[linux-2.6-block.git] / kernel / cfi.c

// SPDX-License-Identifier: GPL-2.0
/*
 * Clang Control Flow Integrity (CFI) error handling.
 *
 * Copyright (C) 2022 Google LLC
 */

#include <linux/cfi.h>

bool cfi_warn __ro_after_init = IS_ENABLED(CONFIG_CFI_PERMISSIVE);

enum bug_trap_type report_cfi_failure(struct pt_regs *regs, unsigned long addr,
				      unsigned long *target, u32 type)
{
	if (target)
		pr_err("CFI failure at %pS (target: %pS; expected type: 0x%08x)\n",
		       (void *)addr, (void *)*target, type);
	else
		pr_err("CFI failure at %pS (no target information)\n",
		       (void *)addr);

	if (cfi_warn) {
		__warn(NULL, 0, (void *)addr, 0, regs, NULL);
		return BUG_TRAP_TYPE_WARN;
	}

	return BUG_TRAP_TYPE_BUG;
}

#ifdef CONFIG_ARCH_USES_CFI_TRAPS
static inline unsigned long trap_address(s32 *p)
{
	return (unsigned long)((long)p + (long)*p);
}

static bool is_trap(unsigned long addr, s32 *start, s32 *end)
{
	s32 *p;

	for (p = start; p < end; ++p) {
		if (trap_address(p) == addr)
			return true;
	}

	return false;
}

#ifdef CONFIG_MODULES
/* Populates `kcfi_trap(_end)?` fields in `struct module`. */
void module_cfi_finalize(const Elf_Ehdr *hdr, const Elf_Shdr *sechdrs,
			 struct module *mod)
{
	char *secstrings;
	unsigned int i;

	mod->kcfi_traps = NULL;
	mod->kcfi_traps_end = NULL;

	secstrings = (char *)hdr + sechdrs[hdr->e_shstrndx].sh_offset;

	for (i = 1; i < hdr->e_shnum; i++) {
		if (strcmp(secstrings + sechdrs[i].sh_name, "__kcfi_traps"))
			continue;

		mod->kcfi_traps = (s32 *)sechdrs[i].sh_addr;
		mod->kcfi_traps_end = (s32 *)(sechdrs[i].sh_addr + sechdrs[i].sh_size);
		break;
	}
}

static bool is_module_cfi_trap(unsigned long addr)
{
	struct module *mod;
	bool found = false;

	guard(rcu)();
	mod = __module_address(addr);
	if (mod)
		found = is_trap(addr, mod->kcfi_traps, mod->kcfi_traps_end);

	return found;
}
#else /* CONFIG_MODULES */
static inline bool is_module_cfi_trap(unsigned long addr)
{
	return false;
}
#endif /* CONFIG_MODULES */

extern s32 __start___kcfi_traps[];
extern s32 __stop___kcfi_traps[];

bool is_cfi_trap(unsigned long addr)
{
	if (is_trap(addr, __start___kcfi_traps, __stop___kcfi_traps))
		return true;

	return is_module_cfi_trap(addr);
}
#endif /* CONFIG_ARCH_USES_CFI_TRAPS */
Commit	Line	Data
cf68fffb ST	1	// SPDX-License-Identifier: GPL-2.0
cf68fffb ST	2	/*
89245600	3	* Clang Control Flow Integrity (CFI) error handling.
cf68fffb	4	*
89245600	5	* Copyright (C) 2022 Google LLC
cf68fffb ST	6	*/
cf68fffb ST	7
89245600 ST	8	#include <linux/cfi.h>
89245600 ST	9
9a54fb31 PZ	10	bool cfi_warn __ro_after_init = IS_ENABLED(CONFIG_CFI_PERMISSIVE);
9a54fb31 PZ	11
89245600 ST	12	enum bug_trap_type report_cfi_failure(struct pt_regs *regs, unsigned long addr,
89245600 ST	13	unsigned long *target, u32 type)
cf68fffb	14	{
89245600 ST	15	if (target)
	16	pr_err("CFI failure at %pS (target: %pS; expected type: 0x%08x)\n",
	17	(void )addr, (void )*target, type);
cf68fffb	18	else
89245600 ST	19	pr_err("CFI failure at %pS (no target information)\n",
	20	(void *)addr);
	21
9a54fb31	22	if (cfi_warn) {
89245600 ST	23	__warn(NULL, 0, (void *)addr, 0, regs, NULL);
	24	return BUG_TRAP_TYPE_WARN;
	25	}
	26
	27	return BUG_TRAP_TYPE_BUG;
cf68fffb ST	28	}
cf68fffb ST	29
89245600 ST	30	#ifdef CONFIG_ARCH_USES_CFI_TRAPS
	31	static inline unsigned long trap_address(s32 *p)
	32	{
	33	return (unsigned long)((long)p + (long)*p);
	34	}
cf68fffb	35
89245600	36	static bool is_trap(unsigned long addr, s32 start, s32 end)
cf68fffb	37	{
89245600	38	s32 *p;
cf68fffb	39
89245600 ST	40	for (p = start; p < end; ++p) {
	41	if (trap_address(p) == addr)
	42	return true;
	43	}
cf68fffb	44
89245600	45	return false;
cf68fffb ST	46	}
cf68fffb ST	47
89245600 ST	48	#ifdef CONFIG_MODULES
	49	/* Populates `kcfi_trap(_end)?` fields in `struct module`. */
	50	void module_cfi_finalize(const Elf_Ehdr hdr, const Elf_Shdr sechdrs,
	51	struct module *mod)
cf68fffb	52	{
89245600 ST	53	char *secstrings;
89245600 ST	54	unsigned int i;
57cd6d15	55
89245600 ST	56	mod->kcfi_traps = NULL;
89245600 ST	57	mod->kcfi_traps_end = NULL;
cf68fffb	58
89245600 ST	59	secstrings = (char *)hdr + sechdrs[hdr->e_shstrndx].sh_offset;
	60
	61	for (i = 1; i < hdr->e_shnum; i++) {
	62	if (strcmp(secstrings + sechdrs[i].sh_name, "__kcfi_traps"))
	63	continue;
cf68fffb	64
89245600 ST	65	mod->kcfi_traps = (s32 *)sechdrs[i].sh_addr;
	66	mod->kcfi_traps_end = (s32 *)(sechdrs[i].sh_addr + sechdrs[i].sh_size);
	67	break;
	68	}
cf68fffb ST	69	}
cf68fffb ST	70
89245600	71	static bool is_module_cfi_trap(unsigned long addr)
cf68fffb	72	{
89245600 ST	73	struct module *mod;
89245600 ST	74	bool found = false;
cf68fffb	75
e151955b	76	guard(rcu)();
89245600 ST	77	mod = __module_address(addr);
	78	if (mod)
	79	found = is_trap(addr, mod->kcfi_traps, mod->kcfi_traps_end);
cf68fffb	80
89245600 ST	81	return found;
	82	}
	83	#else /* CONFIG_MODULES */
	84	static inline bool is_module_cfi_trap(unsigned long addr)
cf68fffb	85	{
89245600	86	return false;
cf68fffb	87	}
cf68fffb ST	88	#endif /* CONFIG_MODULES */
cf68fffb ST	89
89245600 ST	90	extern s32 __start___kcfi_traps[];
	91	extern s32 __stop___kcfi_traps[];
	92
	93	bool is_cfi_trap(unsigned long addr)
cf68fffb	94	{
89245600 ST	95	if (is_trap(addr, __start___kcfi_traps, __stop___kcfi_traps))
	96	return true;
	97
	98	return is_module_cfi_trap(addr);
cf68fffb	99	}
89245600	100	#endif /* CONFIG_ARCH_USES_CFI_TRAPS */