On Tue, Mar 23, 2021 at 01:39:38PM -0700, Sami Tolvanen wrote: > list_sort() internally casts the comparison function passed to it > to a different type with constant struct list_head pointers, and > uses this pointer to call the functions, which trips indirect call > Control-Flow Integrity (CFI) checking. > > Instead of removing the consts, this change defines the > list_cmp_func_t type and changes the comparison function types of > all list_sort() callers to use const pointers, thus avoiding type > mismatches. > > Suggested-by: Nick Desaulniers <ndesaulni...@google.com> > Signed-off-by: Sami Tolvanen <samitolva...@google.com>
Reviewed-by: Kees Cook <keesc...@chromium.org> -- Kees Cook
