_op(HVMOP_flush_tlbs, NULL);
 }