================ @@ -255,33 +260,160 @@ signing schema breaks down even more simply: It is important that the signing schema be independently derived at all signing and authentication sites. Preferably, the schema should be hard-coded everywhere it is needed, but at the very least, it must not be derived by -inspecting information stored along with the pointer. +inspecting information stored along with the pointer. See the section on +`Attacks on pointer authentication`_ for more information. + -Language Features +Language features ----------------- -There is currently one main pointer authentication language feature: +There are three levels of the pointer authentication language feature: + +- The language implementation automatically signs and authenticates function + pointers (and certain data pointers) across a variety of standard situations, + including return addresses, function pointers, and C++ virtual functions. The + intent is for all pointers to code in program memory to be signed in some way + and for all branches to code in program text to authenticate those + signatures. ---------------- kbeyls wrote:
I really like the sentence saying what the intent is here. My understanding is that there is also an intent to sign *some* data pointers, such as pointers to vtables. I wonder if it would be possible to add a sentence describing the intent for roughly *which* kinds of data pointers to sign? For example maybe the data pointers that point to blocks of code pointers, where the path of "data pointer->code pointer" will be followed frequently, such as in the case of vtables? --- After reading further in this patch, I guess that what I'm trying to say here is that it would be useful to state that data pointers in an "Access path attack" (defined later) are also intended to be signed? Or would that be an incorrect statement? https://github.com/llvm/llvm-project/pull/152596 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
