-fcf-protection default on x86-64 (also for -fhardened)

public inbox for gcc@gcc.gnu.org
 help / color / mirror / Atom feed

From: Florian Weimer <fweimer@redhat.com>
To: gcc@gcc.gnu.org
Subject: -fcf-protection default on x86-64 (also for -fhardened)
Date: Tue, 12 Dec 2023 13:16:57 +0100	[thread overview]
Message-ID: <87fs07k43q.fsf@oldenburg.str.redhat.com> (raw)

Currently, -fcf-protection defaults to both shadow stack and indirect
branch tracking (IBT) on x86_64-linux-gnu, and -fhardened follows that.
I think it should only enable shadow stack at this point.

I'm not sure if this is a good idea because there will likely be no
userspace support for IBT when GCC 14 releases, so these binaries will
not be tested.  They will carry markup that indicates compatibility with
IBT, though.  If there turns out to be a problem, we'd have to revision
the markup and disable IBT for all existing binaries (because we don't
know which ones have the toolchain fix applied).

I think we can keep the shadow stack markup because there will be ways
to test for compatibility fairly soon.  The risk is also fairly reduced
for shadow stack because there are no code generation changes in generic
code, while for IBT every function that has their address taken needs a
different prologue.

As far as I understand it, there won't be any i386 GNU/Linux support for
shadow stacks, so -fhardened shouldn't enable it on that target.
Furthermore, ENDBR32 is incompatible with the i386 baseline ISA because
it's a long NOP.

Thanks,
Florian

                 reply	other threads:[~2023-12-12 12:17 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87fs07k43q.fsf@oldenburg.str.redhat.com \
    --to=fweimer@redhat.com \
    --cc=gcc@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).