Re: [RFC PATCH 00/21] KCFI support
From: Sami Tolvanen
Date: Mon May 02 2022 - 11:32:24 EST
On Sat, Apr 30, 2022 at 9:08 AM Kenton Groombridge <me@xxxxxxxxxx> wrote:
> Many thanks for continuing to work on this! As a user who has been
> following the evolution of this patch series for a while now, I have a
> couple of burning questions:
>
> 1) The LLVM patch says that kCFI is not compatible with execute-only
> memory. Is there a plan ahead for kCFI if and when execute-only memory
> is implemented?
There's no plan for executable-only memory right now, that would
require type hashes to be moved somewhere else to read-only memory.
> 2) kCFI only checks indirect calls while Clang's traditional CFI has
> more schemes like bad cast checking and so on. Are there any major
> security tradeoffs as a result of this?
No, cfi-icall is only scheme that's relevant for the kernel. The other
schemes implemented in Clang are mostly useful for C++.
Sami