[Webkit-unassigned] [Bug 245697] [Linux] Support branch target identification on aarch64
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Sep 27 06:24:46 PDT 2022
https://bugs.webkit.org/show_bug.cgi?id=245697
--- Comment #4 from Michael Catanzaro <mcatanzaro at gnome.org> ---
One of the upstream patches says "creation of a BTI-enabled binary requires _everything_ linked in to be BTI-enabled." If that's still true, then forcing cloop is the only option.
If that has changed, then some lightly-edited hints from Yusuke on Slack:
"""
Probably, all WebKitGTK and JIT code should be marked as Legacy code, which probably relies on linker control on Linux toolchain etc.
quite likely, linker has an option to emit ELF data structure saying this is "Legacy" code so do not apply BTI. https://reviews.llvm.org/D62609
GNU_PROPERTY_AARCH64_FEATURE_1_BTI and GNU_PROPERTY_AARCH64_FEATURE_1_PAC
And the loader will load these binaries with appropriate page table entry bits on OS, and that's it, I guess.
And also need to check mmap option to disable these configuration explicitly for JIT code. Probably Linux should have that kind of thing, and you should ensure that JIT code is mapped with that appropriate bits.
"""
More likely, we'd have to either disable it or really add the BTI instructions everywhere required. I don't know how hard that would be, but I assume it would not be easy.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220927/33fb9f99/attachment.htm>
More information about the webkit-unassigned
mailing list