Paolo Bonzini, le mar. 12 avril 2022 14:13:37 +0200, a ecrit: > slirp 4.7 introduces a new CFI-friendly timer callback that does > not pass function pointers within libslirp as callbacks for timers. > Check the version number and, if it is new enough, allow using CFI > even with a system libslirp. > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
Reviewed-by: Samuel Thibault <samuel.thiba...@ens-lyon.org> > --- > meson.build | 24 ++++++++++++------------ > 1 file changed, 12 insertions(+), 12 deletions(-) > > diff --git a/meson.build b/meson.build > index 861de93c4f..92a83580a3 100644 > --- a/meson.build > +++ b/meson.build > @@ -2485,21 +2485,21 @@ if have_system > slirp = declare_dependency(link_with: libslirp, > dependencies: slirp_deps, > include_directories: slirp_inc) > + else > + # slirp <4.7 is incompatible with CFI support in QEMU. This is because > + # it passes function pointers within libslirp as callbacks for timers. > + # When using a system-wide shared libslirp, the type information for the > + # callback is missing and the timer call produces a false positive with > CFI. > + # > + # Now that slirp_opt has been defined, check if the selected slirp is > compatible > + # with control-flow integrity. > + if get_option('cfi') and slirp.found() and > slirp.version().version_compare('<4.7') > + error('Control-Flow Integrity is not compatible with system-wide > slirp.' \ > + + ' Please configure with --enable-slirp=git or upgrade to > libslirp 4.7') > + endif > endif > endif > > -# For CFI, we need to compile slirp as a static library together with qemu. > -# This is because we register slirp functions as callbacks for QEMU Timers. > -# When using a system-wide shared libslirp, the type information for the > -# callback is missing and the timer call produces a false positive with CFI. > -# > -# Now that slirp_opt has been defined, check if the selected slirp is > compatible > -# with control-flow integrity. > -if get_option('cfi') and slirp_opt == 'system' > - error('Control-Flow Integrity is not compatible with system-wide slirp.' \ > - + ' Please configure with --enable-slirp=git') > -endif > - > fdt = not_found > if have_system > fdt_opt = get_option('fdt') > -- > 2.35.1 > -- Samuel --- Pour une évaluation indépendante, transparente et rigoureuse ! Je soutiens la Commission d'Évaluation de l'Inria.