lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 5 May 2022 09:36:22 +0200
From:   Peter Zijlstra <>
To:     Sami Tolvanen <>
Cc:     Peter Collingbourne <>,
        Josh Poimboeuf <>,
        Joao Moreira <>,
        LKML <>,,,
        Kees Cook <>,
        Mark Rutland <>,,,
        Nick Desaulniers <>,,
Subject: Re: [RFC PATCH 01/11] x86: kernel FineIBT

On Wed, May 04, 2022 at 05:28:57PM -0700, Sami Tolvanen wrote:
> On Wed, May 4, 2022 at 11:17 AM Peter Zijlstra <> wrote:
> > __cfi_\sym:                                     __cfi_\sym:
> >                                                         int3; int3                              # 2
> >         endbr                   # 4                     mov     \hash, %eax                     # 5
> >         call    __fineibt_\hash # 5                     int3; int3                              # 2
> > \sym:                                           \sym:
> OK, that looks reasonable to me.
> > It seems to preserve the properties of the last one in that direct calls
> > will already be correct and we don't need linker fixups, and objtool can
> > simply parse the preamble as regular instructions without needing
> > further help.
> Wouldn't objtool still print out unreachable instruction warnings here?

Depends a bit on what kind of symbol they end up being, if they're
STT_FUNC we'll probably get the complaint that it falls through into the
next symbol, while if they're STT_NOTYPE then yes, we'll get the
unreachable thing.

So either way we need to special case the __cfi_\sym things anyway.

But that should be relatively straight forward. I think I would lean
towards making then STT_FUNC (they really are for FineIBT anyway) and
then supressing the fallthrough warning for all functions that start
with "__cfi_". This way we get an ORC entry for them and the unwinder
will be happy.

Powered by blists - more mailing lists