From: Quentin Perret <qperret@google.com>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>,
Peter Zijlstra <peterz@infradead.org>,
Catalin Marinas <catalin.marinas@arm.com>,
James Morse <james.morse@arm.com>, Will Deacon <will@kernel.org>,
Linux ARM <linux-arm-kernel@lists.infradead.org>
Subject: Re: [PATCH v2] arm64: implement support for static call trampolines
Date: Mon, 16 Nov 2020 12:05:27 +0000 [thread overview]
Message-ID: <20201116120527.GA3931251@google.com> (raw)
In-Reply-To: <CAMj1kXFrRJGNRACf+L+Q3HG-2dmUtX3VJYQUAXVk=75pi-gA8Q@mail.gmail.com>
On Monday 16 Nov 2020 at 11:31:10 (+0100), Ard Biesheuvel wrote:
> OK, so that would suggest that having at least the out-of-line
> trampoline would help with CFI, but only because the indirect call is
> decorated with CFI checks, not because the indirect call itself is any
> slower.
Right. By disabling CFI checks in Android we get something that is more
comparable to the inline static-call implementation as we get a 'raw'
indirect call. But yes, it's very likely that even an out-of-line static
call is going be much faster than a CFI-enabled indirect call, so
definitely worth a try.
> So that suggests that something like
>
> bti c
> ldr x16, 0f
> br x16
> 0:.quad <target>
>
> may well be sufficient in the arm64 case - it is hidden from the
> assembler, so we don't get the CFI overhead, and since it is emitted
> as .text (and therefore requires code patching to be updated), it does
> not need the same level of protection that CFI offers elsewhere when
> it comes to indirect calls.
Agreed. I'm thinking the static-call infrastructure itself could perhaps
do the CFI target validation before actually patching the text. But I
suppose we probably have bigger problems if we can't trust whoever
initiated the static-call patching, so ...
Thanks,
Quentin
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-11-16 12:06 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-28 18:41 [PATCH v2] arm64: implement support for static call trampolines Ard Biesheuvel
2020-10-29 10:28 ` Peter Zijlstra
2020-10-29 10:40 ` Peter Zijlstra
2020-10-29 10:58 ` Ard Biesheuvel
2020-10-29 11:46 ` Peter Zijlstra
2020-10-29 11:49 ` Ard Biesheuvel
2020-10-29 11:54 ` Peter Zijlstra
2020-10-29 12:14 ` Ard Biesheuvel
2020-10-29 11:27 ` Quentin Perret
2020-10-29 11:32 ` Ard Biesheuvel
2020-10-29 11:44 ` Peter Zijlstra
2020-10-29 14:10 ` Steven Rostedt
2020-10-29 11:54 ` Quentin Perret
2020-10-29 13:22 ` Ard Biesheuvel
2020-11-16 10:18 ` Quentin Perret
2020-11-16 10:31 ` Ard Biesheuvel
2020-11-16 12:05 ` Quentin Perret [this message]
2020-10-29 11:50 ` Mark Rutland
2020-10-29 11:58 ` Peter Zijlstra
2020-10-29 13:30 ` Mark Rutland
2020-10-29 11:59 ` Ard Biesheuvel
2020-10-29 13:21 ` Mark Rutland
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201116120527.GA3931251@google.com \
--to=qperret@google.com \
--cc=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=peterz@infradead.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.