RFR: 8277204: Implementation of JEP 8264130: PAC-RET protection for Linux/AArch64 [v14]
Andrew Haley
aph at openjdk.java.net
Tue Feb 1 18:38:21 UTC 2022
On Tue, 1 Feb 2022 12:42:26 GMT, David Holmes <dholmes at openjdk.org> wrote:
>> As per this conversation: https://github.com/openjdk/jdk/pull/6334#discussion_r791722292
>>
>> The idea was, the user is explicitly asking for asking for pac-ret so we should honour that. Whereas standard would only enable what is supported for that system.
>
> But we can't honour that because it is not supported. Further, the suggestion in the referenced discussion seemed to be based on the assumption that doing so would be harmless because it is NOP based, but you have indicated that may not be the case and so it may actually lead to a crash!
Given that the implementation has now changed so much that it's no longer NOP based, I'll go with @dholmes-ora .
One other thing, though: it might be better to say here "but this VM was built without ROP-protection support." That's more informative, IMO.
-------------
PR: https://git.openjdk.java.net/jdk/pull/6334
More information about the build-dev
mailing list