Hi Richard, [expanding CC to include others who may be interested in this]
On Fri, Dec 14, 2018 at 04:57:02PM -0600, Richard Henderson wrote: > This seems like a tricky extension to deploy to the operating system. > > What is the proposed interface for setting GP on application pages? There are > several things that seem plausible to me, and I wondered how far planning has > gotten. I've not seen anything set in stone yet, so I think this is all still up for grabs. Ramana? > An mmap/mprotect flag? I'm not aware of any precedent for arch-specific mmap/mprotect flags, but it looks like PowerPC adds its own PROT bit for "Strong Access Ordering" so something similar might be do-able for GP on arm64. However, if we anticipate that pages are either GP or !GP for the lifetime of the mapping, I think your suggestions below relating to encoding this in the ELF make more sense. > An ELF program header PT_ARM_BTI (a-la PT_GNU_RELRO) to direct the loader to > set said flag when mapping binaries? Or equivalently, a PF_MASKOS bit that > could be set on the normal PT_LOAD header. > > An ELF section flag set by the compiler for sections that use -mbti, which are > then collected into the PT_GNU_BTI segment by the linker? > > That seems like the most plausible way to indicate on a per-binary basis that > it has been compiled with the BTI hints in place. But probably there are > other > ways that make an equal amount of sense. > > Is there any coordination going on with Intel wrt their similar gadget > protection scheme(s)? I'm not familiar with that. Are there patches out for review? Will _______________________________________________ linaro-toolchain mailing list linaro-toolchain@lists.linaro.org https://lists.linaro.org/mailman/listinfo/linaro-toolchain