Hi,
On 5/19/20 1:38 PM, Przemek Klosowski via devel wrote:
On 5/18/20 3:36 PM, Ben Cotton wrote:
Arm Pointer Authentication (PAC) is a method of hardening code from
Return Oriented Programming (ROP) attacks. It uses a tag in a pointer
to sign and verify pointers. Branch Target Identification (BTI) is
another code hardening method, where the branch/jump target is
identified with a special landing pad instruction.
Is there a performance impact? do those landing pad instructions take an
execution pipeline slots?
Potentially, depends on the microarch. In general on existing machines
they decode as HIT/NOPs and get tossed, and since most of the ARM cores
aren't decode limited it won't have an effect. On cores where its
actually active its a lot harder to generalize and compare performance
at the moment. In theory if a particular machine has a bad
implementation we can just disable it for that given machine to return
the behavior to just HIT/NOP.
We're planning to use AUTIASP+RET, not RETAA, right?
I believe that is the case, retaa requires a 8.3 machine and we need
compatibility with 8.0 so we need to stick to the pac portion which is
in the HINT space and translates to NOPs on < v8.3 hardware.
Note:
https://github.com/gcc-mirror/gcc/blob/master/gcc/config/aarch64/aarch64.c#L8208
Thanks,
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
