| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Apr 2022 15:50:13 -0700
From: Joao Moreira <joao@...rdrivepizza.com>
To: Kees Cook <keescook@...omium.org>
Cc: linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org,
peterz@...radead.org, jpoimboe@...hat.com,
andrew.cooper3@...rix.com, samitolvanen@...gle.com,
mark.rutland@....com, hjl.tools@...il.com,
alyssa.milburn@...ux.intel.com, ndesaulniers@...gle.com,
gabriel.gomes@...ux.intel.com, rick.p.edgecombe@...el.com
Subject: Re: [RFC PATCH 00/11] Kernel FineIBT Support
> I think it'd be good to get kCFI landed in Clang first (since it is
> effectively architecture agnostic), and then get FineIBT landed. But
> that doesn't mean we can't be working on the kernel side of things at
> the same time.
FWIIW, I'm effectively taking some time away from work for the next 3
months. I'll be around to answer this and that, help reviewing KCFI and
maybe send small fixes around, but I'm not planning to land FineIBT in
clang anytime before that (specially now that I have a direction to look
into the linker approach as per the other thread e-mails). This should
give KCFI the time it needs to squeeze in.
>
> And just thinking generally, for other architecture-specific stuff,
> I do wonder what an arm64 PAC-based CFI might look like. I prefer
> things
> be hard-coded as kCFI is doing, but it'd be nice to be able to directly
> measure performance and size overheads comparing the various methods.
There are other important bullets to this list, I think, like power
consumption, robustness and collateral gains (like IBT's side-channel
hardening). But yeah, this is probably a good list to keep in mind for
us to discuss during plumbers :)
Powered by blists - more mailing lists