tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

bpf: disable CFI in dispatcher functions

BPF dispatcher functions are patched at runtime to perform direct
instead of indirect calls. Disable CFI for the dispatcher functions to
avoid conflicts.

Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Tested-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20210408182843.1754385-9-samitolvanen@google.com

authored by

Sami Tolvanen and committed by
Kees Cook 9f5b4009 8b8e6b5d

+2 -2
+2 -2
include/linux/bpf.h
··· 650 650 struct bpf_ksym ksym; 651 651 }; 652 652 653 - static __always_inline unsigned int bpf_dispatcher_nop_func( 653 + static __always_inline __nocfi unsigned int bpf_dispatcher_nop_func( 654 654 const void *ctx, 655 655 const struct bpf_insn *insnsi, 656 656 unsigned int (*bpf_func)(const void *, ··· 678 678 } 679 679 680 680 #define DEFINE_BPF_DISPATCHER(name) \ 681 - noinline unsigned int bpf_dispatcher_##name##_func( \ 681 + noinline __nocfi unsigned int bpf_dispatcher_##name##_func( \ 682 682 const void *ctx, \ 683 683 const struct bpf_insn *insnsi, \ 684 684 unsigned int (*bpf_func)(const void *, \