A new LLVM CFI implementation
A new LLVM CFI implementation
Posted Jun 20, 2022 7:46 UTC (Mon) by Villemoes (subscriber, #91911)Parent article: A new LLVM CFI implementation
> The replacement of function-pointer variables with jump-table entries also means that those variables cannot be compared against the address of a specific function, which is something that kernel code needs to do on occasion.
Indeed, and for that reason it's really beyond me how the current code could have been merged without an explicit "depends on BROKEN". The series monkey-patched out some sanity checking WARN_ONs that used function pointer comparison, but there are places in the kernel that rely on function pointer comparison for correctness, and because this CFI code breaks the semantics of comparing function pointers, leads to crashes down the line. Which, of course, prevents an attacker from gaining control; the owner's control and use of the machine is just collateral damage we have to accept in the name of s3kurity.
Oh well, at least it's getting replaced by something saner now.