RFR: 8277204: Implementation of JEP 8264130: PAC-RET protection for Linux/AArch64 [v10]
Alan Hayward
duke at openjdk.java.net
Mon Dec 13 09:53:17 UTC 2021
On Sun, 12 Dec 2021 10:19:30 GMT, Andrew Haley <aph at openjdk.org> wrote:
>> `-mbranch-protection` switches on both PAC-RET and BTI. This PR only covers a use of PAC that looks very ROP-focused to me.
>
> True, because we don't (yet) support BTI. Is there any point having two separate flags for BTI and PAC-RET? If someone wants one, they'll very likely want the other, won't they?
You can support one without the other.
The architecture allows you to have one without the other.
The GCC flag is an enum of "none|standard|pac-ret[+leaf]|bti", with some of them changing depending on which cpu you specify to -mcpu (8.0,8.3,8.5 etc).
Clang has the same flags. Interestingly, on MacOS Clang, -mbranch-protection is available but it'll give incorrect code. Instead you build with -arch arm64e.
If your system had both, the only scenario I could see for only wanting just one would be for test/dev purposes. In a real production scenario you would want everything the system supports or nothing.
An earlier version of my code had a UseBranchProtection="pac|bti|pac+bti|all|none" style option
-------------
PR: https://git.openjdk.java.net/jdk/pull/6334
More information about the build-dev
mailing list