Page MenuHomeFreeBSD
Differential D49113

sys/tools: add -s options for KCFI use
Needs ReviewPublic
Actions

Authored by aokblast on Feb 23 2025, 5:54 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Jun 1, 3:23 PM
Unknown Object (File)
Sun, Jun 1, 11:05 AM
Unknown Object (File)
Sat, May 31, 8:41 PM
Unknown Object (File)
Thu, May 29, 11:07 AM
Unknown Object (File)
Apr 28 2025, 8:14 AM
Unknown Object (File)
Apr 27 2025, 6:55 AM
Unknown Object (File)
Apr 27 2025, 12:10 AM
Unknown Object (File)
Apr 17 2025, 2:33 AM
View All 24 Files
Subscribers
imp
lwhsu
olce

Details

Reviewers
markj
brooks
Summary

The KCFI requires all function signature match.

For .m files in KCFI, it calls kobj_error_methods in default.

Which means the signature will mismatched thus the KCFI will emit trap
in kernel.

Thus we proposed a option -s for makeobjops.awk to generate the correct
signature for each missing default function.

We do not enable this feature by default because it may enlarge the
kernel size.

sys/kern: fix wrong indent

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 62597
Build 59481: arc lint + arc unit

Event Timeline

aokblast created this revision.Feb 23 2025, 5:54 PM
Herald added subscribers: olce, imp. · View Herald TranscriptFeb 23 2025, 5:54 PM
aokblast requested review of this revision.Feb 23 2025, 5:54 PM
Harbormaster completed remote builds in B62597: Diff 151375.Feb 23 2025, 5:54 PM
aokblast added a child revision: D46193: sys: implement Kernel CFI from clang.Feb 23 2025, 6:46 PM
lwhsu added a subscriber: lwhsu.Feb 24 2025, 4:25 AM
aokblast added reviewers: markj, brooks.Feb 25 2025, 1:34 PM
markj added a comment.Feb 25 2025, 3:54 PM

We do not enable this feature by default because it may enlarge the kernel size.

How much larger is it in practice?

sys/tools/makeobjops.awk
302

How about return kobj_error_method();?

aokblast added a comment.EditedFeb 27 2025, 2:39 PM

With opt_s:

    text      data       bss        dec         hex   filename
23241058   1754433   4537984   29533475   0x1c2a523   /usr/obj/usr/src/amd64.amd64/sys/GENERIC/kernel

Without opt_s:

    text      data       bss        dec         hex   filename
23232582   1754433   4537984   29524999   0x1c28407   /usr/obj/usr/src/amd64.amd64/sys/GENERIC/kernel

About 1k in text, not too much. But I think it is a useless size as it change nothings more than the signature.

sys/tools/makeobjops.awk
302

Calling kboj_error_method will incease the call stack. I don't know if it is a good implementation considering in kernel and the .m's frequently call.

I don't have too much experience about it. If you think it is ok, I can do the corresponding change.

Revision Contents
Changeset List

PathSize
sys/
kern/
2 lines
tools/
12 lines

Diff 151375

View Options

sys/kern/device_if.m

Loading...
View Options

sys/tools/makeobjops.awk

Loading...