Re: [RFC/RFT] CFI: Add support for gcc CFI in aarch64
From: Mark Rutland
Date: Tue Jan 03 2023 - 03:55:41 EST
On Mon, Dec 19, 2022 at 04:04:55PM +0100, Peter Zijlstra wrote:
> On Mon, Dec 19, 2022 at 05:32:04AM -0800, Dan Li wrote:
> > Hi Peter,
> >
> > On 12/19, Peter Zijlstra wrote:
> > > On Sun, Dec 18, 2022 at 10:17:58PM -0800, Dan Li wrote:
> > >
> > > > 1. When a typeid mismatch is detected, the cfi_check_failed function
> > > > will be called instead of the brk instruction. This function needs
> > > > to be implemented by the compiler user.
> > > > If there are user mode programs or other systems that want to use
> > > > this feature, it may be more convenient to use a callback (so this
> > > > compilation option is set to -fsanitize=cfi instead of kcfi).
> > >
> > > This is not going to be acceptible for x86_64.
> >
> > I'm not familiar enough with the x86_64 platform, could you please
> > tell me why this is not acceptable? Is there a similar situation
> > on the arm64 platform?
>
> Mostly because the call would be a 5 byte instruction while the trap
> (UD2) is only 2 bytes.
>
> I suspect Argh64 has a similar problem if the to be called function is
> outside the immediate range (26 bits or thereabout), in which case you
> end up with a multi-instruction sequence to construct the call target or
> so.
Either that or a direct branc to a PLT.
> A trap is always a single instruction.
Indeed.
I strongly prefer the BRK for the reasons I've given in my other reply, which
include code size.
Thanks,
Mark.