lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Oct 2022 21:48:42 -0700 From: Joao Moreira <joao@...rdrivepizza.com> To: Peter Zijlstra <peterz@...radead.org> Cc: Kees Cook <keescook@...omium.org>, x86@...nel.org, Sami Tolvanen <samitolvanen@...gle.com>, linux-kernel@...r.kernel.org, Mark Rutland <mark.rutland@....com>, Josh Poimboeuf <jpoimboe@...hat.com> Subject: Re: [PATCH] x86/ibt: Implement FineIBT >> Is it useful to get the compiler to emit 0xcc with >> -fpatchable-function-entry under any circumstance? I can probably >> change >> that quickly if needed/useful. > > Having it emit 0xcc for the bytes in front of the symbol might be > interesting. It would mean a few kernel changes, but nothing too hard. > > That is, -fpatchable-function-entry=N,M gets us N-M bytes in at the > start of the symbol and M bytes in front of it. The N-M bytes at the > start of the function *are* executed and should obviously not become > 0xcc (GCC keeps them 0x90 while LLVM makes them large NOPs). Uhum, all makes sense. I drafted something here: https://github.com/lvwr/llvm-project/commits/joao/int3 Let me know if this works for you or if there is something that should be tweaked, like adding a specific flag and such. This currently emits 0xcc instead of 0x90 for the nops before the function entry symbol for kernel code on x86-64. It seems to be working (see generated snippet below), but let me know otherwise: Generated with -fpatchable-function-entry=10,5 Disassembly of section .text: 0000000000000000 <save_processor_state-0x5>: 0: cc int3 1: cc int3 2: cc int3 3: cc int3 4: cc int3 0000000000000005 <save_processor_state>: 5: 0f 1f 44 00 08 nopl 0x8(%rax,%rax,1) a: 41 57 push %r15 c: 41 56 push %r14 ...
Powered by blists - more mailing lists