[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20191122010334.12081-1-keescook@chromium.org>
Date: Thu, 21 Nov 2019 17:03:26 -0800
From: Kees Cook <keescook@...omium.org>
To: Herbert Xu <herbert@...dor.apana.org.au>
Cc: Kees Cook <keescook@...omium.org>,
João Moreira <joao.moreira@...el.com>,
Eric Biggers <ebiggers@...nel.org>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
Sami Tolvanen <samitolvanen@...gle.com>,
Stephan Mueller <smueller@...onox.de>,
x86@...nel.org,
linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org,
kernel-hardening@...ts.openwall.com
Subject: [PATCH v6 0/8] crypto: x86: Fix indirect function call casts
v6:
- minimize need for various internal casts (ebiggers)
- clarify comments (ebiggers)
- switch all context pointers to const (ebiggers)
v5: https://lore.kernel.org/lkml/20191113182516.13545-1-keescook@chromium.org
v4: https://lore.kernel.org/lkml/20191111214552.36717-1-keescook@chromium.org
v3: https://lore.kernel.org/lkml/20190507161321.34611-1-keescook@chromium.org
Hi,
Now that Clang's CFI has been fixed to do the right thing with extern
asm functions, this patch series is much simplified. Repeating patch
1's commit log here:
The crypto glue performed function prototype casting to make indirect
calls to assembly routines. Instead of performing casts at the call
sites (which trips Control Flow Integrity prototype checking), switch
each prototype to a common standard set of arguments which allows the
incremental removal of the existing macros. In order to keep pointer
math unchanged, internal casting between u128 pointers and u8 pointers
is added.
With this series (and the Clang LTO+CFI series) I am able to boot x86
with all crytpo selftests enabled without tripping any CFI checks.
Thanks!
-Kees
Kees Cook (8):
crypto: x86/glue_helper: Regularize function prototypes
crypto: x86/serpent: Remove glue function macros usage
crypto: x86/camellia: Remove glue function macro usage
crypto: x86/twofish: Remove glue function macro usage
crypto: x86/cast6: Remove glue function macro usage
crypto: x86/aesni: Remove glue function macro usage
crypto: x86/glue_helper: Remove function prototype cast helpers
crypto, x86/sha: Eliminate casts on asm implementations
arch/x86/crypto/aesni-intel_asm.S | 8 +--
arch/x86/crypto/aesni-intel_glue.c | 45 ++++++-------
arch/x86/crypto/camellia_aesni_avx2_glue.c | 74 ++++++++++-----------
arch/x86/crypto/camellia_aesni_avx_glue.c | 72 +++++++++------------
arch/x86/crypto/camellia_glue.c | 45 +++++++------
arch/x86/crypto/cast6_avx_glue.c | 68 +++++++++-----------
arch/x86/crypto/glue_helper.c | 23 ++++---
arch/x86/crypto/serpent_avx2_glue.c | 65 +++++++++----------
arch/x86/crypto/serpent_avx_glue.c | 63 +++++++++---------
arch/x86/crypto/serpent_sse2_glue.c | 30 +++++----
arch/x86/crypto/sha1_ssse3_asm.S | 10 ++-
arch/x86/crypto/sha1_ssse3_glue.c | 64 ++++++++----------
arch/x86/crypto/sha256-ssse3-asm.S | 4 +-
arch/x86/crypto/sha256_ssse3_glue.c | 34 +++++-----
arch/x86/crypto/sha512-ssse3-asm.S | 4 +-
arch/x86/crypto/sha512_ssse3_glue.c | 31 +++++----
arch/x86/crypto/twofish_avx_glue.c | 75 ++++++++++------------
arch/x86/crypto/twofish_glue_3way.c | 37 ++++++-----
arch/x86/include/asm/crypto/camellia.h | 63 +++++++++---------
arch/x86/include/asm/crypto/glue_helper.h | 18 ++----
arch/x86/include/asm/crypto/serpent-avx.h | 20 +++---
arch/x86/include/asm/crypto/serpent-sse2.h | 28 ++++----
arch/x86/include/asm/crypto/twofish.h | 19 +++---
crypto/cast6_generic.c | 18 +++---
crypto/serpent_generic.c | 6 +-
include/crypto/cast6.h | 4 +-
include/crypto/serpent.h | 4 +-
include/crypto/xts.h | 2 -
28 files changed, 446 insertions(+), 488 deletions(-)
--
2.17.1
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
