On Mon, 15 Nov 2021 11:54:09 GMT, Andrew Dinn wrote:
> pauth_strip_verifiable
That name works for me.
-
PR: https://git.openjdk.java.net/jdk/pull/6334
On Mon, 15 Nov 2021 11:08:57 GMT, Andrew Haley wrote:
>>>whether this function authenticates or strips the address depends only on
>>>debugging?
>>
>> Yes. We only need to strip the value, because we're not jumping to the lr
>> value, only viewing it.
>>
>> The interface is different to a str
On Mon, 15 Nov 2021 11:30:35 GMT, Andrew Haley wrote:
>> In the original code:
>> *save r0 to the lr location on the stack
>> *restore_live_registers
>> *Standard return: remove stack frame, load lr and fp off the stack, jump to
>> lr.
>>
>> With PAC it would now be:
>> *Sign r0 then save it t
On Mon, 15 Nov 2021 11:21:37 GMT, Alan Hayward wrote:
>> src/hotspot/cpu/aarch64/c1_Runtime1_aarch64.cpp line 452:
>>
>>> 450: // patch the return address, this stub will directly return to the
>>> exception handler
>>> 451: __ str(r0, Address(rfp, 1*BytesPerWord));
>>> 452:
>>
>> Please
On Mon, 15 Nov 2021 10:15:41 GMT, Andrew Haley wrote:
>> Alan Hayward has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains eight commits:
>>
>> - Merge master
>> - Document pauth functions && remove OS split
>> - Update UseROPProtec
On Mon, 15 Nov 2021 10:58:06 GMT, Alan Hayward wrote:
>> src/hotspot/cpu/aarch64/pauth_aarch64.hpp line 132:
>>
>>> 130: // Authenticate or strip a return value. Use for efficiency and only
>>> when the safety of the data
>>> 131: // isn't an issue - for example when viewing the stack.
>>> 132:
On Mon, 15 Nov 2021 10:20:15 GMT, Andrew Haley wrote:
>whether this function authenticates or strips the address depends only on
>debugging?
Yes. We only need to strip the value, because we're not jumping to the lr
value, only viewing it.
The interface is different to a strip (as we need to p
On Wed, 10 Nov 2021 15:01:51 GMT, Alan Hayward wrote:
>> src/hotspot/os_cpu/bsd_aarch64/pauth_bsd_aarch64.inline.hpp line 25:
>>
>>> 23: */
>>> 24:
>>> 25: #ifndef OS_CPU_BSD_AARCH64_PAUTH_BSD_AARCH64_INLINE_HPP
>>
>> Are these two files different enough to separate them for BSD and Linux?
>
On Mon, 15 Nov 2021 09:07:11 GMT, Alan Hayward wrote:
>> PAC is an optional feature in AArch64 8.3 and is compulsory in v9. One
>> of its uses is to protect against ROP based attacks. This is done by
>> signing the Link Register whenever it is stored on the stack, and
>> authenticating the value
On Mon, 15 Nov 2021 09:07:11 GMT, Alan Hayward wrote:
>> PAC is an optional feature in AArch64 8.3 and is compulsory in v9. One
>> of its uses is to protect against ROP based attacks. This is done by
>> signing the Link Register whenever it is stored on the stack, and
>> authenticating the value
On Mon, 15 Nov 2021 09:07:11 GMT, Alan Hayward wrote:
>> PAC is an optional feature in AArch64 8.3 and is compulsory in v9. One
>> of its uses is to protect against ROP based attacks. This is done by
>> signing the Link Register whenever it is stored on the stack, and
>> authenticating the value
On Mon, 15 Nov 2021 09:07:11 GMT, Alan Hayward wrote:
>> PAC is an optional feature in AArch64 8.3 and is compulsory in v9. One
>> of its uses is to protect against ROP based attacks. This is done by
>> signing the Link Register whenever it is stored on the stack, and
>> authenticating the value
On Mon, 15 Nov 2021 09:07:11 GMT, Alan Hayward wrote:
>> PAC is an optional feature in AArch64 8.3 and is compulsory in v9. One
>> of its uses is to protect against ROP based attacks. This is done by
>> signing the Link Register whenever it is stored on the stack, and
>> authenticating the value
> PAC is an optional feature in AArch64 8.3 and is compulsory in v9. One
> of its uses is to protect against ROP based attacks. This is done by
> signing the Link Register whenever it is stored on the stack, and
> authenticating the value when it is loaded back from the stack. If an
> attacker were
14 matches
Mail list logo
