kernel/cfi.c
Source file repositories/reference/linux-study-clean/kernel/cfi.c
File Facts
- System
- Linux kernel
- Corpus path
kernel/cfi.c- Extension
.c- Size
- 2825 bytes
- Lines
- 116
- Domain
- Core OS
- Bucket
- Scheduler, Processes, Timers, Sync, And Syscalls
- Inferred role
- Core OS: implementation source
- Status
- source implementation candidate
Why This File Exists
Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/bpf.hlinux/cfi_types.hlinux/cfi.h
Detected Declarations
function report_cfi_failurefunction trap_addressfunction is_trapfunction module_cfi_finalizefunction is_module_cfi_trapfunction is_module_cfi_trapfunction is_cfi_trap
Annotated Snippet
// SPDX-License-Identifier: GPL-2.0
/*
* Clang Control Flow Integrity (CFI) error handling.
*
* Copyright (C) 2022 Google LLC
*/
#include <linux/bpf.h>
#include <linux/cfi_types.h>
#include <linux/cfi.h>
bool cfi_warn __ro_after_init = IS_ENABLED(CONFIG_CFI_PERMISSIVE);
enum bug_trap_type report_cfi_failure(struct pt_regs *regs, unsigned long addr,
unsigned long *target, u32 type)
{
if (target)
pr_err("CFI failure at %pS (target: %pS; expected type: 0x%08x)\n",
(void *)addr, (void *)*target, type);
else
pr_err("CFI failure at %pS (no target information)\n",
(void *)addr);
if (cfi_warn) {
__warn(NULL, 0, (void *)addr, 0, regs, NULL);
return BUG_TRAP_TYPE_WARN;
}
return BUG_TRAP_TYPE_BUG;
}
/*
* Declare two non-existent functions with types that match bpf_func_t and
* bpf_callback_t pointers, and use DEFINE_CFI_TYPE to define type hash
* variables for each function type. The cfi_bpf_* variables are used by
* arch-specific BPF JIT implementations to ensure indirectly callable JIT
* code has matching CFI type hashes.
*/
extern typeof(*(bpf_func_t)0) __bpf_prog_runX;
DEFINE_CFI_TYPE(cfi_bpf_hash, __bpf_prog_runX);
extern typeof(*(bpf_callback_t)0) __bpf_callback_fn;
DEFINE_CFI_TYPE(cfi_bpf_subprog_hash, __bpf_callback_fn);
#ifdef CONFIG_ARCH_USES_CFI_TRAPS
static inline unsigned long trap_address(s32 *p)
{
return (unsigned long)((long)p + (long)*p);
}
static bool is_trap(unsigned long addr, s32 *start, s32 *end)
{
s32 *p;
for (p = start; p < end; ++p) {
if (trap_address(p) == addr)
return true;
}
return false;
}
#ifdef CONFIG_MODULES
/* Populates `kcfi_trap(_end)?` fields in `struct module`. */
void module_cfi_finalize(const Elf_Ehdr *hdr, const Elf_Shdr *sechdrs,
struct module *mod)
{
char *secstrings;
unsigned int i;
mod->kcfi_traps = NULL;
mod->kcfi_traps_end = NULL;
secstrings = (char *)hdr + sechdrs[hdr->e_shstrndx].sh_offset;
for (i = 1; i < hdr->e_shnum; i++) {
if (strcmp(secstrings + sechdrs[i].sh_name, "__kcfi_traps"))
continue;
mod->kcfi_traps = (s32 *)sechdrs[i].sh_addr;
mod->kcfi_traps_end = (s32 *)(sechdrs[i].sh_addr + sechdrs[i].sh_size);
break;
}
}
static bool is_module_cfi_trap(unsigned long addr)
{
struct module *mod;
bool found = false;
Annotation
- Immediate include surface: `linux/bpf.h`, `linux/cfi_types.h`, `linux/cfi.h`.
- Detected declarations: `function report_cfi_failure`, `function trap_address`, `function is_trap`, `function module_cfi_finalize`, `function is_module_cfi_trap`, `function is_module_cfi_trap`, `function is_cfi_trap`.
- Atlas domain: Core OS / Scheduler, Processes, Timers, Sync, And Syscalls.
- Implementation status: source implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.