1. Patchew
  2. Xen
  3. View series

[PATCH v2 0/7] x86: Further harden function pointers

Andrew Cooper posted 7 patches 2 years, 2 months ago
Failed in applying to current master (apply log)
xen/arch/x86/alternative.c         | 61 ++++++++++++++++++++++++++++++++++++++
xen/arch/x86/cpu/microcode/amd.c   |  2 +-
xen/arch/x86/cpu/microcode/core.c  | 38 +++++++++++++-----------
xen/arch/x86/cpu/microcode/intel.c |  2 +-
xen/arch/x86/cpu/vpmu_amd.c        |  2 +-
xen/arch/x86/cpu/vpmu_intel.c      |  2 +-
xen/arch/x86/hvm/hvm.c             |  2 +-
xen/arch/x86/hvm/svm/svm.c         |  2 +-
xen/arch/x86/hvm/vmx/vmx.c         |  2 +-
xen/arch/x86/xen.lds.S             |  6 ++++
xen/include/xen/alternative-call.h |  2 +-
xen/include/xen/init.h             |  3 ++
xen/xsm/dummy.c                    |  2 +-
xen/xsm/flask/hooks.c              |  2 +-
xen/xsm/silo.c                     |  2 +-
15 files changed, 101 insertions(+), 29 deletions(-)
[PATCH v2 0/7] x86: Further harden function pointers
Posted by Andrew Cooper 2 years, 2 months ago 
Additional runtime hardning of indirect branches.  Depends on the CET-IBT
series.

Andrew Cooper (7):
  xen/altcall: Use __ro_after_init now that it exists
  x86/altcall: Check and optimise altcall targets
  x86/altcall: Optimise away endbr64 instruction where possible
  xsm: Use __initconst_cf_clobber for xsm_ops
  x86/hvm: Use __initdata_cf_clobber for hvm_funcs
  x86/ucode: Use altcall, and __initconst_cf_clobber
  x86/vpmu: Harden indirect branches

 xen/arch/x86/alternative.c         | 61 ++++++++++++++++++++++++++++++++++++++
 xen/arch/x86/cpu/microcode/amd.c   |  2 +-
 xen/arch/x86/cpu/microcode/core.c  | 38 +++++++++++++-----------
 xen/arch/x86/cpu/microcode/intel.c |  2 +-
 xen/arch/x86/cpu/vpmu_amd.c        |  2 +-
 xen/arch/x86/cpu/vpmu_intel.c      |  2 +-
 xen/arch/x86/hvm/hvm.c             |  2 +-
 xen/arch/x86/hvm/svm/svm.c         |  2 +-
 xen/arch/x86/hvm/vmx/vmx.c         |  2 +-
 xen/arch/x86/xen.lds.S             |  6 ++++
 xen/include/xen/alternative-call.h |  2 +-
 xen/include/xen/init.h             |  3 ++
 xen/xsm/dummy.c                    |  2 +-
 xen/xsm/flask/hooks.c              |  2 +-
 xen/xsm/silo.c                     |  2 +-
 15 files changed, 101 insertions(+), 29 deletions(-)

-- 
2.11.0

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.