-
Notifications
You must be signed in to change notification settings - Fork 4.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[NativeAOT] Enable CET support #101942
Comments
Presumably this is not just suspension support (which is partially CET compatible, modulo return hijacking), but there is some Exception Handling work as well, right? |
What are the places in EH that you have in mind? (There may be some changes needed in EH, but they should be very minor.) |
I just did a search for AreCetShadowStacksEnabled and saw a few uses in EH. Did not look in details what they do though. |
Those are related to the suspension support. The shadows stacks turn return address hijacks into |
I see. I am trying to see how much is missing in NatveAOT. I think we might want to fit this into 9.0. Especially since this is security related, it feels it fits the overall theme. |
@VSadov I'll be happy to help with this if you need some clarifications around the CET stuff. |
@janvorli - thanks. I started with support for |
CET is one of the low-level security mitigations.
It is supported on CoreCLR, but not on native AOT. We need to port the support from CoreCLR to native AOT (and test it that it works).
(Context #101891 (comment))
The text was updated successfully, but these errors were encountered: