From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) by c5ff346549e7 (Postfix) with ESMTP id 4EAA15D5 for ; Thu, 25 Jul 2019 14:28:33 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.64,307,1559512800"; d="scan'208";a="393309017" Received: from sympa.inria.fr ([193.51.193.213]) by mail2-relais-roc.national.inria.fr with ESMTP; 25 Jul 2019 16:28:30 +0200 Received: by sympa.inria.fr (Postfix, from userid 20132) id BB5C882716; Thu, 25 Jul 2019 16:28:29 +0200 (CEST) Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) by sympa.inria.fr (Postfix) with ESMTPS id E04F282718 for ; Thu, 25 Jul 2019 16:28:23 +0200 (CEST) Authentication-Results: mail3-smtp-sop.national.inria.fr; spf=None smtp.pra=rich@annexia.org; spf=Pass smtp.mailfrom=rich@annexia.org; spf=Pass smtp.helo=postmaster@annexia.org IronPort-PHdr: =?us-ascii?q?9a23=3AGPESyh+9WNXN5P9uRHKM819IXTAuvvDOBiVQ1KB4?= =?us-ascii?q?0OkcTK2v8tzYMVDF4r011RmVBN+du6gP1LGempujcFRI2YyGvnEGfc4EfD4+ou?= =?us-ascii?q?JSoTYdBtWYA1bwNv/gYn9yNs1DUFh44yPzahANS47xaFLIv3K98yMZFAnhOgpp?= =?us-ascii?q?POT1HZPZg9iq2+yo9JDffhtEiCC+bL9sIxm7rwvcvdQKjIV/Lao81gHHqWZSde?= =?us-ascii?q?RMwmNoK1OTnxLi6cq14ZVu7Sdete8/+sBZSan1cLg2QrJeDDQ9LmA6/9brugXZ?= =?us-ascii?q?TQuO/XQTTGMbmQdVDgff7RH6WpDxsjbmtud4xSKXM9H6QawyVD+/6apgVR3mhz?= =?us-ascii?q?odNzMh/m/ZitJ+gr9Yrh2uuxNw3oDbbZqJNPZiZK7RYc8WSHBfUstXSidPApm8?= =?us-ascii?q?b4wKD+cZM+pWs4j9qEcOrRSkHwmjGf7kxT9SinHxx6ExzuAvEQbA3AM+BNICvm?= =?us-ascii?q?nfodLvNKcTTe+1zLLFwi/Fb/NQxzj854nIfQo7rfGLR7JwftPcxE8yHA3LiVWQ?= =?us-ascii?q?rJbqPzKT1ukVsmib6fZgWvyri2I9tw5xpT2vyt8oiojHgIIZ0FbE+jtlwIszON?= =?us-ascii?q?a2S1Z7bManHZdMrS2XNoh7TtkmTm11oio2178LtJ+9cSMX0poo3QTfZOaCc4WQ?= =?us-ascii?q?4hLsSuKRITBgiX1/frK/gQi98EehyuLmTMW010xKriVdntnNsHACyQDT59CER/?= =?us-ascii?q?dh5Eus2DWC2xrX5+1ZO0w4iKjWJp85zr41jJUTsEDDHiHsmEXxia+bbl8k+um0?= =?us-ascii?q?5OTnebjpvJmcN4lqhQDxM6QhgNazAeMiMggBR2Sb4/iz1KX//U3lR7VHluE5nb?= =?us-ascii?q?PcsJDePMgboq+5AxRJ0os48Ba+DzKm0MwCknUdLVJFfgiHj4nzNF3ULvD4F6T3?= =?us-ascii?q?v1P5mz5uw7XCP6b9KpTLNHnK1rn7Lphn7EsJgjAyxtBW/Z4cNfckZrrRXUn8r5?= =?us-ascii?q?aQWgU4OAycyuDhBcV838UZQ23ZUfzRC7/brVLdvrFnGOKLfoJA4G+sechg3Obn?= =?us-ascii?q?iDoCoXFYeKCo2ZUNb3XhRaZvJUOUcXvlxNAbHjVT51dsfKnRkFSHFAVrSTOyUq?= =?us-ascii?q?Y7v2ppAYSgAJfCT8aqmrPThX7nTK0TXXhPDxW3KVmtb5+NAqxeYSSUL99gm3oD?= =?us-ascii?q?T7fzE4I=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0D3CwBmuzldZLBbRFBmghmCF21RMyqVM?= =?us-ascii?q?k0BAQEBAQEGnDEJAQMBDCcFAQIBAYFLgnWCYBwGAQQzBg4BAwEBBAEBAgEDAwE?= =?us-ascii?q?EU4UzDII6IoJzPD88EyEtg1eBdhgLrniEMwELAQYCOwQBQIRyBoE0i2ARBng+S?= =?us-ascii?q?YERgmSDTQECAYIshRYElBqWVwcCAoIaA4ZWhG6IPSeYDJUEkDOBZiGBWX0Igyc?= =?us-ascii?q?fhhSEWYV7QTABgQMBjVYBAQ?= X-IPAS-Result: =?us-ascii?q?A0D3CwBmuzldZLBbRFBmghmCF21RMyqVMk0BAQEBAQEGnDE?= =?us-ascii?q?JAQMBDCcFAQIBAYFLgnWCYBwGAQQzBg4BAwEBBAEBAgEDAwEEU4UzDII6IoJzP?= =?us-ascii?q?D88EyEtg1eBdhgLrniEMwELAQYCOwQBQIRyBoE0i2ARBng+SYERgmSDTQECAYI?= =?us-ascii?q?shRYElBqWVwcCAoIaA4ZWhG6IPSeYDJUEkDOBZiGBWX0IgycfhhSEWYV7QTABg?= =?us-ascii?q?QMBjVYBAQ?= X-IronPort-AV: E=Sophos;i="5.64,307,1559512800"; d="scan'208";a="314706209" X-MGA-submission: =?us-ascii?q?MDHh/Ze6uS/erBgm06b/MxnkZooStQKDv9kjs8?= =?us-ascii?q?k4qASg/ExCSCF971N62/n4jgGAUuqTN3yJMvXTtMyuj4IeNdcswY+0NH?= =?us-ascii?q?qwV59r1/rVPSnx8Zx6Wb/3N+sP4JtPpjw3OzKyBsWDcNgcORYl2GFE7V?= =?us-ascii?q?hgZD1z+eMZpWlAuKUEMbWlPw=3D=3D?= Received: from annexia.org ([80.68.91.176]) by mail3-smtp-sop.national.inria.fr with ESMTP/TLS/AES256-GCM-SHA384; 25 Jul 2019 16:28:23 +0200 Received: from rich by annexia.org with local (Exim 4.89) (envelope-from ) id 1hqejF-0005iu-UJ; Thu, 25 Jul 2019 15:28:21 +0100 Date: Thu, 25 Jul 2019 15:28:21 +0100 From: "Richard W.M. Jones" To: caml-list@inria.fr Cc: nickc@redhat.com Message-ID: <20190725142821.hf524xbdgqcshrei@annexia.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: NeoMutt/20170113 (1.7.2) Subject: [Caml-list] Any plans for supporting Intel CET in OCaml? Reply-To: "Richard W.M. Jones" X-Loop: caml-list@inria.fr X-Sequence: 17707 Errors-to: caml-list-owner@inria.fr Precedence: list Precedence: bulk Sender: caml-list-request@inria.fr X-no-archive: yes List-Id: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: There's an effort to harden every binary in RHEL to protect against ROP-style attacks. Of course this is mainly applicable when your language is vulnerable to buffer overflows, but sadly even our OCaml applications still link to some C libraries :-( I was looking into this and the indirect branch tracking (IBT) part seems simple enough. For every indirect jump or call _target_ you must insert one of the two instructions ENDBR64 or ENDBR32 (both are NOP-like on older processors). The processor sets a flag when an indirect jump is taken and #CP's if the indirect jump doesn't land on one of these instructions. There's also some stuff with shadow stacks which looks a lot more complicated and I didn't fully understand. The whole thing is described in: https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf https://lwn.net/Articles/758245/ Unfortunately (but for obvious reasons) every asm object in a program must be compiled with CET in order to enable the feature for the program as a whole. This means that any mixed OCaml/C program can't benefit from CET even in the C parts, unless we also support this in the OCaml parts. Has anyone looked into supporting this kind of thing in the amd64 backend? (I looked at the OCaml trunk and couldn't see any relevant commits, but maybe I missed something in my grepping). Rich.