Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork32.1k
[3.14] gh-128605: Add branch protections for x86_64 in asm_trampoline.S (#128606)#135077
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Conversation
…poline.S (python#128606)Apply Intel Control-flow Technology for x86-64 on asm_trampoline.S.Required for mitigation against return-oriented programming (ROP)and Call or Jump Oriented Programming (COP/JOP) attacks.Manual application is required for the assembly files.See also:https://sourceware.org/annobin/annobin.html/Test-cf-protection.html
899cca6 intopython:3.14Uh oh!
There was an error while loading.Please reload this page.
Thanks@stratakis for the PR, and@vstinner for merging it 🌮🎉.. I'm working now to backport this PR to: 3.13. |
…poline.S (pythonGH-128606) (pythonGH-135077)Apply Intel Control-flow Technology for x86-64 on asm_trampoline.S.Required for mitigation against return-oriented programming (ROP)and Call or Jump Oriented Programming (COP/JOP) attacks.Manual application is required for the assembly files.See also:https://sourceware.org/annobin/annobin.html/Test-cf-protection.html(cherry picked from commit899cca6)Co-authored-by: stratakis <cstratak@redhat.com>
GH-135083 is a backport of this pull request to the3.13 branch. |
Thanks@stratakis for the PR, and@vstinner for merging it 🌮🎉.. I'm working now to backport this PR to: 3.12. |
Sorry,@stratakis and@vstinner, I could not cleanly backport this to |
@stratakis: It seems like Python 3.12 branch also requires special care. Can you try to backport the change manually? |
….S (GH-128606) (GH-135077) (#135083)[3.14]gh-128605: Add branch protections for x86_64 in asm_trampoline.S (GH-128606) (GH-135077)Apply Intel Control-flow Technology for x86-64 on asm_trampoline.S.Required for mitigation against return-oriented programming (ROP)and Call or Jump Oriented Programming (COP/JOP) attacks.Manual application is required for the assembly files.See also:https://sourceware.org/annobin/annobin.html/Test-cf-protection.html(cherry picked from commit899cca6)Co-authored-by: stratakis <cstratak@redhat.com>
…asm_trampoline.S (python#128606) (python#135077)"This reverts commit899cca6,which broke buildbots.
GH-135175 is a backport of this pull request to the3.14 branch. |
Uh oh!
There was an error while loading.Please reload this page.
Apply Intel Control-flow Technology for x86-64 on asm_trampoline.S.
Required for mitigation against return-oriented programming (ROP) and Call or Jump Oriented Programming (COP/JOP) attacks.
Manual application is required for the assembly files.
See also:https://sourceware.org/annobin/annobin.html/Test-cf-protection.html