Re: Enabling branch protection on amd64 and arm64
On Tue, 25 Oct 2022 at 15:34:26 +0100, Wookey wrote:
> These are hardware features (new instructions) that 'tag' pointers and
> branch targets to make it much harder for malicious code to implement
> ROP (return oriented programming) and JOP (Jump oriented programming)
> attacks.
>
> They have been implemented on both architectures in such a way that
> they can be generally enabled and are simply ignored on hardware that
> doesn't support them (the new instructions are in the NOP space).
Does this have the same restrictions as CET, which gcc briefly enabled
on x86 by default, but had to roll back[1] and later enable on a smaller
subset of architectures[2], because the new instructions are only NOPs
on x86_64 and modern i386, and are non-baseline (illegal instruction)
on older or more-embedded i386 like the ones in our current i386 baseline?
If yes, we'll have to be careful to only enable this on architectures
where our baseline allows it. IIRC, Geode and VIA CPUs are the ones that
usually cause trouble for i386.
Of course, raising the i386 baseline would mitigate or solve that, at the
cost of dropping support for some CPUs.
[1] https://tracker.debian.org/news/1254900/accepted-gcc-11-1120-4-source-into-unstable/
[2] https://tracker.debian.org/news/1256872/accepted-gcc-11-1120-5-source-into-unstable/
smcv
Reply to: