Re: [Qemu-devel] [PATCH 3/7] configure: add CET support

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 3/7] configure: add CET support

From:	Paolo Bonzini
Subject:	Re: [Qemu-devel] [PATCH 3/7] configure: add CET support
Date:	Thu, 14 Mar 2019 11:46:42 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0

On 14/03/19 01:56, Richard Henderson wrote:
> Hmm.  The gcc for aarch64 names the similar feature -mbranch-protection.  I'm
> rather annoyed that the i386 gcc folk appropriated a generic -f name without
> actually making the feature generic at the same time.

Wouldn't -fcf-protection=branch also apply to ARM BTI?  Pointer
authentication can even be enabled by default on GCC 9 if I remember
correctly, so it doesn't need an option at all.

> Thankfully the aarch64 version does not include shadow stacks, and so is less
> invasive into the normal abi -- ARM uses pointer authentication instead.

Branch target authentication should probably should be one or more
separate -fcf-protection options, but it is reasonable to make it
generic as well.

One could even implement a (much) weaker version of pointer
authentication without hardware support.  You could mangle the return
address on entry and return, for example with a XOR/XOR or ADD/SUB of a
per-thread datum, and likewise mangle function pointers with a
per-process datum or with a hash based on the function's type signature.
 Both would need debugger support, and the latter would require
modifying hand-written assembly.

Paolo

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [RFC PATCH for-4.1 0/7] CET support, Paolo Bonzini, 2019/03/13
- [Qemu-devel] [PATCH 1/7] qemugdb: allow adding support for other coroutine backends, Paolo Bonzini, 2019/03/13
- [Qemu-devel] [PATCH 2/7] coroutine: add x86 specific coroutine backend, Paolo Bonzini, 2019/03/13
  - Re: [Qemu-devel] [PATCH 2/7] coroutine: add x86 specific coroutine backend, Kevin Wolf, 2019/03/13
- [Qemu-devel] [PATCH 3/7] configure: add CET support, Paolo Bonzini, 2019/03/13
  - Re: [Qemu-devel] [PATCH 3/7] configure: add CET support, Eric Blake, 2019/03/13
    - Re: [Qemu-devel] [PATCH 3/7] configure: add CET support, Paolo Bonzini, 2019/03/13
    - Re: [Qemu-devel] [PATCH 3/7] configure: add CET support, Florian Weimer, 2019/03/13
    - Re: [Qemu-devel] [PATCH 3/7] configure: add CET support, Paolo Bonzini, 2019/03/13
  - Re: [Qemu-devel] [PATCH 3/7] configure: add CET support, Richard Henderson, 2019/03/13
    - Re: [Qemu-devel] [PATCH 3/7] configure: add CET support, Paolo Bonzini <=
    - Re: [Qemu-devel] [PATCH 3/7] configure: add CET support, Richard Henderson, 2019/03/14
    - Re: [Qemu-devel] [PATCH 3/7] configure: add CET support, Paolo Bonzini, 2019/03/14
- [Qemu-devel] [PATCH 7/7] coroutine-x86: add CET shadow stack support, Paolo Bonzini, 2019/03/13
  - Re: [Qemu-devel] [PATCH 7/7] coroutine-x86: add CET shadow stack support, Richard Henderson, 2019/03/13
    - Re: [Qemu-devel] [PATCH 7/7] coroutine-x86: add CET shadow stack support, Paolo Bonzini, 2019/03/14
- [Qemu-devel] [PATCH 4/7] tcg: add tcg_out_start, Paolo Bonzini, 2019/03/13
  - Re: [Qemu-devel] [PATCH 4/7] tcg: add tcg_out_start, Richard Henderson, 2019/03/13
- [Qemu-devel] [PATCH 6/7] linux-user: add IBT support to x86 safe-syscall.S, Paolo Bonzini, 2019/03/13
  - Re: [Qemu-devel] [PATCH 6/7] linux-user: add IBT support to x86 safe-syscall.S, Richard Henderson, 2019/03/13
    - Re: [Qemu-devel] [PATCH 6/7] linux-user: add IBT support to x86 safe-syscall.S, Paolo Bonzini, 2019/03/14

Prev by Date: [Qemu-devel] [PATCH for-4.0 2/2] tests/.gitignore: ignore test-qapi-emit-events.[ch] for in-tree builds
Next by Date: Re: [Qemu-devel] [PATCH] Re-evaluate SVE vector length everytime ADDVL is executed
Previous by thread: Re: [Qemu-devel] [PATCH 3/7] configure: add CET support
Next by thread: Re: [Qemu-devel] [PATCH 3/7] configure: add CET support
Index(es):
- Date
- Thread