From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <caml-list-owner@inria.fr>
Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83])
	by c5ff346549e7 (Postfix) with ESMTPS id E0F0D5D6
	for <caml-list@inbox.ocaml.org>; Wed, 31 Jul 2019 15:21:43 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="5.64,330,1559512800"; 
   d="scan'208,217";a="394020451"
Received: from sympa.inria.fr ([193.51.193.213])
  by mail2-relais-roc.national.inria.fr with ESMTP; 31 Jul 2019 17:21:42 +0200
Received: by sympa.inria.fr (Postfix, from userid 20132)
	id DE84082709; Wed, 31 Jul 2019 17:21:42 +0200 (CEST)
Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104])
	by sympa.inria.fr (Postfix) with ESMTPS id 9EA4E826BB
	for <caml-list@sympa.inria.fr>; Wed, 31 Jul 2019 17:21:37 +0200 (CEST)
Authentication-Results: mail3-smtp-sop.national.inria.fr; spf=None smtp.pra=xavier.leroy@college-de-france.fr; spf=Pass smtp.mailfrom=xavier.leroy@college-de-france.fr; spf=None smtp.helo=postmaster@smtpout01-ext1.partage.renater.fr
X-IronPort-AV: E=Sophos;i="5.64,330,1559512800"; 
   d="scan'208,217";a="315273056"
X-MGA-submission: =?us-ascii?q?MDFu5W0ewd7ZYY0AWBNP8XRl9il8zKeyoB2Uy2?=
 =?us-ascii?q?oC/weKzYDfLNjbs/kWgRGKEVyHGe35asfXuriCspDzcmmYFxVxPglmI/?=
 =?us-ascii?q?dGOdbpT/5m6TURbFWcFuSVBBDvb57ovMXbx5AhEMP7cK3w8xvn+sK1z8?=
 =?us-ascii?q?pFi1wP4fm+ylkqDjf0aB3p+g=3D=3D?=
Received: from smtpout01-ext1.partage.renater.fr ([194.254.240.32])
  by mail3-smtp-sop.national.inria.fr with ESMTP; 31 Jul 2019 17:21:37 +0200
Received: from zmtaauth01.partage.renater.fr (zmtaauth01.partage.renater.fr [194.254.240.25])
	by smtpout10.partage.renater.fr (Postfix) with ESMTP id 024046178A
	for <caml-list@inria.fr>; Wed, 31 Jul 2019 17:21:35 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
	by zmtaauth01.partage.renater.fr (Postfix) with ESMTP id F0D5A1400EF
	for <caml-list@inria.fr>; Wed, 31 Jul 2019 17:21:35 +0200 (CEST)
X-Virus-Scanned: amavisd-new at zmtaauth01.partage.renater.fr
Received: from zmtaauth01.partage.renater.fr ([127.0.0.1])
	by localhost (zmtaauth01.partage.renater.fr [127.0.0.1]) (amavisd-new, port 10026)
	with ESMTP id 7V087t1TbqT4 for <caml-list@inria.fr>;
	Wed, 31 Jul 2019 17:21:35 +0200 (CEST)
Received: from 209.85.217.52 (unknown [194.254.241.251])
	by zmtaauth01.partage.renater.fr (Postfix) with ESMTPA id ADDD21400B5
	for <caml-list@inria.fr>; Wed, 31 Jul 2019 17:21:35 +0200 (CEST)
Received: by mail-vs1-f52.google.com with SMTP id m23so46439739vso.1
        for <caml-list@inria.fr>; Wed, 31 Jul 2019 08:21:35 -0700 (PDT)
X-Gm-Message-State: APjAAAWSCKVPuYr3YWdKgU2wnxr3Aco8XsQVagJojcgB7dNdSrvRQueq
	Mij5tnVz6t7qxoudDuFPkv0gxS+rY1Z1sVm4JgI=
X-Google-Smtp-Source: APXvYqz1nJatMMHICXNjXnwWGEvTBvOYg8KvjaBG7xBoTON0TqixM85JkWXmDFZEOEMtawucognmKkkwsz6Ny6g/qvU=
X-Received: by 2002:a67:eec2:: with SMTP id o2mr16804872vsp.221.1564586494710;
 Wed, 31 Jul 2019 08:21:34 -0700 (PDT)
MIME-Version: 1.0
References: <20190725142821.hf524xbdgqcshrei@annexia.org> <CAH=h3gHMAB61PF2V0BkmZSh52tjPdom_EBN6yzmJPyuv89t1tw@mail.gmail.com>
 <20190731141952.zod7aftusgchoiyq@topoi.pooq.com>
In-Reply-To: <20190731141952.zod7aftusgchoiyq@topoi.pooq.com>
From: Xavier Leroy <xavier.leroy@college-de-france.fr>
Date: Wed, 31 Jul 2019 17:21:08 +0200
X-Gmail-Original-Message-ID: <CAH=h3gG+WyBq2bMb5hzkmOFNF0ibBy2iSg4tqVn8oBRD4cLT=w@mail.gmail.com>
Message-ID: <CAH=h3gG+WyBq2bMb5hzkmOFNF0ibBy2iSg4tqVn8oBRD4cLT=w@mail.gmail.com>
To: Hendrik Boom <hendrik@topoi.pooq.com>
Cc: caml users <caml-list@inria.fr>
Content-Type: multipart/alternative; boundary="0000000000003cdd33058efbae7f"
Subject: Re: [Caml-list] Any plans for supporting Intel CET in OCaml?
Reply-To: Xavier Leroy <xavier.leroy@college-de-france.fr>
X-Loop: caml-list@inria.fr
X-Sequence: 17723
Errors-to: caml-list-owner@inria.fr
Precedence: list
Precedence: bulk
Sender: caml-list-request@inria.fr
X-no-archive: yes
List-Id: <caml-list.inria.fr>
List-Archive: <http://sympa.inria.fr/sympa/arc/caml-list>
List-Help: <mailto:sympa_inria@inria.fr?subject=help>
List-Owner: <mailto:caml-list-request@inria.fr>
List-Post: <mailto:caml-list@inria.fr>
List-Subscribe: <mailto:sympa_inria@inria.fr?subject=subscribe%20caml-list>
List-Unsubscribe: <mailto:sympa_inria@inria.fr?subject=unsubscribe%20caml-list>

--0000000000003cdd33058efbae7f
Content-Type: text/plain; charset="UTF-8"

On Wed, Jul 31, 2019 at 4:20 PM Hendrik Boom <hendrik@topoi.pooq.com> wrote:

>
> There is, of course, also the question what would happen on nonintel or
> older  machines if they don't have those ENDBR64 or ENDBR32
> instructions in the hardware.
>

I read somewhere that those instructions look like no-ops on older
machines.

>
> (Such as, perhaps, an actual AMD-manufactured AMD64?  Like my
> 10-year-old AMD server?)
>
> Do we now have two distinct platforms to support?
>

It could be a configure-time choice.  I wouldn't call that two distinct
platforms, more like two variants of the same platform.

Just speculating here.  All this needs to be discussed and agreed on, of
course.

- Xavier Leroy


> -- hendrik
>
> >
> >
> > >
> > > There's also some stuff with shadow stacks which looks a lot more
> > > complicated and I didn't fully understand.  The whole thing is
> > > described in:
> > >
> > >
> > >
> https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf
> > > https://lwn.net/Articles/758245/
> > >
> > >
> > I don't understand how these shadow stacks are supposed to interact with
> > exception handling, either Caml-style or C++/Java style.
> >
> > Kind regards,
> >
> > - Xavier Leroy
> >
> >
> > > Unfortunately (but for obvious reasons) every asm object in a program
> > > must be compiled with CET in order to enable the feature for the
> > > program as a whole.  This means that any mixed OCaml/C program can't
> > > benefit from CET even in the C parts, unless we also support this in
> > > the OCaml parts.
> > >
> > > Has anyone looked into supporting this kind of thing in the amd64
> > > backend?
> > >
> > > (I looked at the OCaml trunk and couldn't see any relevant commits,
> > > but maybe I missed something in my grepping).
> > >
> > > Rich.
> > >
>

--0000000000003cdd33058efbae7f
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail=
_attr">On Wed, Jul 31, 2019 at 4:20 PM Hendrik Boom &lt;<a href=3D"mailto:h=
endrik@topoi.pooq.com">hendrik@topoi.pooq.com</a>&gt; wrote:<br></div><bloc=
kquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:=
1px solid rgb(204,204,204);padding-left:1ex"><br>
There is, of course, also the question what would happen on nonintel or <br=
>
older=C2=A0 machines if they don&#39;t have those ENDBR64 or ENDBR32 <br>
instructions in the hardware.<br></blockquote><div><br></div><div>I read so=
mewhere that those instructions look like no-ops on older machines. <br></d=
iv><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;bord=
er-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
(Such as, perhaps, an actual AMD-manufactured AMD64?=C2=A0 Like my <br>
10-year-old AMD server?)<br>
<br>
Do we now have two distinct platforms to support?<br></blockquote><div><br>=
</div><div>It could be a configure-time choice.=C2=A0 I wouldn&#39;t call t=
hat two distinct platforms, more like two variants of the same platform.=C2=
=A0 <br></div><div><br></div><div>Just speculating here.=C2=A0 All this nee=
ds to be discussed and agreed on, of course.<br></div><div><br></div><div>-=
 Xavier Leroy</div><div><br></div><blockquote class=3D"gmail_quote" style=
=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding=
-left:1ex">
<br>
-- hendrik<br>
<br>
&gt; <br>
&gt; <br>
&gt; &gt;<br>
&gt; &gt; There&#39;s also some stuff with shadow stacks which looks a lot =
more<br>
&gt; &gt; complicated and I didn&#39;t fully understand.=C2=A0 The whole th=
ing is<br>
&gt; &gt; described in:<br>
&gt; &gt;<br>
&gt; &gt;<br>
&gt; &gt; <a href=3D"https://software.intel.com/sites/default/files/managed=
/4d/2a/control-flow-enforcement-technology-preview.pdf" rel=3D"noreferrer" =
target=3D"_blank">https://software.intel.com/sites/default/files/managed/4d=
/2a/control-flow-enforcement-technology-preview.pdf</a><br>
&gt; &gt; <a href=3D"https://lwn.net/Articles/758245/" rel=3D"noreferrer" t=
arget=3D"_blank">https://lwn.net/Articles/758245/</a><br>
&gt; &gt;<br>
&gt; &gt;<br>
&gt; I don&#39;t understand how these shadow stacks are supposed to interac=
t with<br>
&gt; exception handling, either Caml-style or C++/Java style.<br>
&gt; <br>
&gt; Kind regards,<br>
&gt; <br>
&gt; - Xavier Leroy<br>
&gt; <br>
&gt; <br>
&gt; &gt; Unfortunately (but for obvious reasons) every asm object in a pro=
gram<br>
&gt; &gt; must be compiled with CET in order to enable the feature for the<=
br>
&gt; &gt; program as a whole.=C2=A0 This means that any mixed OCaml/C progr=
am can&#39;t<br>
&gt; &gt; benefit from CET even in the C parts, unless we also support this=
 in<br>
&gt; &gt; the OCaml parts.<br>
&gt; &gt;<br>
&gt; &gt; Has anyone looked into supporting this kind of thing in the amd64=
<br>
&gt; &gt; backend?<br>
&gt; &gt;<br>
&gt; &gt; (I looked at the OCaml trunk and couldn&#39;t see any relevant co=
mmits,<br>
&gt; &gt; but maybe I missed something in my grepping).<br>
&gt; &gt;<br>
&gt; &gt; Rich.<br>
&gt; &gt;<br>
</blockquote></div></div>

--0000000000003cdd33058efbae7f--