IBT/BTI instructions and D compilers
Brian Callahan
bcallah at openbsd.org
Mon Jul 10 14:52:53 UTC 2023
On Monday, 10 July 2023 at 14:46:47 UTC, Brian Callahan wrote:
> On Monday, 10 July 2023 at 14:45:48 UTC, Brian Callahan wrote:
>> On Monday, 10 July 2023 at 14:19:38 UTC, Iain Buclaw wrote:
>>> On Monday, 10 July 2023 at 13:25:37 UTC, Brian Callahan wrote:
>>>> On Monday, 10 July 2023 at 13:08:03 UTC, Ernesto Castellotti
>>>> wrote:
>>>>>
>>>>> For LDC it should be very simple to do the same, it would
>>>>> be useful to open an issue in the LDC repo
>>>>>
>>>>> The real problem is DMD, I'm afraid it needs some tweaking
>>>>> in the backend
>>>>
>>>> Good idea. I made an Issue on GitHub for LDC and I made a
>>>> Bugzilla report for DMD.
>>>
>>> I did raise a bug report back in 2020
>>>
>>> https://issues.dlang.org/show_bug.cgi?id=20933
>>>
>>> I guess I didn't word it clearly enough. :-)
>>
>> Hi Iain --
>>
>> Yes, it is. We do enable it by default on OpenBSD :)
>> More specifically, this is the -fcf-protection=branch flag --
>> no shadow stack stuff here.
>
> Actually, I take that back. We don't do the --enable-cet flag
> for libphobos (didn't know that existed). But we build all of
> GCC with -fcf-protection=branch.
And because Intel I don't think was all that good at explaining
things, and we have this flag that does one or both of two very
different things: -fcf-protection=return does shadow stacks and
-fcf-protection=full does both shadow stacks and IBT. Neither of
these are what we're talking about. Just -fcf-protection=branch
which only does IBT. Intel says you can do one without the other.
But both are controlled by the same flag. Go figure.
More information about the Digitalmars-d
mailing list