The crypto glue performed function prototype casting to make indirect
calls to assembly routines. Instead of performing casts at the call
sites (which trips Control Flow Integrity prototype checking), create a
set of macros to either declare the prototypes to avoid the need for
casts, or build inline helpers to allow for various aliased functions.
Co-developed-by: João Moreira <joao.moreira@xxxxxxxxxxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
arch/x86/include/asm/crypto/glue_helper.h | 24 +++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/arch/x86/include/asm/crypto/glue_helper.h b/arch/x86/include/asm/crypto/glue_helper.h
index 8d4a8e1226ee..2fa4968ab8e2 100644
--- a/arch/x86/include/asm/crypto/glue_helper.h
+++ b/arch/x86/include/asm/crypto/glue_helper.h
@@ -23,6 +23,30 @@ typedef void (*common_glue_xts_func_t)(void *ctx, u128 *dst, const u128 *src,
#define GLUE_CTR_FUNC_CAST(fn) ((common_glue_ctr_func_t)(fn))
#define GLUE_XTS_FUNC_CAST(fn) ((common_glue_xts_func_t)(fn))
+#define CRYPTO_FUNC(func) \
+asmlinkage void func(void *ctx, u8 *dst, const u8 *src)
+
+#define CRYPTO_FUNC_CBC(func) \
+asmlinkage void func(void *ctx, u128 *dst, const u128 *src)
+
+#define CRYPTO_FUNC_WRAP_CBC(func) \
+static inline void func ## _cbc(void *ctx, u128 *dst, const u128 *src) \
+{ func(ctx, (u8 *)dst, (u8 *)src); }
+
+#define CRYPTO_FUNC_CTR(func) \
+asmlinkage void func(void *ctx, u128 *dst, const u128 *src, le128 *iv);
+
+#define CRYPTO_FUNC_XTS(func) CRYPTO_FUNC_CTR(func)
+
+#define CRYPTO_FUNC_XOR(func) \
+asmlinkage void __ ## func(void *ctx, u8 *dst, const u8 *src, bool y); \
+asmlinkage static inline \
+void func(void *ctx, u8 *dst, const u8 *src) \
+{ __ ## func(ctx, dst, src, false); } \
+asmlinkage static inline \
+void func ## _xor(void *ctx, u8 *dst, const u8 *src) \
+{ __ ## func(ctx, dst, src, true); }
+
struct common_glue_func_entry {
unsigned int num_blocks; /* number of blocks that @fn will process */
union {
--
2.17.1
