From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <musl-return-20370-ml=inbox.vuxu.org@lists.openwall.com>
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4
Received: from second.openwall.net (second.openwall.net [193.110.157.125])
	by inbox.vuxu.org (Postfix) with SMTP id CFAE72585E
	for <ml@inbox.vuxu.org>; Wed, 14 Feb 2024 05:44:36 +0100 (CET)
Received: (qmail 20026 invoked by uid 550); 14 Feb 2024 04:41:33 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 19988 invoked from network); 14 Feb 2024 04:41:32 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net;
	s=s31663417; t=1707885861; x=1708490661; i=nullplan@gmx.net;
	bh=e8tRZC7Y4HdBh8i9PwIwiOWjuWzABImfuNJeuR8sric=;
	h=X-UI-Sender-Class:Date:From:To:Cc:Subject:References:
	 In-Reply-To;
	b=aZLpIkqNKovJMwngQjlnWHImoVMPJOuGl2sgkoE5bq5Fm6f8Cc4VkTyMyQgXrhYP
	 Lc5q1bIuhd6e4tcSHoDApRFQ9ZjuKf/czL5bVfy9NKMBDiSzvr4zLAWTnq2bP5h3H
	 z627fLlpR1U68AAruBeFttCvGkbjyo1p3cF7bJFBqfJBctXirQpmAMaXFbGsoSgPa
	 WO7rvh5PEBIC/kLXSP3FVlMB7hxjOpTzFO3BcNjz9izsJFpV1ZQO6oZtIRNOVr4yd
	 YJ9VfvNFBZsZ0pDTZtNZqFiivuORCvXDru7jFxF1m8Kl23iJtJGvPCOcUxmVazvfR
	 MHP5bRXU7ArlqGOwEg==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Date: Wed, 14 Feb 2024 05:44:20 +0100
From: Markus Wichmann <nullplan@gmx.net>
To: musl@lists.openwall.com
Cc: enh <enh@google.com>
Message-ID: <ZcxFJByUgJs500ko@voyager>
References: <CAFftDdqgJSvfaAYPDFKeu6pijobosS=VwHfkvSwBni6G=sUZJg@mail.gmail.com>
 <20240212184236.GZ4163@brightrain.aerifal.cx>
 <CAFftDdpoPk_=OQAZeohTWL4j6NcNte_eOG=euEq2u+WQYDSY2w@mail.gmail.com>
 <20240212224657.GA4163@brightrain.aerifal.cx>
 <CAJgzZoppyH0wKknTwh0wTZZOctW444s5XHyEvzJr-Gag2jzARA@mail.gmail.com>
 <CAFftDdpm28Wm+iD-puDMsqV1zdSE3fWY==oPaGCmenQpkOxPHg@mail.gmail.com>
 <20240213020834.GB4163@brightrain.aerifal.cx>
 <CAFftDdoiXvCq=p0CCUzShiojOHZZ0S_cH9e6Bymf1P1p2pTkCg@mail.gmail.com>
 <ZcusM27RAiKaJeHy@voyager>
 <20240214021925.GC4163@brightrain.aerifal.cx>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20240214021925.GC4163@brightrain.aerifal.cx>
X-Provags-ID: V03:K1:z1RD45jm0Qrv0VE+LZTQc6+yFAYn638aBqAQgSwThDv+bHpq/mC
 x7lYmOnNMwhL44UZhb0nPrcP83IU7uj1iq56IfzRmfjs/ZcHGCAMG0nz3ix/+oQW//NkPB6
 k7Eik8WjH+AjinVaZxWaRFw25v/17kVS2+iEI6/V8TggaM3WESFLHhTYwLzEu+Pyq+hdLKC
 oZfAau4EnD9CymrtgCvKg==
UI-OutboundReport: notjunk:1;M01:P0:C0dckDymDNo=;xIhacLHm2T8uAZRb5D9ORdoN4lG
 +jAVg8dyAAgR0Lpu/1zSbkW2kKIHtQlqrnqqPQhUhcsjMYEiYPEoUYqhJLpea0f5tRfL039+3
 utlkL55TToCCsVL1Bkw+FkUxIOhBUKqybmJRF8v6W+EGTnnZ7FVFBA76Hthh1MLgtoUT3dJ9s
 HkUAmCPvdL6D8TIrvJQltTiOryk+q8Q53dT8n8S1T61dnDXPARTYVOluVskkLFTDe7MOYrxPx
 RYiFlh8XEFKdIkn8QTqdDU5tdXh3dfJ9Zl4373YJDlSTNnzpx1X8c4CODMbGzA21SFBk92cpq
 hj1wJXlzGOJ88PmYyhrKub8rQ2Gezbr4gasoepw//hbpvdmqMavFfOVxQsizuer07I7Mnv7Qq
 3AuSrLVNkhn0XfUFAGtfWLKSgpmUjGx+VUWiDYSyWKp8FXqrxDbD2ICe/h0NVxIZQV1Z/Xl5y
 dF/Z7o83MPZtDKyGUKrzM6ebG+JW1G/Jr3VuQqmlQBPLdcsy+hFMbbhRWi0vWKoemMyUgsscl
 GY/x875hDoP6nKepTkzdTKu7hl8S8Z6XFcHdxjs1lgTLgC8fyxoFBb1j6Qi7GA/2/US8/Vi29
 mV8QTbVvTT0Hs3ciszNr6NwR2vjG4iLVnBFNgOn5S5GR/419XqrUtSzI+qX4QBx1fLPa541ma
 V/nKHd/ZLHRHWvmRotA+tUTnozVzRh0yL9Lxnll/i3a/vkQ0dN54M8cydGNCsDYbJlg5rVVXY
 14eyA9lbN+GRiE1wnuSGaJ6bas0DgSZnKEyf3bGH6kaKVlwVuGpZV7felwz5Lz6I2ykC4pDL3
 rsLsP4C9BauV6uV6tCwJdk6pz25n/E8fkL78nkW8XmCJc=
Content-Transfer-Encoding: quoted-printable
Subject: Re: [musl] PAC/BTI Support on aarch64

Am Tue, Feb 13, 2024 at 09:19:25PM -0500 schrieb Rich Felker:
> What is the situation on x86? Does it use the same kind of per-page
> enforcement mode, or is it only global, requiring disabling it if any
> DSO lacks support? Is the endbr64 opcode a guaranteed-safe nop on
> older ISA levels, or does it need to be conditional?
>

My, what a journey. I had a look around the Internet for this question
and kept finding contradictory results. Turns out that is because, as
per kernel documentation, Linux only supports *kernel* IBT. The only
part of CET it supports for userspace is shadow stacks. Unless the
kernel docs are not up-to-date, of course.

According to Intel, the ENDBR64 instruction decodes as NOP on older
processors. GCC has support for emiting it, but at this point in time it
appears to be useless outside of Linux itself.

Ciao,
Markus