[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZcxFJByUgJs500ko@voyager>
Date: Wed, 14 Feb 2024 05:44:20 +0100
From: Markus Wichmann <nullplan@....net>
To: musl@...ts.openwall.com
Cc: enh <enh@...gle.com>
Subject: Re: PAC/BTI Support on aarch64
Am Tue, Feb 13, 2024 at 09:19:25PM -0500 schrieb Rich Felker:
> What is the situation on x86? Does it use the same kind of per-page
> enforcement mode, or is it only global, requiring disabling it if any
> DSO lacks support? Is the endbr64 opcode a guaranteed-safe nop on
> older ISA levels, or does it need to be conditional?
>
My, what a journey. I had a look around the Internet for this question
and kept finding contradictory results. Turns out that is because, as
per kernel documentation, Linux only supports *kernel* IBT. The only
part of CET it supports for userspace is shadow stacks. Unless the
kernel docs are not up-to-date, of course.
According to Intel, the ENDBR64 instruction decodes as NOP on older
processors. GCC has support for emiting it, but at this point in time it
appears to be useless outside of Linux itself.
Ciao,
Markus
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
