[PATCH v3 0/9] Add support for Control-Flow Integrity

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v3 0/9] Add support for Control-Flow Integrity

From:	Daniele Buono
Subject:	[PATCH v3 0/9] Add support for Control-Flow Integrity
Date:	Thu, 5 Nov 2020 17:18:56 -0500

This patch adds supports for Control-Flow Integrity checks
on indirect function calls.

Requires the use of clang, and link-time optimizations

Changes in v3:

- clang 11+ warnings are now handled directly at the source,
instead of disabling specific warnings for the whole code.
Some more work may be needed here to polish the patch, I
would kindly ask for a review from the corresponding
maintainers
- Remove configure-time checks for toolchain compatibility
with LTO.
- the decorator to disable cfi checks on functions has
been renamed and moved to include/qemu/compiler.h
- configure-time checks for cfi support and dependencies
has been moved from configure to meson

Link to v2: https://www.mail-archive.com/qemu-devel@nongnu.org/msg753675.html
Link to v1: https://www.mail-archive.com/qemu-devel@nongnu.org/msg718786.html

Daniele Buono (9):
  fuzz: Make fork_fuzz.ld compatible with LLVM's LLD
  s390x: fix clang 11 warnings in cpu_models.c
  hw/usb: reorder fields in UASStatus
  s390x: Avoid variable size warning in ipl.h
  scsi: fix overflow in scsi_disk_new_request_dump
  configure,meson: add option to enable LTO
  cfi: Initial support for cfi-icall in QEMU
  check-block: enable iotests with cfi-icall
  configure/meson: support Control-Flow Integrity

 accel/tcg/cpu-exec.c          | 11 +++++++++
 configure                     | 26 ++++++++++++++++++++
 hw/s390x/ipl.h                |  4 +--
 hw/scsi/scsi-disk.c           |  4 +++
 hw/usb/dev-uas.c              |  2 +-
 include/qemu/compiler.h       | 12 +++++++++
 meson.build                   | 46 +++++++++++++++++++++++++++++++++++
 meson_options.txt             |  4 +++
 plugins/core.c                | 37 ++++++++++++++++++++++++++++
 plugins/loader.c              |  7 ++++++
 target/s390x/cpu_models.c     |  8 +++---
 tcg/tci.c                     |  7 ++++++
 tests/check-block.sh          | 18 ++++++++------
 tests/qtest/fuzz/fork_fuzz.ld | 12 ++++++++-
 util/main-loop.c              | 11 +++++++++
 util/oslib-posix.c            | 11 +++++++++
 16 files changed, 205 insertions(+), 15 deletions(-)

-- 
2.17.1

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v3 0/9] Add support for Control-Flow Integrity, Daniele Buono <=
- [PATCH v3 1/9] fuzz: Make fork_fuzz.ld compatible with LLVM's LLD, Daniele Buono, 2020/11/05
  - Re: [PATCH v3 1/9] fuzz: Make fork_fuzz.ld compatible with LLVM's LLD, Alexander Bulekov, 2020/11/06
    - Re: [PATCH v3 1/9] fuzz: Make fork_fuzz.ld compatible with LLVM's LLD, Daniele Buono, 2020/11/19
- [PATCH v3 2/9] s390x: fix clang 11 warnings in cpu_models.c, Daniele Buono, 2020/11/05
  - Re: [PATCH v3 2/9] s390x: fix clang 11 warnings in cpu_models.c, Cornelia Huck, 2020/11/09
- [PATCH v3 4/9] s390x: Avoid variable size warning in ipl.h, Daniele Buono, 2020/11/05
  - Re: [PATCH v3 4/9] s390x: Avoid variable size warning in ipl.h, Cornelia Huck, 2020/11/09
- [PATCH v3 6/9] configure,meson: add option to enable LTO, Daniele Buono, 2020/11/05
- [PATCH v3 5/9] scsi: fix overflow in scsi_disk_new_request_dump, Daniele Buono, 2020/11/05
  - Re: [PATCH-for-5.2? v3 5/9] scsi: fix overflow in scsi_disk_new_request_dump, Philippe Mathieu-Daudé, 2020/11/06

Prev by Date: Re: [PATCH for-5.2 1/3] linux-user/sparc: Fix errors in target_ucontext structures
Next by Date: [PATCH v3 1/9] fuzz: Make fork_fuzz.ld compatible with LLVM's LLD
Previous by thread: [PATCH for-5.2 0/3] linux-user: fix various sparc64 guest bugs
Next by thread: [PATCH v3 1/9] fuzz: Make fork_fuzz.ld compatible with LLVM's LLD
Index(es):
- Date
- Thread