* [musl] Intel CET Support
@ 2021-05-25 23:00 Joao Moreira
2021-05-26 0:12 ` Daniel Gutson
2023-09-15 7:45 ` Sören Tempel
0 siblings, 2 replies; 5+ messages in thread
From: Joao Moreira @ 2021-05-25 23:00 UTC (permalink / raw)
To: musl
Hi,
Long ago I sent some patches here to enable CET support within MUSL
(https://www.openwall.com/lists/musl/2020/10/19/3).
These patches were a result from some experiment I have been running
with clang, and to which I needed a suitable library. I understand that
the patches were not in their best shape, and I was a bit busy at the
time so I didn't really push this through.
Either way, I'm now wondering if there is any interest from MUSL to
support CET. If yes, I can start working on an updated patch-set to be
sent here eventually.
Additionally, if the support is of interest, it would also be
interesting to know if MUSL intends to support CET as specified in the
X86-64 ABI (where a single linked DSO without the CET bits set disables
the feature) or if you have something different in mind.
Tks,
Joao.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [musl] Intel CET Support
2021-05-25 23:00 [musl] Intel CET Support Joao Moreira
@ 2021-05-26 0:12 ` Daniel Gutson
2021-05-26 1:07 ` Joao Moreira
2023-09-15 7:45 ` Sören Tempel
1 sibling, 1 reply; 5+ messages in thread
From: Daniel Gutson @ 2021-05-26 0:12 UTC (permalink / raw)
To: musl
[-- Attachment #1: Type: text/plain, Size: 1237 bytes --]
El mar., 25 may. 2021 8:00 p. m., Joao Moreira <joao@overdrivepizza.com>
escribió:
> Hi,
>
> Long ago I sent some patches here to enable CET support within MUSL
> (https://www.openwall.com/lists/musl/2020/10/19/3).
>
Did you intentionally remove the : in the label?
If not, does this assembly without errors? How did you test this?
@@ -49,7 +52,8 @@ feclearexcept:
.global feraiseexcept
.type feraiseexcept,@function
-feraiseexcept:
+feraiseexcept
+ ENDBRANCH32
> These patches were a result from some experiment I have been running
> with clang, and to which I needed a suitable library. I understand that
> the patches were not in their best shape, and I was a bit busy at the
> time so I didn't really push this through.
>
> Either way, I'm now wondering if there is any interest from MUSL to
> support CET. If yes, I can start working on an updated patch-set to be
> sent here eventually.
>
> Additionally, if the support is of interest, it would also be
> interesting to know if MUSL intends to support CET as specified in the
> X86-64 ABI (where a single linked DSO without the CET bits set disables
> the feature) or if you have something different in mind.
>
> Tks,
> Joao.
>
[-- Attachment #2: Type: text/html, Size: 2046 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [musl] Intel CET Support
2021-05-26 0:12 ` Daniel Gutson
@ 2021-05-26 1:07 ` Joao Moreira
0 siblings, 0 replies; 5+ messages in thread
From: Joao Moreira @ 2021-05-26 1:07 UTC (permalink / raw)
To: Daniel Gutson, musl
On 5/25/21 5:12 PM, Daniel Gutson wrote:
>
>
> El mar., 25 may. 2021 8:00 p. m., Joao Moreira <joao@overdrivepizza.com
> <mailto:joao@overdrivepizza.com>> escribió:
>
> Hi,
>
> Long ago I sent some patches here to enable CET support within MUSL
> (https://www.openwall.com/lists/musl/2020/10/19/3
> <https://www.openwall.com/lists/musl/2020/10/19/3>).
>
>
> Did you intentionally remove the : in the label?
> If not, does this assembly without errors? How did you test this?
>
> @@ -49,7 +52,8 @@ feclearexcept:
>
> .global feraiseexcept
> .type feraiseexcept,@function
> -feraiseexcept:
> +feraiseexcept
> + ENDBRANCH32
>
I just checked my local repo and it still has the ":" after the label.
I'm assuming that I accidentally removed it when I was reading/reviewing
the git-generated .patch files in vim before sending it (after these
were compiled and tested).
Thanks for spotting it.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [musl] Intel CET Support
2021-05-25 23:00 [musl] Intel CET Support Joao Moreira
2021-05-26 0:12 ` Daniel Gutson
@ 2023-09-15 7:45 ` Sören Tempel
2023-09-16 19:14 ` Szabolcs Nagy
1 sibling, 1 reply; 5+ messages in thread
From: Sören Tempel @ 2023-09-15 7:45 UTC (permalink / raw)
To: musl; +Cc: joao
Hello,
Has there been any progress on this? On the Alpine side of things, there is
currently an ongoing discussion regarding enabling CET by default, but of course
that would presuppose support for this feature in musl [1]. From the Alpine point
of view, support for CET would certainly be interesting!
Maybe it would also be possible to only implement support for
-cf-protection=return as a first step? If my understanding of CET is correct,
doing so would not require adding endbr instructions to assembler files (these
should only be needed for -cf-protection=branch). As such, this might make the
initial diff a bit easier to review?
Greetings
Sören
[1]: https://gitlab.alpinelinux.org/alpine/tsc/-/issues/64
> Hi,
>
> Long ago I sent some patches here to enable CET support within MUSL
> (https://www.openwall.com/lists/musl/2020/10/19/3).
>
> These patches were a result from some experiment I have been running
> with clang, and to which I needed a suitable library. I understand that
> the patches were not in their best shape, and I was a bit busy at the
> time so I didn't really push this through.
>
> Either way, I'm now wondering if there is any interest from MUSL to
> support CET. If yes, I can start working on an updated patch-set to be
> sent here eventually.
>
> Additionally, if the support is of interest, it would also be
> interesting to know if MUSL intends to support CET as specified in the
> X86-64 ABI (where a single linked DSO without the CET bits set disables
> the feature) or if you have something different in mind.
>
> Tks,
> Joao.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [musl] Intel CET Support
2023-09-15 7:45 ` Sören Tempel
@ 2023-09-16 19:14 ` Szabolcs Nagy
0 siblings, 0 replies; 5+ messages in thread
From: Szabolcs Nagy @ 2023-09-16 19:14 UTC (permalink / raw)
To: Sören Tempel; +Cc: musl, joao
* Sören Tempel <soeren@soeren-tempel.net> [2023-09-15 09:45:41 +0200]:
> Hello,
>
> Has there been any progress on this? On the Alpine side of things, there is
> currently an ongoing discussion regarding enabling CET by default, but of course
> that would presuppose support for this feature in musl [1]. From the Alpine point
> of view, support for CET would certainly be interesting!
>
> Maybe it would also be possible to only implement support for
> -cf-protection=return as a first step? If my understanding of CET is correct,
> doing so would not require adding endbr instructions to assembler files (these
> should only be needed for -cf-protection=branch). As such, this might make the
> initial diff a bit easier to review?
>
> Greetings
> Sören
sounds premature.
..the kernel has no support yet! so what os abi do you target?
the kernel abi design is a mess exactly because binaries got
deployed with broken abi..
the latest on shadow stacks (cf-protection=return) is proposed
for linux next = v6.6 (with a number of compromises that imho
limits its use: makecontext leaks memory, some sigaltstack uses
are broken, no way to handle shadow stack overflow, RLIMIT_DATA,
RLIMIT_AS or strict overcommit users can fail, longjmp across
threads/makecontext is broken (qemu), userspace cannot set shstk
size, some existing unwinders fail to unwind from signal handler,
and it has the usual incompat dlopen problem)
https://lore.kernel.org/lkml/20230830234752.19858-1-dave.hansen@linux.intel.com/
ibt (forward edge, cf-protection=branch) is in the kernel but as
far as i know it has issues in practice due to the binary marking
scheme and because it is all or nothing per process (if any lib
is unmarked then it is disabled which is not suitable for dlopen:
dlopen fails or the security is disabled at runtime). there are
still jop gadgets present after all the endbr mess so the benefit
is unclear and despite the claims that it is widely deployed i
doubt it is widely enabled (so we don't know of all the issues).
i think if we add cf protection then forward and backward should
be added together. musl is not in a hurry, it can wait for a
kernel abi at least.
>
> [1]: https://gitlab.alpinelinux.org/alpine/tsc/-/issues/64
>
> > Hi,
> >
> > Long ago I sent some patches here to enable CET support within MUSL
> > (https://www.openwall.com/lists/musl/2020/10/19/3).
> >
> > These patches were a result from some experiment I have been running
> > with clang, and to which I needed a suitable library. I understand that
> > the patches were not in their best shape, and I was a bit busy at the
> > time so I didn't really push this through.
> >
> > Either way, I'm now wondering if there is any interest from MUSL to
> > support CET. If yes, I can start working on an updated patch-set to be
> > sent here eventually.
> >
> > Additionally, if the support is of interest, it would also be
> > interesting to know if MUSL intends to support CET as specified in the
> > X86-64 ABI (where a single linked DSO without the CET bits set disables
> > the feature) or if you have something different in mind.
> >
> > Tks,
> > Joao.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-09-16 19:15 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-25 23:00 [musl] Intel CET Support Joao Moreira
2021-05-26 0:12 ` Daniel Gutson
2021-05-26 1:07 ` Joao Moreira
2023-09-15 7:45 ` Sören Tempel
2023-09-16 19:14 ` Szabolcs Nagy
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).