From: Peter Zijlstra <peterz@infradead.org>
To: Alexander Lobakin <alexandr.lobakin@intel.com>
Cc: linux-hardening@vger.kernel.org, x86@kernel.org,
Borislav Petkov <bp@alien8.de>,
Jesse Brandeburg <jesse.brandeburg@intel.com>,
Kristen Carlson Accardi <kristen@linux.intel.com>,
Kees Cook <keescook@chromium.org>,
Miklos Szeredi <miklos@szeredi.hu>,
Ard Biesheuvel <ardb@kernel.org>, Tony Luck <tony.luck@intel.com>,
Bruce Schlobohm <bruce.schlobohm@intel.com>,
Jessica Yu <jeyu@kernel.org>, kernel test robot <lkp@intel.com>,
Miroslav Benes <mbenes@suse.cz>,
Evgenii Shatokhin <eshatokhin@virtuozzo.com>,
Jonathan Corbet <corbet@lwn.net>,
Masahiro Yamada <masahiroy@kernel.org>,
Michal Marek <michal.lkml@markovi.net>,
Nick Desaulniers <ndesaulniers@google.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Thomas Gleixner <tglx@linutronix.de>,
Will Deacon <will@kernel.org>, Ingo Molnar <mingo@redhat.com>,
Christoph Hellwig <hch@lst.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Nathan Chancellor <nathan@kernel.org>,
Masami Hiramatsu <mhiramat@kernel.org>,
Marios Pomonis <pomonis@google.com>,
Sami Tolvanen <samitolvanen@google.com>,
"H.J. Lu" <hjl.tools@gmail.com>, Nicolas Pitre <nico@fluxnic.net>,
linux-kernel@vger.kernel.org, linux-kbuild@vger.kernel.org,
linux-arch@vger.kernel.org, live-patching@vger.kernel.org,
llvm@lists.linux.dev
Subject: Re: [PATCH v10 10/15] FG-KASLR: use a scripted approach to handle .text.* sections
Date: Mon, 14 Feb 2022 12:59:35 +0100 [thread overview]
Message-ID: <YgpEJ7BmuYtHkayT@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <20220214113434.5256-1-alexandr.lobakin@intel.com>
On Mon, Feb 14, 2022 at 12:34:34PM +0100, Alexander Lobakin wrote:
> Re "won't do" -- sorry for trying to hijack this thread a bit, but
> did I miss something? The last comments I've read were that LLVM
> tools need to change their approach for CFI on x86, and Sami went
> redo it, but I can't recall any "life-time" nacks.
Won't as in the lclang-cfi as it exists today. And I've understood that
this CFI model is a keeper. It is true that Sami has been working on an
alternative KCFI, but the little I can make of this proposal, it
still needs serious work. Also see here:
https://lkml.kernel.org/r/20220211133803.GV23216@worktop.programming.kicks-ass.net
Specifically, I object to the existence of any __*cfi_check_fail symbol
on the grounds that it will bloat the code (and makes thinking about the
whole speculation angle more painful than it needs to be).
next prev parent reply other threads:[~2022-02-14 12:00 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-09 18:57 [PATCH v10 00/15] Function Granular KASLR Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 01/15] modpost: fix removing numeric suffixes Alexander Lobakin
2022-05-03 0:57 ` Masahiro Yamada
2022-05-03 7:31 ` Petr Mladek
2022-05-23 18:04 ` Masahiro Yamada
2022-05-24 11:33 ` Alexander Lobakin
2022-05-24 13:40 ` Masahiro Yamada
2022-02-09 18:57 ` [PATCH v10 02/15] livepatch: avoid position-based search if `-z unique-symbol` is available Alexander Lobakin
2022-02-11 17:41 ` Josh Poimboeuf
2022-02-11 18:05 ` Fāng-ruì Sòng
2022-02-11 18:35 ` Josh Poimboeuf
2022-02-14 12:24 ` Alexander Lobakin
2022-02-14 18:10 ` Josh Poimboeuf
2022-02-16 20:32 ` Joe Lawrence
2022-02-16 22:13 ` Josh Poimboeuf
2022-02-16 15:15 ` Miroslav Benes
2022-02-16 20:01 ` Josh Poimboeuf
2022-02-18 16:31 ` Alexander Lobakin
2022-02-18 20:08 ` Josh Poimboeuf
2022-02-14 12:14 ` Alexander Lobakin
2022-02-14 18:57 ` Josh Poimboeuf
2022-02-16 15:06 ` Miroslav Benes
2022-02-16 19:57 ` Josh Poimboeuf
2022-02-17 7:45 ` Miroslav Benes
2022-02-09 18:57 ` [PATCH v10 03/15] kallsyms: randomize /proc/kallsyms output order Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 04/15] arch: introduce asm function sections Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 05/15] x86: support " Alexander Lobakin
2022-02-11 15:45 ` Peter Zijlstra
2022-02-14 11:49 ` Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 06/15] x86: decouple ORC table sorting into a separate file Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 07/15] Makefile: add config options and build scripts for FG-KASLR Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 08/15] x86/tools: Add relative relocs for randomized functions Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 09/15] x86: Add support for function granular KASLR Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 10/15] FG-KASLR: use a scripted approach to handle .text.* sections Alexander Lobakin
2022-02-11 15:37 ` Peter Zijlstra
2022-02-14 11:34 ` Alexander Lobakin
2022-02-14 11:59 ` Peter Zijlstra [this message]
2022-02-14 12:30 ` Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 11/15] x86/boot: allow FG-KASLR to be selected Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 12/15] module: add arch-indep FG-KASLR for randomizing function layout Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 13/15] module: use a scripted approach for FG-KASLR Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 14/15] Documentation: add documentation " Alexander Lobakin
2022-02-09 18:57 ` [PATCH v10 15/15] maintainers: add MAINTAINERS entry " Alexander Lobakin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YgpEJ7BmuYtHkayT@hirez.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=alexandr.lobakin@intel.com \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=bruce.schlobohm@intel.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=eshatokhin@virtuozzo.com \
--cc=hch@lst.de \
--cc=herbert@gondor.apana.org.au \
--cc=hjl.tools@gmail.com \
--cc=hpa@zytor.com \
--cc=jesse.brandeburg@intel.com \
--cc=jeyu@kernel.org \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=kristen@linux.intel.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=lkp@intel.com \
--cc=llvm@lists.linux.dev \
--cc=luto@kernel.org \
--cc=masahiroy@kernel.org \
--cc=mbenes@suse.cz \
--cc=mhiramat@kernel.org \
--cc=michal.lkml@markovi.net \
--cc=miklos@szeredi.hu \
--cc=mingo@redhat.com \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=nico@fluxnic.net \
--cc=pomonis@google.com \
--cc=samitolvanen@google.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).