Re: [RFC PATCH 00/21] KCFI support

From: Sami Tolvanen
Date: Mon May 02 2022 - 11:32:24 EST

Next message: Hector Martin: "Re: [PATCH 3/3] PCI: apple: Add support for optional PWREN GPIO"
Previous message: Fabien Dessenne: "[PATCH] pinctrl: stm32: prevent the use of the secure protected pins"
In reply to: Peter Zijlstra: "Re: [RFC PATCH 00/21] KCFI support"
Next in thread: Mark Rutland: "Re: [RFC PATCH 00/21] KCFI support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Apr 30, 2022 at 9:08 AM Kenton Groombridge <me@xxxxxxxxxx> wrote:
> Many thanks for continuing to work on this! As a user who has been
> following the evolution of this patch series for a while now, I have a
> couple of burning questions:
>
> 1) The LLVM patch says that kCFI is not compatible with execute-only
> memory. Is there a plan ahead for kCFI if and when execute-only memory
> is implemented?

There's no plan for executable-only memory right now, that would
require type hashes to be moved somewhere else to read-only memory.

> 2) kCFI only checks indirect calls while Clang's traditional CFI has
> more schemes like bad cast checking and so on. Are there any major
> security tradeoffs as a result of this?

No, cfi-icall is only scheme that's relevant for the kernel. The other
schemes implemented in Clang are mostly useful for C++.

Sami

Next message: Hector Martin: "Re: [PATCH 3/3] PCI: apple: Add support for optional PWREN GPIO"
Previous message: Fabien Dessenne: "[PATCH] pinctrl: stm32: prevent the use of the secure protected pins"
In reply to: Peter Zijlstra: "Re: [RFC PATCH 00/21] KCFI support"
Next in thread: Mark Rutland: "Re: [RFC PATCH 00/21] KCFI support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]