* -fcf-protection default on x86-64 (also for -fhardened)
@ 2023-12-12 12:16 Florian Weimer
0 siblings, 0 replies; only message in thread
From: Florian Weimer @ 2023-12-12 12:16 UTC (permalink / raw)
To: gcc
Currently, -fcf-protection defaults to both shadow stack and indirect
branch tracking (IBT) on x86_64-linux-gnu, and -fhardened follows that.
I think it should only enable shadow stack at this point.
I'm not sure if this is a good idea because there will likely be no
userspace support for IBT when GCC 14 releases, so these binaries will
not be tested. They will carry markup that indicates compatibility with
IBT, though. If there turns out to be a problem, we'd have to revision
the markup and disable IBT for all existing binaries (because we don't
know which ones have the toolchain fix applied).
I think we can keep the shadow stack markup because there will be ways
to test for compatibility fairly soon. The risk is also fairly reduced
for shadow stack because there are no code generation changes in generic
code, while for IBT every function that has their address taken needs a
different prologue.
As far as I understand it, there won't be any i386 GNU/Linux support for
shadow stacks, so -fhardened shouldn't enable it on that target.
Furthermore, ENDBR32 is incompatible with the i386 baseline ISA because
it's a long NOP.
Thanks,
Florian
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2023-12-12 12:17 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-12-12 12:16 -fcf-protection default on x86-64 (also for -fhardened) Florian Weimer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).