RFR: 8277204: Implementation of JEP 8264130: PAC-RET protection for Linux/AArch64 [v9]
Alan Hayward
duke at openjdk.java.net
Tue Jan 25 14:25:34 UTC 2022
On Tue, 25 Jan 2022 13:41:38 GMT, Andrew Haley <aph at openjdk.org> wrote:
>> Maybe. Mind you, a lot of the time I'm looking at the output from production systems.
>> From a rather philosophical point of view, I assume that if the user of a computer asks for something that isn't going to break anything or confuse anyone, we should honour their request.
>
> Was this ever resolved?
Sort of. That code has changed quite a bit - UseROPProtection now is a string field not a bool.
"none" or not set - pac disabled.
"pac-ret" - pac always enabled
"standard" - pac enabled if the cpu+os support it.
Also, the pac instructions used aren't all in the NOP space. So, it will crash on a non-pac machine. It might be possible to change it so it does only use nop space instructions, but I don't think it'll be optimal (need to double check).
-------------
PR: https://git.openjdk.java.net/jdk/pull/6334
More information about the build-dev
mailing list