FROMGIT: KVM: arm64: nVHE: Support CONFIG_CFI_CLANG at EL2
The compiler implements kCFI by adding type information (u32) above every function that might be indirectly called and, whenever a function pointer is called, injects a read-and-compare of that u32 against the value corresponding to the expected type. In case of a mismatch, a BRK instruction gets executed. When the hypervisor triggers such an exception in nVHE, it panics and triggers and exception return to EL1. Therefore, teach nvhe_hyp_panic_handler() to detect kCFI errors from the ESR and report them. If necessary, remind the user that EL2 kCFI is not affected by CONFIG_CFI_PERMISSIVE. Pass $(CC_FLAGS_CFI) to the compiler when building the nVHE hyp code. Use SYM_TYPED_FUNC_START() for __pkvm_init_switch_pgd, as nVHE can't call it directly and must use a PA function pointer from C (because it is part of the idmap page), which would trigger a kCFI failure if the type ID wasn't present. Bug: 278010198 Bug: 278749606 (cherry picked from commit eca4ba5b https://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git ) Change-Id: Icd2ea30174b6b6f104ee364aecffad26197cfe3b Signed-off-by:Pierre-Clément Tosi <ptosi@google.com> Acked-by:
Will Deacon <will@kernel.org> Link: https://lore.kernel.org/r/20240610063244.2828978-9-ptosi@google.com Signed-off-by:
Oliver Upton <oliver.upton@linux.dev>
Loading
Please sign in to comment