On Wed, Mar 03, 2021 at 09:59:38PM -0500, Daniele Buono wrote:
> For CFI, we need to compile slirp as a static library together with qemu.
> This is because we register slirp functions as callbacks for QEMU Timers.
> When using a system-wide shared libslirp, the type information for the
> callback is missing and the timer call produces a false positive with CFI.
Is there work being done, or at least an active plan, for fixing this ?
Distros generally won't want to static link slirp to QEMU when there is
a shared slirp available. It increases the security burden to maintain
slirp twice, especially as slirp has a history of CVEs.
IOW, the inability to use shared slirp may well prevent CFI from being
used in distros.
>
> With this patch, meson will stop if CFI is enabled with system-wide slirp
>
> Signed-off-by: Daniele Buono <dbu...@linux.vnet.ibm.com>
> ---
> meson.build | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/meson.build b/meson.build
> index f3db83e974..e1ec5020ac 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -1569,6 +1569,18 @@ if have_system
> endif
> endif
>
> +# For CFI, we need to compile slirp as a static library together with qemu.
> +# This is because we register slirp functions as callbacks for QEMU Timers.
> +# When using a system-wide shared libslirp, the type information for the
> +# callback is missing and the timer call produces a false positive with CFI.
> +#
> +# Now that slirp_opt has been defined, check if the selected slirp is
> compatible
> +# with control-flow integrity.
> +if get_option('cfi') and slirp_opt == 'system'
> + error('Control-Flow Integrity is not compatible with system-wide slirp.' \
> + + ' Please configure with --enable-slirp=git')
> +endif
Reviewed-by: Daniel P. Berrangé <berra...@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
