Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp1706207pxb; Wed, 9 Feb 2022 02:43:13 -0800 (PST) X-Google-Smtp-Source: ABdhPJz+ym9OwYZOpddE5qFWV8VOcmMdAq3enosX22ynYpPNyfaU4xYizoY+/JLq0dOVoqn92Brc X-Received: by 2002:a05:6a00:80d:: with SMTP id m13mr1683737pfk.63.1644403393665; Wed, 09 Feb 2022 02:43:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644403393; cv=none; d=google.com; s=arc-20160816; b=ItRPE+34B08vGdh17g/o4zkhplo8UrJficBk2HStssNOdLL6/YqleYBQTBPvZJdPuX 75JG3tezBmH6cEOUH1hMSpNCEn7/8TtXGRV00d759+xycubKmay99FlrJvejG9IAd715 h7vhpnnOR8kCqd66Ce3tGjKfvZ2eNFJgK9lmbwuhrsgjbJFvyjHdGQ0h65s08jQsZMmv jbjs71gFv/NOe0n/n+A/jjMG+PwgOzG7EZihc9oXlQ63nqDV2EdmEr8k0phYpERQyI2k VamaQa8oQFlOE0KviaPVVz9KEFyZlpXKiy09Togvr0yJ7AS4voTyNKlWvcVD6ITOh3Bt jiTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:message-id:references :in-reply-to:subject:cc:to:from:date:mime-version; bh=8PKrHAtdXC5/fUt/AZQVTwQNGgeo/PKTaca1LVy/4B0=; b=wmG9fOpJ/DGBcmQDHal3dUdLrguETWdTi370ccOlf8TB4BQ/FrGpQvdMSoI2LXTP9p qEMQ1ZDtJ6uet70y4xBQcKlZfGVV9m2p9QIeCqF1cwk0keB8dJWYzTy+6r1KGj3o1A3q MaSQi/X4ETspfmd3po7BHziNXm9/0o3cracKt2cvmu5bIUNNYvaumF6B4VDpdRMx8pGW VJ+3AIO0OFEs1hKiTYcQuzh1kAxhw6eADoXNoG6/Xyzu2sPcFmTVPW4eQNKeXJCGPlIN qdt4+JS2drsV4kHBBbgzngXt6p7jbaK4A5daJ+WnSihqXFoDRxcRQNN7nX4gCmE0ocvg xFvA== ARC-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id t64si6553543pgd.755.2022.02.09.02.43.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Feb 2022 02:43:13 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 787D8E0B0554; Wed, 9 Feb 2022 01:25:11 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229753AbiBICpK (ORCPT + 99 others); Tue, 8 Feb 2022 21:45:10 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41064 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S245355AbiBICdK (ORCPT ); Tue, 8 Feb 2022 21:33:10 -0500 X-Greylist: delayed 710 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Tue, 08 Feb 2022 18:33:09 PST Received: from mslow1.mail.gandi.net (mslow1.mail.gandi.net [217.70.178.240]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9AEF4C0613CC for ; Tue, 8 Feb 2022 18:33:09 -0800 (PST) Received: from relay12.mail.gandi.net (unknown [IPv6:2001:4b98:dc4:8::232]) by mslow1.mail.gandi.net (Postfix) with ESMTP id F1FB4C6BCA for ; Wed, 9 Feb 2022 02:21:21 +0000 (UTC) Received: (Authenticated sender: joao@overdrivepizza.com) by relay12.mail.gandi.net (Postfix) with ESMTPA id 64ADD200002; Wed, 9 Feb 2022 02:21:16 +0000 (UTC) MIME-Version: 1.0 Date: Tue, 08 Feb 2022 18:21:16 -0800 From: Joao Moreira To: Kees Cook Cc: Peter Zijlstra , x86@kernel.org, hjl.tools@gmail.com, jpoimboe@redhat.com, andrew.cooper3@citrix.com, linux-kernel@vger.kernel.org, ndesaulniers@google.com, samitolvanen@google.com Subject: Re: [RFC][PATCH 6/6] objtool: Add IBT validation / fixups In-Reply-To: <202202081541.900F9E1B@keescook> References: <20211122170301.764232470@infradead.org> <20211122170805.338489412@infradead.org> <6ebb0ab131c522f20c094294d49091fc@overdrivepizza.com> <202202081541.900F9E1B@keescook> Message-ID: X-Sender: joao@overdrivepizza.com Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE, SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org >> Note: This feature was already submitted for upstreaming with the >> llvm-project: https://reviews.llvm.org/D116070 > > Ah nice; I see this has been committed now. Yes, but then some front-end changes also required this fix https://reviews.llvm.org/D118052, which is currently under review (posting this here in case someone is trying this out). > > Given that IBT will need to work with both Clang and gcc, I suspect the > objtool approach will still end up needing to do all the verification. > > (And as you say, it has limited visibility into assembly.) Agreed that at this point objtool provides more coverage. Yet, besides being an attempt to relief objtool and improve a bit the compiler support as mentioned in the series cover letter, it is still nice to reduce the left-over nops and fixups which end-up scattered all around. FWIIW, https://reviews.llvm.org/D118438 and https://reviews.llvm.org/D118355 are also being cooked. Comments and ideas for new approaches or improvements in the compiler support for this are very welcome :) Tks, Joao