[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v2 21/70] xen/evtchn: CFI hardening
On 14/02/2022 16:53, David Vrabel wrote: > On 14/02/2022 12:50, Andrew Cooper wrote: >> Control Flow Integrity schemes use toolchain and optionally hardware >> support >> to help protect against call/jump/return oriented programming attacks. >> >> Use cf_check to annotate function pointer targets for the toolchain. > [...] >> -static void evtchn_2l_set_pending(struct vcpu *v, struct evtchn >> *evtchn) >> +static void cf_check evtchn_2l_set_pending( >> + struct vcpu *v, struct evtchn *evtchn) > > Why manually annotate functions instead of getting the compiler to > automatically work it out? Because the compilers are not currently capable of working it out automatically. ~Andrew
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |