Re: [PATCH] x86/ibt: Implement FineIBT

From: Peter Zijlstra
Date: Wed Oct 19 2022 - 08:03:40 EST

Next message: Ilpo Järvinen: "Re: [PATCH 1/2] tty: Convert tty_buffer flags to bool"
Previous message: Johan Hovold: "[PATCH v2 12/15] phy: qcom-qmp-pcie: fix initialisation reset"
In reply to: Kees Cook: "Re: [PATCH] x86/ibt: Implement FineIBT"
Next in thread: Kees Cook: "Re: [PATCH] x86/ibt: Implement FineIBT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Oct 18, 2022 at 04:31:48PM -0700, Josh Poimboeuf wrote:

> Is there a reason not to default to FineIBT if the hardware supports it?

Not really; and that's the default implemented here. Kees seems to think
the kCFI thing is a little more resillient against attacks where the
attacker can write code -- but IMO that's a bit of a lost cause.

Being able to run kCFI on IBT hardware is useful for
development/debugging purposes though.

Next message: Ilpo Järvinen: "Re: [PATCH 1/2] tty: Convert tty_buffer flags to bool"
Previous message: Johan Hovold: "[PATCH v2 12/15] phy: qcom-qmp-pcie: fix initialisation reset"
In reply to: Kees Cook: "Re: [PATCH] x86/ibt: Implement FineIBT"
Next in thread: Kees Cook: "Re: [PATCH] x86/ibt: Implement FineIBT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]