x86-64: new CET-enabled PLT format proposal
Joao Moreira
joao@overdrivepizza.com
Tue Mar 1 09:45:20 GMT 2022
On 2022-03-01 01:32, Rui Ueyama wrote:
> On Tue, Mar 1, 2022 at 6:27 PM Joao Moreira <joao@overdrivepizza.com>
> wrote:
>>
>> > This is what I tried first but I then realized that I needed to insert
>> > another `endbr` between `jmp` and `call`. `jmp GOT[foo]` can jump only
>> > to `endbr` if CET is enabled, so it can't directly jump to the
>> > following `call`.
>> >
>> Ugh, there we go... dead. Thanks for not letting me waste a ton of
>> time
>> :)
>
> I actually wasted my time by implementing it only to find that it
> wouldn't work. :) If you are interested, this is my commit to my
> linker.
> https://github.com/rui314/mold/commit/4ec0bbf04841e514aca2000f3d780d14efcaefc9
I'm glad I posted it here before trying to go and implement :)
Regarding the projects mentioned by HJ, I assume one of them is this (in
case you are curious):
https://static.sched.com/hosted_files/lssna2021/8f/LSS_FINEIBT_JOAOMOREIRA.pdf
In FineIBT we use R11 to pass hashes around through direct calls to
enable fine-grain CFI on top of IBT.
More information about the Binutils
mailing list