lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 3 Nov 2021 12:32:20 -0700
From:   Andy Lutomirski <>
To:     Peter Zijlstra <>
Cc:     Kees Cook <>,
        Ard Biesheuvel <>,
        Sami Tolvanen <>,
        Mark Rutland <>,
        the arch/x86 maintainers <>,
        Josh Poimboeuf <>,
        Nathan Chancellor <>,
        Nick Desaulniers <>,
        Sedat Dilek <>,
        Steven Rostedt <>,,
        Linux Kernel Mailing List <>,
Subject: Re: [PATCH] static_call,x86: Robustify trampoline patching

On 11/3/21 01:35, Peter Zijlstra wrote:
> On Tue, Nov 02, 2021 at 05:20:05PM -0700, Andy Lutomirski wrote:
>> I think that's a big mistake -- any sane ENDBR-using scheme would
>> really prefer that ENDBR to be right next to the actual function body,
>> and really any scheme would benefit due to better cache locality.
> Agreed, IBT/BTI want the landing pad in front of the actual function.
>> But, more importantly, IMO any sane ENDBR-using scheme wants to
>> generate the indirect stub as part of code gen for the actual
>> function.
> Sorta, I really want to be able to not have a landing pad for functions
> whose address is never taken. At that point it doesn't matter if it gets
> generated along with the function and then stripped/poisoned later, or
> generated later.

Stripping is conceptually straightforward even without LTO.


and the linker learns (using magic function sections?) that, if 
foo.indirect is not referenced, then it should not be generated.  Or a 
very straightforward walk over all the relocations in an object to 
poison the unused .indirect entries could be done.  Making this work 
with DSOs, EXPORT_SYMBOL, etc will be somewhat nontrivial, but not 


Powered by blists - more mailing lists