Solar Designer
Solar Designer
@sempervictus I think @osevan was referring solely to "it was built in-tree" in your comment, not asking about the CFI issue. @osevan This is done using `scripts/copy-builtin.sh`, which @sempervictus had...
We ended up discussing implementation of Intel CET IBT support for LKRG in #413, which was initially a duplicate of this issue, but now I'm closing this one in favor...
@sempervictus We'd appreciate your testing of the experimental changes mentioned in the comments in #413, currently in a branch in my fork of the repo. Thank you!
I now see I confused Intel CET IBT with clang CFI here. The failures have similar root cause and similar symptoms, but are not the same. So let's reopen this...
> One of the problems I noticed right away when testing this is that Clang does not currently support the `noipa` attribute. Thanks. Well, it just produces a warning, right?...
> ld.lld: error: vmlinux.o:(.p_lkrg_read_only) is being placed in '.p_lkrg_read_only' This is unrelated, except that it gives you an error stopping you from completing the build with clang, right? We had...
@0xC0ncord For now, can you please try: ```diff +++ b/src/p_lkrg_main.h @@ -136,7 +136,7 @@ static inline unsigned long get_random_long(void) { //#define P_KERNEL_AGGRESSIVE_INLINING 1 //#define p_lkrg_read_only __attribute__((__section__(".data..p_lkrg_read_only"),aligned(PAGE_SIZE))) -#define __p_lkrg_read_only __attribute__((__section__(".p_lkrg_read_only"))) +#define...
@0xC0ncord Thank you. Can you share the corresponding kernel config? And compiler version? Same compiler for kernel and LKRG?
@0xC0ncord Thanks. Can you please show `objdump -d src/modules/exploit_detection/p_exploit_detection.o | head -50`?
@0xC0ncord Oh, it reordered stuff so it's not in the first 50 lines. What I'd like to see is the body of `call_p_kallsyms_lookup_name`.