Re: [RFC PATCH 00/21] KCFI support

From: Kenton Groombridge
Date: Sat Apr 30 2022 - 12:16:29 EST

Next message: Konrad Dybcio: "[PATCH 3/3] drm/msm/disp: dpu1: Properly sort qcm2290_dpu_caps"
Previous message: Konrad Dybcio: "[PATCH 1/3] dt-bindings: display: msm: Add binding for MSM8996 DPU"
In reply to: Peter Zijlstra: "Re: [RFC PATCH 00/21] KCFI support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 22/04/29 01:36PM, Sami Tolvanen wrote:
> KCFI is a proposed forward-edge control-flow integrity scheme for
> Clang, which is more suitable for kernel use than the existing CFI
> scheme used by CONFIG_CFI_CLANG. KCFI doesn't require LTO, doesn't
> alter function references to point to a jump table, and won't break
> function address equality. The latest LLVM patches are here:
>
> https://reviews.llvm.org/D119296
> https://reviews.llvm.org/D124211

Many thanks for continuing to work on this! As a user who has been
following the evolution of this patch series for a while now, I have a
couple of burning questions:

1) The LLVM patch says that kCFI is not compatible with execute-only
memory. Is there a plan ahead for kCFI if and when execute-only memory
is implemented?

2) kCFI only checks indirect calls while Clang's traditional CFI has
more schemes like bad cast checking and so on. Are there any major
security tradeoffs as a result of this?

V/R

Kenton Groombridge

Attachment: signature.asc
Description: PGP signature

Next message: Konrad Dybcio: "[PATCH 3/3] drm/msm/disp: dpu1: Properly sort qcm2290_dpu_caps"
Previous message: Konrad Dybcio: "[PATCH 1/3] dt-bindings: display: msm: Add binding for MSM8996 DPU"
In reply to: Peter Zijlstra: "Re: [RFC PATCH 00/21] KCFI support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]