On Sun, Nov 19, 2023 at 10:07:25PM -0500, Kent Overstreet wrote: > Control flow integrity is now checking that type signatures match on > indirect function calls. That breaks closures, which embed a work_struct > in a closure in such a way that a closure_fn may also be used as a > workqueue fn by the underlying closure code. > > So we have to change closure fns to take a work_struct as their > argument - but that results in a loss of clarity, as closure fns have > different semantics from normal workqueue functions (they run owning a > ref on the closure, which must be released with continue_at() or > closure_return()). > > Thus, this patc introduces CLOSURE_CALLBACK() and closure_type() macros > as suggested by Kees, to smooth things over a bit. > > Suggested-by: Kees Cook <keescook@xxxxxxxxxxxx> > Cc: Coly Li <colyli@xxxxxxx> > Signed-off-by: Kent Overstreet <kent.overstreet@xxxxxxxxx> Thanks for doing this! This looks reasonable to me. I look forward to being able to do fancier CFI prototype partitioning in the future... Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -Kees -- Kees Cook
