Xen project Mailing List

Re: [PATCH v2 00/70] x86: Support for CET Indirect Branch Tracking

To: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>

Date: Mon, 14 Feb 2022 15:38:52 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=oW0R6CNu1PHJKhRVZskWODYz0c04fKeDGBd6HyYD2sU=; b=Dq0UW3MiN1EYjdiv8trX8KGaLCxgGb5Z+U2Az7eoK/6ctwEKzZtw2oY9TLXXdcBtzO4E0flxI86d75LEr2spUUnKJyxpCfgTpHXOraOZqTwuUueA1lFr7aOJc4cfwILsAx+BHut9lHvBwg8U1Et9UDOw+fYb8zGlNI/cE0TKaob2GFeMR3qSdK32NUmT6lY8/D5mhTwYoLcg+B4AYHKRC43N5npBLNBQ+6t7vaFTb+KLZNIMRoM/+e7l3VEmywQWbYTt1jSpiTetGchU1+YDd3LD1CsSjcinmm7vcaiYCOU9uvEA3PfKQi37cS3GOiZ7C/bjH/SrbYyXIU3l6jZw5Q==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kfNVlg0tQUh0Cj/mxL0NymTtJYSL9IRusaC76Af1Zc3USbPcmUfkvWxp8eE/Gc/QOFGnaQWS/BHecn1UqwtJsRFa2plxZKj/65ZsVt68UgAqItswjdpsDEgMSbDNYQBp3yL6lv/R1vSeAqD1+gUMQTJvba/h4nn1MnA2ZQ5+gk63Qi69+5J+jkqwW51yVbVCF5pRFqh0DXyj5TCwO1MDjSwLb979s0uqiAj/itBIgr/CEEO+4SAmrXeeEYZ2JWJwSh1R7uNV693DdtxT7CZxVvOJCusjwIbVyQaIZq1c9qdX5jHSxE094v6HTywySrm2iJVM6sjUB+qwHj5MI6BcVw==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Mon, 14 Feb 2022 14:39:04 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 14.02.2022 15:15, Andrew Cooper wrote: > On 14/02/2022 13:43, Jan Beulich wrote: >> On 14.02.2022 14:10, Andrew Cooper wrote: >>> On 14/02/2022 12:50, Andrew Cooper wrote: >>>> CET Indirect Branch Tracking is a hardware feature designed to protect >>>> against >>>> forward-edge control flow hijacking (Call/Jump oriented programming), and >>>> is a >>>> companion feature to CET Shadow Stacks added in Xen 4.14. >>>> >>>> Patches 1 thru 5 are prerequisites. Patches 6 thru 60 are fairly >>>> mechanical >>>> annotations of function pointer targets. Patches 61 thru 70 are the final >>>> enablement of CET-IBT. >>>> >>>> This series functions correctly with GCC 9 and later, although an >>>> experimental >>>> GCC patch is required to get more helpful typechecking at build time. >>>> >>>> Tested on a TigerLake NUC. >>>> >>>> CI pipelines: >>>> https://gitlab.com/xen-project/people/andyhhp/xen/-/pipelines/470453652 >>>> https://cirrus-ci.com/build/4962308362338304 >>>> >>>> Major changes from v1: >>>> * Boilerplate for mechanical commits >>>> * UEFI runtime services unconditionally disable IBT >>>> * Comprehensive build time check for embedded endbr's >>> There's one thing I considered, and wanted to discuss. >>> >>> I'm tempted to rename cf_check to cfi for the function annotation, as >>> it's shorter without reducing clarity. >> What would the 'i' stand for in this acronym? > > The class of techniques is called Control Flow Integrity. > >> Irrespective of the answer >> I'd like to point out the name collision with the CFI directives at >> assembler level. This isn't necessarily an objection (I'm certainly for >> shortening), but we want to avoid introducing confusion. > > I doubt there is confusion to be had here. One is entirely a compiler > construct which turns into ENDBR64 instructions in the assembler, and > one is a general toolchain construct we explicitly disable. Hmm. I'm still at best half convinced. Plus we generally have been naming our shorthands after the actual attribute names. By using "cfi" such a connection would also be largely lost. Roger, Wei, others - do you opinions either way? Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.