meson: -display dbus and CFI are incompatible

[PATCH] meson: -display dbus and CFI are incompatible

Posted by Paolo Bonzini 1 year, 6 months ago

The generated skeletons for DBus call the finalize method of the parent
type using code like

    G_OBJECT_CLASS (qemu_dbus_display1_chardev_skeleton_parent_class)->finalize (object);

However, the finalize method is defined in a shared library that is not
compiled with CFI.  Do not enable anything that uses gdbus-codegen if
--enable-cfi was specified.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 meson.build | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/meson.build b/meson.build
index f6962834a3..6106daf267 100644
--- a/meson.build
+++ b/meson.build
@@ -515,6 +515,7 @@ meson.override_dependency('glib-2.0', glib)
 
 gio = not_found
 gdbus_codegen = not_found
+gdbus_codegen_error = '@0@ requires gdbus-codegen, please install libgio'
 if not get_option('gio').auto() or have_system
   gio = dependency('gio-2.0', required: get_option('gio'),
                    method: 'pkg-config', kwargs: static_kwargs)
@@ -539,6 +540,10 @@ if not get_option('gio').auto() or have_system
                              version: gio.version())
   endif
 endif
+if gdbus_codegen.found() and get_option('cfi')
+  gdbus_codegen = not_found
+  gdbus_codegen_error = '@0@ uses gdbus-codegen, which does not support control flow integrity')
+endif
 
 lttng = not_found
 if 'ust' in get_option('trace_backends')
@@ -1697,7 +1702,7 @@ dbus_display = get_option('dbus_display') \
   .require(gio.version().version_compare('>=2.64'),
            error_message: '-display dbus requires glib>=2.64') \
   .require(gdbus_codegen.found(),
-           error_message: '-display dbus requires gdbus-codegen') \
+           error_message: gdbus_codegen_error.format('-display dbus')) \
   .require(opengl.found() and gbm.found(),
            error_message: '-display dbus requires epoxy/egl and gbm') \
   .allowed()
-- 
2.37.3

Re: [PATCH] meson: -display dbus and CFI are incompatible

Posted by Jason A. Donenfeld 1 year, 6 months ago

On Fri, Sep 30, 2022 at 09:53:24AM +0200, Paolo Bonzini wrote:
> The generated skeletons for DBus call the finalize method of the parent
> type using code like
> 
>     G_OBJECT_CLASS (qemu_dbus_display1_chardev_skeleton_parent_class)->finalize (object);
> 
> However, the finalize method is defined in a shared library that is not
> compiled with CFI.  Do not enable anything that uses gdbus-codegen if
> --enable-cfi was specified.
> 
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
>  meson.build | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/meson.build b/meson.build
> index f6962834a3..6106daf267 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -515,6 +515,7 @@ meson.override_dependency('glib-2.0', glib)
>  
>  gio = not_found
>  gdbus_codegen = not_found
> +gdbus_codegen_error = '@0@ requires gdbus-codegen, please install libgio'
>  if not get_option('gio').auto() or have_system
>    gio = dependency('gio-2.0', required: get_option('gio'),
>                     method: 'pkg-config', kwargs: static_kwargs)
> @@ -539,6 +540,10 @@ if not get_option('gio').auto() or have_system
>                               version: gio.version())
>    endif
>  endif
> +if gdbus_codegen.found() and get_option('cfi')
> +  gdbus_codegen = not_found
> +  gdbus_codegen_error = '@0@ uses gdbus-codegen, which does not support control flow integrity')

FYI, you've got a trailing paren here that will break.

Jason

Re: [PATCH] meson: -display dbus and CFI are incompatible

Posted by Marc-André Lureau 1 year, 6 months ago

Hi

On Fri, Sep 30, 2022 at 11:53 AM Paolo Bonzini <pbonzini@redhat.com> wrote:

> The generated skeletons for DBus call the finalize method of the parent
> type using code like
>
>     G_OBJECT_CLASS
> (qemu_dbus_display1_chardev_skeleton_parent_class)->finalize (object);
>
> However, the finalize method is defined in a shared library that is not
> compiled with CFI.  Do not enable anything that uses gdbus-codegen if
> --enable-cfi was specified.
>

I had the same analysis. But what if gdbus (or other dependencies) is
compiled with CFI ? Note: I have no idea if CFI is meant to be usable in
production or just for developers.


> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>



> ---
>  meson.build | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/meson.build b/meson.build
> index f6962834a3..6106daf267 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -515,6 +515,7 @@ meson.override_dependency('glib-2.0', glib)
>
>  gio = not_found
>  gdbus_codegen = not_found
> +gdbus_codegen_error = '@0@ requires gdbus-codegen, please install libgio'
>  if not get_option('gio').auto() or have_system
>    gio = dependency('gio-2.0', required: get_option('gio'),
>                     method: 'pkg-config', kwargs: static_kwargs)
> @@ -539,6 +540,10 @@ if not get_option('gio').auto() or have_system
>                               version: gio.version())
>    endif
>  endif
> +if gdbus_codegen.found() and get_option('cfi')
> +  gdbus_codegen = not_found
> +  gdbus_codegen_error = '@0@ uses gdbus-codegen, which does not support
> control flow integrity')
> +endif
>
>  lttng = not_found
>  if 'ust' in get_option('trace_backends')
> @@ -1697,7 +1702,7 @@ dbus_display = get_option('dbus_display') \
>    .require(gio.version().version_compare('>=2.64'),
>             error_message: '-display dbus requires glib>=2.64') \
>    .require(gdbus_codegen.found(),
> -           error_message: '-display dbus requires gdbus-codegen') \
> +           error_message: gdbus_codegen_error.format('-display dbus')) \
>    .require(opengl.found() and gbm.found(),
>             error_message: '-display dbus requires epoxy/egl and gbm') \
>    .allowed()
> --
> 2.37.3
>
>
>

-- 
Marc-André Lureau

Re: [PATCH] meson: -display dbus and CFI are incompatible

Posted by Daniel P. Berrangé 1 year, 6 months ago

On Fri, Sep 30, 2022 at 11:59:34AM +0400, Marc-André Lureau wrote:
> Hi
> 
> On Fri, Sep 30, 2022 at 11:53 AM Paolo Bonzini <pbonzini@redhat.com> wrote:
> 
> > The generated skeletons for DBus call the finalize method of the parent
> > type using code like
> >
> >     G_OBJECT_CLASS
> > (qemu_dbus_display1_chardev_skeleton_parent_class)->finalize (object);
> >
> > However, the finalize method is defined in a shared library that is not
> > compiled with CFI.  Do not enable anything that uses gdbus-codegen if
> > --enable-cfi was specified.
> >
> 
> I had the same analysis. But what if gdbus (or other dependencies) is
> compiled with CFI ? Note: I have no idea if CFI is meant to be usable in
> production or just for developers.

It is supposed to be for production, but right now it is not usable
if you want QEMU modules enabled, so that limits its practicality
today.

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [PATCH] meson: -display dbus and CFI are incompatible

Posted by Paolo Bonzini 1 year, 6 months ago

On Fri, Sep 30, 2022 at 9:59 AM Marc-André Lureau
<marcandre.lureau@gmail.com> wrote:
>
> Hi
>
> On Fri, Sep 30, 2022 at 11:53 AM Paolo Bonzini <pbonzini@redhat.com> wrote:
>>
>> The generated skeletons for DBus call the finalize method of the parent
>> type using code like
>>
>>     G_OBJECT_CLASS (qemu_dbus_display1_chardev_skeleton_parent_class)->finalize (object);
>>
>> However, the finalize method is defined in a shared library that is not
>> compiled with CFI.  Do not enable anything that uses gdbus-codegen if
>> --enable-cfi was specified.
>
> I had the same analysis. But what if gdbus (or other dependencies) is compiled with CFI ? Note: I have no idea if CFI is meant to be usable in production or just for developers.

Yeah, in theory it's possible but I think it's very unlikely. For
libslirp QEMU ignores that possibility and requires a version with a
fixed API, but that's not really possible for the gdbus superclasses.

Paolo

>>
>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>
>
> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
>
>
>>
>> ---
>>  meson.build | 7 ++++++-
>>  1 file changed, 6 insertions(+), 1 deletion(-)
>>
>> diff --git a/meson.build b/meson.build
>> index f6962834a3..6106daf267 100644
>> --- a/meson.build
>> +++ b/meson.build
>> @@ -515,6 +515,7 @@ meson.override_dependency('glib-2.0', glib)
>>
>>  gio = not_found
>>  gdbus_codegen = not_found
>> +gdbus_codegen_error = '@0@ requires gdbus-codegen, please install libgio'
>>  if not get_option('gio').auto() or have_system
>>    gio = dependency('gio-2.0', required: get_option('gio'),
>>                     method: 'pkg-config', kwargs: static_kwargs)
>> @@ -539,6 +540,10 @@ if not get_option('gio').auto() or have_system
>>                               version: gio.version())
>>    endif
>>  endif
>> +if gdbus_codegen.found() and get_option('cfi')
>> +  gdbus_codegen = not_found
>> +  gdbus_codegen_error = '@0@ uses gdbus-codegen, which does not support control flow integrity')
>> +endif
>>
>>  lttng = not_found
>>  if 'ust' in get_option('trace_backends')
>> @@ -1697,7 +1702,7 @@ dbus_display = get_option('dbus_display') \
>>    .require(gio.version().version_compare('>=2.64'),
>>             error_message: '-display dbus requires glib>=2.64') \
>>    .require(gdbus_codegen.found(),
>> -           error_message: '-display dbus requires gdbus-codegen') \
>> +           error_message: gdbus_codegen_error.format('-display dbus')) \
>>    .require(opengl.found() and gbm.found(),
>>             error_message: '-display dbus requires epoxy/egl and gbm') \
>>    .allowed()
>> --
>> 2.37.3
>>
>>
>
>
> --
> Marc-André Lureau