From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) by c5ff346549e7 (Postfix) with ESMTP id D4B4F5D6 for ; Wed, 31 Jul 2019 14:20:10 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.64,330,1559512800"; d="scan'208";a="394012726" Received: from sympa.inria.fr ([193.51.193.213]) by mail2-relais-roc.national.inria.fr with ESMTP; 31 Jul 2019 16:20:09 +0200 Received: by sympa.inria.fr (Postfix, from userid 20132) id 7EC9D82717; Wed, 31 Jul 2019 16:20:09 +0200 (CEST) Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) by sympa.inria.fr (Postfix) with ESMTPS id C4CF1826BB for ; Wed, 31 Jul 2019 16:19:56 +0200 (CEST) Authentication-Results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=hendrik@topoi.pooq.com; spf=None smtp.mailfrom=hendrik@topoi.pooq.com; spf=None smtp.helo=postmaster@april.topoi.pooq.com IronPort-PHdr: =?us-ascii?q?9a23=3AEl0mXR3rBGSOwpynsmDT+DRfVm0co7zxezQtwd8Z?= =?us-ascii?q?se0QI/ad9pjvdHbS+e9qxAeQG9mCsbQV1qGJ6ejJYi8p2d65qncMcZhBBVcuqP?= =?us-ascii?q?49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tL1LdrWev4jEMBx7xKRR6?= =?us-ascii?q?JvjvGo7Vks+7y/2+94fcbglVmjaxe7d/IRW5oQjTqMUdnJdvJLs2xhbVuHVDZv?= =?us-ascii?q?5YxXlvJVKdnhb84tm/8Zt++ClOuPwv6tBNX7zic6s3UbJXAjImM3so5MLwrhnM?= =?us-ascii?q?URGP5noHXWoIlBdDHhXI4wv7Xpf1tSv6q/Z91SyHNsD4Ubw4RTKv5LptRRT1ii?= =?us-ascii?q?kIKiQ5/XnZhMJwkqxVvRGvpxJwzIHIfY6aNvRxc7jBfd8GX2dNQtpdWjZfDo66?= =?us-ascii?q?coABD/ABPeFdr4TlpVUBsx2+ChS2BOPuyT9Dm2L73ao90+QkDArL2wwgEMwIsH?= =?us-ascii?q?vJttX1NaQSXPupzKnP1TXDaPJW1S3l6IjPdRAhuOuAUq53ccrU0EQiER7OgFuX?= =?us-ascii?q?qYzgJTyV1+INvnCa7+pmSeKglWonpxttrTiow8cgko3Jh4wTylze8yV23po1KN?= =?us-ascii?q?ulQ0B4ed6pCJpduiWAO4drQ84vQ3tktDs0x7Ebo5K3YSYHxZshyhXCcfKIaZKI?= =?us-ascii?q?7QjmVOuJITd3mnZleLWnihmo6Uig0Oz8Vs2u3FZWqSpFit7MtnEX2xzL7ciHTe?= =?us-ascii?q?J98l291jaI0gDf8uBEIUYqmqrHM5Msw7o9moAOvUnCHiL6glj6gaGLekk+5+Sl?= =?us-ascii?q?5evqbq3jppCGNo90jg/+Mr4pmsy6Gek4MhYBX26G9uSm1b3j/lb0QKlNjv0ula?= =?us-ascii?q?nZsYrWJdwcpq6+Gg9ZyJos6xG6Dzu+ytQXgWEHLE5ZeBKAl4XmJ0vBIPX8Dfum?= =?us-ascii?q?h1SskSxrx+zdM736ApTNK2DDn637cbZ87U5c0gszwspF65JaELFSaM70D0T4sd?= =?us-ascii?q?idCh4iLyS1xfzmAZNzzNAwQ2WKV4+UNq/IsFzAzOUoJqHYZIITtCz8KNA54Obp?= =?us-ascii?q?jDkhnlgEO6Ku2M1EOziDAv16LhDBMjLXidAbHDJS51tsfKnRkFSHFAVrSTO3Vq?= =?us-ascii?q?M46Cs8Ddv4X5vEXoesxqSG2z79FZpTNDgfVwK8VEzwfoDBYM8iLSKfJsg7yG4N?= =?us-ascii?q?TaKgT8k90gmptUnizL1+aOHT/39A7M6x5J1O/+TW0CoK23lsFc3EjTORSHlzny?= =?us-ascii?q?UQQDgvmqt4pB4lxw=3D=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0B3AAAnokFd/4aDpUVlHQEBBQEHBQGBV?= =?us-ascii?q?QYBCwGDA3ISKo0aiE6ZA4F7CQEDATMFAQIBAYFLgnUCgmkGBjIHDgEDAQEEAQE?= =?us-ascii?q?CAQMDAWyFHgyCOiKCbwEDAjpPCxgJJQ8dKxmDI4IKD644hDMBCwEGAjsEAUCDI?= =?us-ascii?q?oFCBoE0AYt2gX+BEYJkLj6CYQECAYFJY4UWBJQllmcJghxhhXuEczGIDQwbdJc?= =?us-ascii?q?ilRCSEg0kgVgzGggbFTuCbB+GFIRZhhYmMAGBBQEBjkkBAQ?= X-IPAS-Result: =?us-ascii?q?A0B3AAAnokFd/4aDpUVlHQEBBQEHBQGBVQYBCwGDA3ISKo0?= =?us-ascii?q?aiE6ZA4F7CQEDATMFAQIBAYFLgnUCgmkGBjIHDgEDAQEEAQECAQMDAWyFHgyCO?= =?us-ascii?q?iKCbwEDAjpPCxgJJQ8dKxmDI4IKD644hDMBCwEGAjsEAUCDIoFCBoE0AYt2gX+?= =?us-ascii?q?BEYJkLj6CYQECAYFJY4UWBJQllmcJghxhhXuEczGIDQwbdJcilRCSEg0kgVgzG?= =?us-ascii?q?ggbFTuCbB+GFIRZhhYmMAGBBQEBjkkBAQ?= X-IronPort-AV: E=Sophos;i="5.64,330,1559512800"; d="scan'208";a="394012630" X-MGA-submission: =?us-ascii?q?MDEy3fDMqlCZ53OJQffCGQ3hs76uwvOHxTK7zX?= =?us-ascii?q?iW2uBgB0ywpjl53zOI2iHpHdwzaqENY8Zgt4+bkLkDMnRSeJPkV6UQ02?= =?us-ascii?q?VLe//MHR5miKgXo3Z7MP4PNl9HGUqplcKET50jwkt7D8SYdQqijDA/xC?= =?us-ascii?q?7UOqHcz8sRWc38wz+E2vld0g=3D=3D?= Received: from topoi.pooq.com (HELO april.topoi.pooq.com) ([69.165.131.134]) by mail2-smtp-roc.national.inria.fr with ESMTP; 31 Jul 2019 16:19:55 +0200 Received: by april.topoi.pooq.com (Postfix, from userid 1001) id 2ABC3C225F; Wed, 31 Jul 2019 10:19:53 -0400 (EDT) Date: Wed, 31 Jul 2019 10:19:53 -0400 From: Hendrik Boom To: caml-list@inria.fr Message-ID: <20190731141952.zod7aftusgchoiyq@topoi.pooq.com> References: <20190725142821.hf524xbdgqcshrei@annexia.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170113 (1.7.2) Subject: Re: [Caml-list] Any plans for supporting Intel CET in OCaml? Reply-To: Hendrik Boom X-Loop: caml-list@inria.fr X-Sequence: 17722 Errors-to: caml-list-owner@inria.fr Precedence: list Precedence: bulk Sender: caml-list-request@inria.fr X-no-archive: yes List-Id: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Wed, Jul 31, 2019 at 02:05:26PM +0200, Xavier Leroy wrote: > On Thu, Jul 25, 2019 at 4:28 PM Richard W.M. Jones wrote: > > > There's an effort to harden every binary in RHEL to protect against > > ROP-style attacks. Of course this is mainly applicable when your > > language is vulnerable to buffer overflows, but sadly even our OCaml > > applications still link to some C libraries :-( > > > > I was looking into this and the indirect branch tracking (IBT) part > > seems simple enough. For every indirect jump or call _target_ you > > must insert one of the two instructions ENDBR64 or ENDBR32 (both are > > NOP-like on older processors). The processor sets a flag when an > > indirect jump is taken and #CP's if the indirect jump doesn't land on > > one of these instructions. > > > > Sounds like it should be easy to add to the OCaml x86-64 back-end. There is, of course, also the question what would happen on nonintel or older machines if they don't have those ENDBR64 or ENDBR32 instructions in the hardware. (Such as, perhaps, an actual AMD-manufactured AMD64? Like my 10-year-old AMD server?) Do we now have two distinct platforms to support? -- hendrik > > > > > > There's also some stuff with shadow stacks which looks a lot more > > complicated and I didn't fully understand. The whole thing is > > described in: > > > > > > https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf > > https://lwn.net/Articles/758245/ > > > > > I don't understand how these shadow stacks are supposed to interact with > exception handling, either Caml-style or C++/Java style. > > Kind regards, > > - Xavier Leroy > > > > Unfortunately (but for obvious reasons) every asm object in a program > > must be compiled with CET in order to enable the feature for the > > program as a whole. This means that any mixed OCaml/C program can't > > benefit from CET even in the C parts, unless we also support this in > > the OCaml parts. > > > > Has anyone looked into supporting this kind of thing in the amd64 > > backend? > > > > (I looked at the OCaml trunk and couldn't see any relevant commits, > > but maybe I missed something in my grepping). > > > > Rich. > >