From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 338F4385828E; Thu, 18 Jan 2024 09:06:08 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 338F4385828E DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1705568768; bh=d9oysx4FC9OS1poh2/jnQOYvlgCJ9noQgu9wBXnelPU=; h=From:To:Subject:Date:In-Reply-To:References:From; b=gGPDhrvgEbKpuLON1HexoE6sogshd3T2Nt7IgYfOa9fNYsCU4uT2Ch+w0ivJgSWDR skwFin8/sMkAdH23o0Wn1CMaVja/Ukb6ZF0rZdtBbueIltrrr7yhfs6s+XO6yM69xj Dl4MNwEBjmxZQD5B+MAtYMI68ifUlntYxsmsG2Fs= From: "i at maskray dot me" To: gcc-bugs@gcc.gnu.org Subject: [Bug target/104816] -fcf-protection=branch should generate endbr instead of notrack jumps Date: Thu, 18 Jan 2024 09:06:02 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: target X-Bugzilla-Version: 12.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: enhancement X-Bugzilla-Who: i at maskray dot me X-Bugzilla-Status: WAITING X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D104816 Fangrui Song changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |i at maskray dot me --- Comment #13 from Fangrui Song --- I created https://gcc.gnu.org/pipermail/gcc-patches/2024-January/643303.html before I realized that there is a trade-off between two modes. * (current default, -mno-cet-switch) NOTRACK indirect jump + case handlers without ENDBR, GCC -mno-cet-switch. Vulnerable to unconstrained indirect ju= mp and Branch Target Injection. * (-mcet-switch) tracked indirect jump + case handlers with ENDBR. Increases the number of gadgets. Whether they can be usefully exploited depends on the program. It seems that the majority of the opinions so far are about the concern of NOTRACK, so enabling -mcet-switch by default perhaps still makes sense. -fno-jump-tables isn't a bad choice if users are really concerned about the gadgets...=