-
-
Notifications
You must be signed in to change notification settings - Fork 32.3k
[3.14] gh-128605: Add branch protections for x86_64 in asm_trampoline.S (#128606) #135077
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Follow Lee on X/Twitter - Father, Husband, Serial builder creating AI, crypto, games & web tools. We are friends :) AI Will Come To Life!
Check out: eBank.nz (Art Generator) |
Netwrck.com (AI Tools) |
Text-Generator.io (AI API) |
BitBank.nz (Crypto AI) |
ReadingTime (Kids Reading) |
RewordGame |
BigMultiplayerChess |
WebFiddle |
How.nz |
Helix AI Assistant
Conversation
…poline.S (python#128606) Apply Intel Control-flow Technology for x86-64 on asm_trampoline.S. Required for mitigation against return-oriented programming (ROP) and Call or Jump Oriented Programming (COP/JOP) attacks. Manual application is required for the assembly files. See also: https://sourceware.org/annobin/annobin.html/Test-cf-protection.html
Thanks @vstinner for merging it 🌮🎉.. I'm working now to backport this PR to: 3.13. |
…poline.S (pythonGH-135077) Apply Intel Control-flow Technology for x86-64 on asm_trampoline.S. Required for mitigation against return-oriented programming (ROP) and Call or Jump Oriented Programming (COP/JOP) attacks. Manual application is required for the assembly files. See also: https://sourceware.org/annobin/annobin.html/Test-cf-protection.html (cherry picked from commit 899cca6) Co-authored-by: stratakis <cstratak@redhat.com>
Thanks @vstinner for merging it 🌮🎉.. I'm working now to backport this PR to: 3.12. |
Sorry, @vstinner, I could not cleanly backport this to
|
@stratakis: It seems like Python 3.12 branch also requires special care. Can you try to backport the change manually? |
….S (GH-135077) (#135083) [3.14] GH-128606) (GH-135077) Apply Intel Control-flow Technology for x86-64 on asm_trampoline.S. Required for mitigation against return-oriented programming (ROP) and Call or Jump Oriented Programming (COP/JOP) attacks. Manual application is required for the assembly files. See also: https://sourceware.org/annobin/annobin.html/Test-cf-protection.html (cherry picked from commit 899cca6) Co-authored-by: stratakis <cstratak@redhat.com>
…asm_trampoline.S (python#135077)" This reverts commit 899cca6, which broke buildbots.
…asm_tr…ampoline.S (pythonGH-135077)" (pythonGH-135175) This reverts commit 899cca6, which broke buildbots. (cherry picked from commit b477e21) Co-authored-by: Petr Viktorin <encukou@gmail.com>
Apply Intel Control-flow Technology for x86-64 on asm_trampoline.S.
Required for mitigation against return-oriented programming (ROP) and Call or Jump Oriented Programming (COP/JOP) attacks.
Manual application is required for the assembly files.
See also: https://sourceware.org/annobin/annobin.html/Test-cf-protection.html