diff mbox series

[v3,5/7] cfi: Add CFI_NOSEAL()

Message ID 20231215092707.669401084@infradead.org (mailing list archive)
State Handled Elsewhere
Headers show
Series x86/cfi,bpf: Fix CFI vs eBPF | expand

Commit Message

Peter Zijlstra Dec. 15, 2023, 9:12 a.m. UTC
Add a CFI_NOSEAL() helper to mark functions that need to retain their
CFI information, despite not otherwise leaking their address.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
---
 arch/x86/include/asm/cfi.h |    5 +++++
 include/linux/cfi.h        |    4 ++++
 2 files changed, 9 insertions(+)
diff mbox series

Patch

--- a/arch/x86/include/asm/cfi.h
+++ b/arch/x86/include/asm/cfi.h
@@ -8,6 +8,7 @@ 
  * Copyright (C) 2022 Google LLC
  */
 #include <linux/bug.h>
+#include <asm/ibt.h>
 
 /*
  * An overview of the various calling conventions...
@@ -138,4 +139,8 @@  static inline u32 cfi_get_func_hash(void
 }
 #endif /* CONFIG_CFI_CLANG */
 
+#if HAS_KERNEL_IBT == 1
+#define CFI_NOSEAL(x)	asm(IBT_NOSEAL(__stringify(x)))
+#endif
+
 #endif /* _ASM_X86_CFI_H */
--- a/include/linux/cfi.h
+++ b/include/linux/cfi.h
@@ -46,4 +46,8 @@  static inline void module_cfi_finalize(c
 #endif /* CONFIG_ARCH_USES_CFI_TRAPS */
 #endif /* CONFIG_MODULES */
 
+#ifndef CFI_NOSEAL
+#define CFI_NOSEAL(x)
+#endif
+
 #endif /* _LINUX_CFI_H */