Commit 9a54fb31 authored Feb 24, 2025 by Peter Zijlstra Committed by Ingo Molnar Feb 26, 2025

x86/cfi: Add 'cfi=warn' boot option



Rebuilding with CONFIG_CFI_PERMISSIVE=y enabled is such a pain, esp. since
clang is so slow.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Kees Cook <kees@kernel.org>
Link: https://lore.kernel.org/r/20250224124159.924496481@infradead.org

parent fe37c699

arch/x86/kernel/alternative.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -1022,6 +1022,9 @@ static __init int cfi_parse_cmdline(char *str)
		cfi_mode = CFI_FINEIBT;
		} else if (!strcmp(str, "norand")) {
		cfi_rand = false;
		} else if (!strcmp(str, "warn")) {
		pr_alert("CFI mismatch non-fatal!\n");
		cfi_warn = true;
		} else {
		pr_err("Ignoring unknown cfi option (%s).", str);
		}

include/linux/cfi.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -11,6 +11,8 @@
		#include <linux/module.h>
		#include <asm/cfi.h>

		extern bool cfi_warn;

		#ifndef cfi_get_offset
		static inline int cfi_get_offset(void)
		{

kernel/cfi.c

+3 −1

Original line number	Diff line number	Diff line
		@@ -7,6 +7,8 @@

		#include <linux/cfi.h>

		bool cfi_warn __ro_after_init = IS_ENABLED(CONFIG_CFI_PERMISSIVE);

		enum bug_trap_type report_cfi_failure(struct pt_regs *regs, unsigned long addr,
		unsigned long *target, u32 type)
		{
		@@ -17,7 +19,7 @@ enum bug_trap_type report_cfi_failure(struct pt_regs *regs, unsigned long addr,
		pr_err("CFI failure at %pS (no target information)\n",
		(void *)addr);

		if (IS_ENABLED(CONFIG_CFI_PERMISSIVE)) {
		if (cfi_warn) {
		__warn(NULL, 0, (void *)addr, 0, regs, NULL);
		return BUG_TRAP_TYPE_WARN;
		}