RFR: 8264130: PAC-RET protection for Linux/AArch64 [v4]
Andrew Haley
aph at openjdk.java.net
Mon Nov 15 11:11:37 UTC 2021
On Mon, 15 Nov 2021 10:58:06 GMT, Alan Hayward <duke at openjdk.java.net> wrote:
>> src/hotspot/cpu/aarch64/pauth_aarch64.hpp line 132:
>>
>>> 130: // Authenticate or strip a return value. Use for efficiency and only when the safety of the data
>>> 131: // isn't an issue - for example when viewing the stack.
>>> 132: //
>>
>> So, whether this function authenticates or strips the address depends only on debugging? The vague name makes the callers hard to read.
>
>>whether this function authenticates or strips the address depends only on debugging?
>
> Yes. We only need to strip the value, because we're not jumping to the lr value, only viewing it.
>
> The interface is different to a strip (as we need to pass in the modifier).
>
> How about something like pauth_authenticate_fast() ? or pauth_authenticate_unsafe() ?
>
> Alternatively, this function is only called by the functions in Frame, so the frequency of use is probably low enough (compared to the sign/auth every function) that it's not going to cause any performance issues. So, could just replace with calls to pauth_authenticate. I think that might be the best option.
A simple rule here: function names go with what the release version does. So I'd go with the actual purpose, which is `pauth_strip_addr_for_debuginfo()`. That's right, isn't it? You only want this thing for stack traces, logs, etc.
-------------
PR: https://git.openjdk.java.net/jdk/pull/6334
More information about the build-dev
mailing list