[PATCH 1/2] x86/events/amd/iommu: Fix sysfs type mismatch
0 views
Skip to first unread message
Nathan Chancellor
Apr 14, 2021, 8:12:01 PM4/14/21
to Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo, Sami Tolvanen, Kees Cook, Mark Rutland, Alexander Shishkin, Jiri Olsa, Namhyung Kim, Thomas Gleixner, Borislav Petkov, x...@kernel.org, linux-...@vger.kernel.org, clang-bu...@googlegroups.com, Nathan Chancellor
dev_attr_show() calls _iommu_event_show() via an indirect call but
_iommu_event_show()'s type does not currently match the type of the
show() member in 'struct device_attribute', resulting in a Control Flow
Integrity violation.
$ cat /sys/devices/amd_iommu_1/events/mem_dte_hit
csource=0x0a
$ dmesg | grep "CFI failure"
[ 3526.735140] CFI failure (target: _iommu_event_show...):
Change _iommu_event_show() and 'struct amd_iommu_event_desc' to
'struct device_attribute' so that there is no more CFI violation.
Link: https://github.com/ClangBuiltLinux/linux/issues/1350
Fixes: 7be6296fdd75 ("perf/x86/amd: AMD IOMMU Performance Counter PERF uncore PMU implementation")
Signed-off-by: Nathan Chancellor <nat...@kernel.org>
---
arch/x86/events/amd/iommu.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/x86/events/amd/iommu.c b/arch/x86/events/amd/iommu.c
index be50ef8572cc..6a98a7651621 100644
--- a/arch/x86/events/amd/iommu.c
+++ b/arch/x86/events/amd/iommu.c
@@ -81,12 +81,12 @@ static struct attribute_group amd_iommu_events_group = {
};
struct amd_iommu_event_desc {
- struct kobj_attribute attr;
+ struct device_attribute attr;
const char *event;
};
-static ssize_t _iommu_event_show(struct kobject *kobj,
- struct kobj_attribute *attr, char *buf)
+static ssize_t _iommu_event_show(struct device *dev,
+ struct device_attribute *attr, char *buf)
{
struct amd_iommu_event_desc *event =
container_of(attr, struct amd_iommu_event_desc, attr);
base-commit: d434405aaab7d0ebc516b68a8fc4100922d7f5ef
--
2.31.1.272.g89b43f80a5
_iommu_event_show()'s type does not currently match the type of the
show() member in 'struct device_attribute', resulting in a Control Flow
Integrity violation.
$ cat /sys/devices/amd_iommu_1/events/mem_dte_hit
csource=0x0a
$ dmesg | grep "CFI failure"
[ 3526.735140] CFI failure (target: _iommu_event_show...):
Change _iommu_event_show() and 'struct amd_iommu_event_desc' to
'struct device_attribute' so that there is no more CFI violation.
Link: https://github.com/ClangBuiltLinux/linux/issues/1350
Fixes: 7be6296fdd75 ("perf/x86/amd: AMD IOMMU Performance Counter PERF uncore PMU implementation")
Signed-off-by: Nathan Chancellor <nat...@kernel.org>
---
arch/x86/events/amd/iommu.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/x86/events/amd/iommu.c b/arch/x86/events/amd/iommu.c
index be50ef8572cc..6a98a7651621 100644
--- a/arch/x86/events/amd/iommu.c
+++ b/arch/x86/events/amd/iommu.c
@@ -81,12 +81,12 @@ static struct attribute_group amd_iommu_events_group = {
};
struct amd_iommu_event_desc {
- struct kobj_attribute attr;
+ struct device_attribute attr;
const char *event;
};
-static ssize_t _iommu_event_show(struct kobject *kobj,
- struct kobj_attribute *attr, char *buf)
+static ssize_t _iommu_event_show(struct device *dev,
+ struct device_attribute *attr, char *buf)
{
struct amd_iommu_event_desc *event =
container_of(attr, struct amd_iommu_event_desc, attr);
base-commit: d434405aaab7d0ebc516b68a8fc4100922d7f5ef
--
2.31.1.272.g89b43f80a5
Nathan Chancellor
Apr 14, 2021, 8:12:04 PM4/14/21
to Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo, Sami Tolvanen, Kees Cook, Mark Rutland, Alexander Shishkin, Jiri Olsa, Namhyung Kim, Thomas Gleixner, Borislav Petkov, x...@kernel.org, linux-...@vger.kernel.org, clang-bu...@googlegroups.com, Nathan Chancellor
dev_attr_show() calls the __uncore_*_show() functions via an indirect
call but their type does not currently match the type of the show()
config:8-15
$ dmesg | grep "CFI failure"
[ 1258.174653] CFI failure (target: __uncore_umask_show...):
Update the type in the DEFINE_UNCORE_FORMAT_ATTR macro to match
arch/x86/events/amd/uncore.c | 6 +++---
index 7f014d450bc2..582c0ffb5e98 100644
--- a/arch/x86/events/amd/uncore.c
+++ b/arch/x86/events/amd/uncore.c
@@ -275,14 +275,14 @@ static struct attribute_group amd_uncore_attr_group = {
};
#define DEFINE_UNCORE_FORMAT_ATTR(_var, _name, _format) \
-static ssize_t __uncore_##_var##_show(struct kobject *kobj, \
- struct kobj_attribute *attr, \
+static ssize_t __uncore_##_var##_show(struct device *dev, \
+ struct device_attribute *attr, \
char *page) \
{ \
BUILD_BUG_ON(sizeof(_format) >= PAGE_SIZE); \
return sprintf(page, _format "\n"); \
} \
-static struct kobj_attribute format_attr_##_var = \
+static struct device_attribute format_attr_##_var = \
__ATTR(_name, 0444, __uncore_##_var##_show, NULL)
DEFINE_UNCORE_FORMAT_ATTR(event12, event, "config:0-7,32-35");
--
2.31.1.272.g89b43f80a5
call but their type does not currently match the type of the show()
member in 'struct device_attribute', resulting in a Control Flow
Integrity violation.
$ cat /sys/devices/amd_l3/format/umask
Integrity violation.
config:8-15
$ dmesg | grep "CFI failure"
Update the type in the DEFINE_UNCORE_FORMAT_ATTR macro to match
'struct device_attribute' so that there is no more CFI violation.
Link: https://github.com/ClangBuiltLinux/linux/issues/1350
Fixes: 06f2c24584f3 ("perf/amd/uncore: Prepare to scale for more attributes that vary per family")
Link: https://github.com/ClangBuiltLinux/linux/issues/1350
arch/x86/events/amd/uncore.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/x86/events/amd/uncore.c b/arch/x86/events/amd/uncore.c
index 7f014d450bc2..582c0ffb5e98 100644
--- a/arch/x86/events/amd/uncore.c
+++ b/arch/x86/events/amd/uncore.c
@@ -275,14 +275,14 @@ static struct attribute_group amd_uncore_attr_group = {
};
#define DEFINE_UNCORE_FORMAT_ATTR(_var, _name, _format) \
-static ssize_t __uncore_##_var##_show(struct kobject *kobj, \
- struct kobj_attribute *attr, \
+static ssize_t __uncore_##_var##_show(struct device *dev, \
+ struct device_attribute *attr, \
char *page) \
{ \
BUILD_BUG_ON(sizeof(_format) >= PAGE_SIZE); \
return sprintf(page, _format "\n"); \
} \
-static struct kobj_attribute format_attr_##_var = \
+static struct device_attribute format_attr_##_var = \
__ATTR(_name, 0444, __uncore_##_var##_show, NULL)
DEFINE_UNCORE_FORMAT_ATTR(event12, event, "config:0-7,32-35");
--
2.31.1.272.g89b43f80a5
Christoph Hellwig
Apr 15, 2021, 3:54:32 AM4/15/21
to Nathan Chancellor, Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo, Sami Tolvanen, Kees Cook, Mark Rutland, Alexander Shishkin, Jiri Olsa, Namhyung Kim, Thomas Gleixner, Borislav Petkov, x...@kernel.org, linux-...@vger.kernel.org, clang-bu...@googlegroups.com
On Wed, Apr 14, 2021 at 05:11:11PM -0700, Nathan Chancellor wrote:
> dev_attr_show() calls _iommu_event_show() via an indirect call but
> _iommu_event_show()'s type does not currently match the type of the
> show() member in 'struct device_attribute', resulting in a Control Flow
> Integrity violation.
While the fix looks fine I think we need to solve this kind of problem
> dev_attr_show() calls _iommu_event_show() via an indirect call but
> _iommu_event_show()'s type does not currently match the type of the
> show() member in 'struct device_attribute', resulting in a Control Flow
> Integrity violation.
by better type checking. The fact that we can use the wong type here
without a compiler warning is the real issue.
Nathan Chancellor
Apr 15, 2021, 10:47:29 AM4/15/21
to Christoph Hellwig, Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo, Sami Tolvanen, Kees Cook, Mark Rutland, Alexander Shishkin, Jiri Olsa, Namhyung Kim, Thomas Gleixner, Borislav Petkov, x...@kernel.org, linux-...@vger.kernel.org, clang-bu...@googlegroups.com
project because of how pervasive this is (using container_of() +
attributes to get callbacks).
https://lore.kernel.org/r/202006112217.2E6CE093@keescook/
https://lore.kernel.org/r/202104021823.64FA6119@keescook/
Cheers,
Nathan
Reply all
Reply to author
Forward
0 new messages