Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp873681pxb; Fri, 22 Apr 2022 13:09:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxwRwj0T/F7ZGdGiD1cWAmMM+0VDJa7PyJl1zEzmep6iU/gzqJJPtLjl4XhAns0bYuZ2gv0 X-Received: by 2002:a17:90a:5904:b0:1d8:5752:12f5 with SMTP id k4-20020a17090a590400b001d8575212f5mr4425804pji.182.1650658148482; Fri, 22 Apr 2022 13:09:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1650658148; cv=none; d=google.com; s=arc-20160816; b=X8BL8MG1+lpQAS097l+qxf+hOkZW5LvK9uKGaYk2JZ+ixqTjysBrSXT8b6mpe4+PfD Vyk7ytEsFA4yY0zpagMstt7uArfuKgrVS1hr+vjtbrzytzTCLX/ZKE7AuBola/ZsS08/ wijgOW7INAxT5rCU4533bS8C6mW8Dv4W47whBo5qjXwo/nzj+MWnTJz78u2orRyG3COr eiFsSMZbArvaxZDVIlD8aa/oktWe6U7+o/qebvWkwsRHiBgL/lT5CowEKyUN0tYdiv6Y FUmY9o2wIVEtFZYBmCfp2IIBDiYJ/aUEb2jKiWnUf2GN0mZKKS935ZlgCGP5Cx3hMRrs vuNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:message-id:references :in-reply-to:subject:cc:to:from:date:mime-version; bh=rp0C41FmR4doxYiKcxlcIulOyypqk0kMiXbbAABV5yE=; b=RUM8Ph43PXOK6XNghNyZbOzUiNem40s3+RHN9paFiXpEV+SwmrYSmq5gtj18vwBn2t fSBqFjPlxOxRaIoBmfl2xPLFy9hHku/pS4SKCr7Z9W4TWNKlomuiIvOjlBn+iyiNhJdY KptbdVc/yNnHR+AWec8cZITIF7Lpq59mdwhVcuguPGG18Q2JZDHqBcai0Lw0TWXKBg+r /waa3oXWq4Thg1xGy29qOTKSB85xuls2gA2H0qXU1XedJ0JcAlmFnZ2m3nRnioA/EHro IqiCS+V/fOQuHTzKu2NcZnsWVTXqaLa1phg9oYCjKQ6fxUPrJUXHJIzOV65RS03a5g3Y R5DQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id 207-20020a6300d8000000b003aa6499d885si9408801pga.755.2022.04.22.13.09.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Apr 2022 13:09:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 9330E181694; Fri, 22 Apr 2022 12:05:12 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1383003AbiDTWxI (ORCPT + 99 others); Wed, 20 Apr 2022 18:53:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40024 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1356355AbiDTWxF (ORCPT ); Wed, 20 Apr 2022 18:53:05 -0400 Received: from relay3-d.mail.gandi.net (relay3-d.mail.gandi.net [IPv6:2001:4b98:dc4:8::223]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 244EE140EE; Wed, 20 Apr 2022 15:50:17 -0700 (PDT) Received: (Authenticated sender: joao@overdrivepizza.com) by mail.gandi.net (Postfix) with ESMTPA id BD6BD60003; Wed, 20 Apr 2022 22:50:13 +0000 (UTC) MIME-Version: 1.0 Date: Wed, 20 Apr 2022 15:50:13 -0700 From: Joao Moreira To: Kees Cook Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, peterz@infradead.org, jpoimboe@redhat.com, andrew.cooper3@citrix.com, samitolvanen@google.com, mark.rutland@arm.com, hjl.tools@gmail.com, alyssa.milburn@linux.intel.com, ndesaulniers@google.com, gabriel.gomes@linux.intel.com, rick.p.edgecombe@intel.com Subject: Re: [RFC PATCH 00/11] Kernel FineIBT Support In-Reply-To: <202204191937.2720E7E@keescook> References: <20220420004241.2093-1-joao@overdrivepizza.com> <202204191937.2720E7E@keescook> Message-ID: <94c61936a0fd339430ef24dcaded759f@overdrivepizza.com> X-Sender: joao@overdrivepizza.com Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE, SPF_HELO_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > I think it'd be good to get kCFI landed in Clang first (since it is > effectively architecture agnostic), and then get FineIBT landed. But > that doesn't mean we can't be working on the kernel side of things at > the same time. FWIIW, I'm effectively taking some time away from work for the next 3 months. I'll be around to answer this and that, help reviewing KCFI and maybe send small fixes around, but I'm not planning to land FineIBT in clang anytime before that (specially now that I have a direction to look into the linker approach as per the other thread e-mails). This should give KCFI the time it needs to squeeze in. > > And just thinking generally, for other architecture-specific stuff, > I do wonder what an arm64 PAC-based CFI might look like. I prefer > things > be hard-coded as kCFI is doing, but it'd be nice to be able to directly > measure performance and size overheads comparing the various methods. There are other important bullets to this list, I think, like power consumption, robustness and collateral gains (like IBT's side-channel hardening). But yeah, this is probably a good list to keep in mind for us to discuss during plumbers :)