Bill Roberts <bill.robe...@arm.com> writes: > Enable Pointer Authentication Codes (PAC) and Branch Target > Identification (BTI) support for ARM 64 targets.
I only have a rough idea of how these security features work, but I have a few suggestions after having a new look at the patch. (These are my opinions as a GMP contributor, I'm not speaking for the rest of the GMP team). 1. Must PAC and BTI be used together, or can support be added as two separate contributions? 2. It's not so nice to need a BTI_C line in every(?) .asm file. Please fold the needed magic inside the PROLOGUE macro. A 900 line patch looks rather intimidating. 3. Tests would help providing some confidence that this works as intended, and keeps working as intended as GMP evolves. Maybe you can get some inspiration from this test in Nettle: https://git.lysator.liu.se/nettle/nettle/-/blob/master/testsuite/x86-ibt-test.c?ref_type=heads A test could verify (i) that an executable linked with GMP gets the properly marks (ELF flags or whatever it is) to have the protections enabled by the kernel, and (ii) that if the executable runs some code violating the PAC/BTI conventions, than it gets the expected kill signal. 4. "Dynamically generated m4" doesn't sound good to me. I would hope this support can be added without adding one more level of preprocessing. I'd prefer either configure tests based on, e.g., predefines set by the compiler. If for some reason it's very difficult to configure automatically in a robust way, then it's probably better to start with only a configure argument for enabling this, and improve on automatic configuration later. Regards, /Niels -- Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677. Internet email is subject to wholesale government surveillance. _______________________________________________ gmp-devel mailing list gmp-devel@gmplib.org https://gmplib.org/mailman/listinfo/gmp-devel
