
Surely an extra NOOP that uses a fetch/execute cycle to retrieve and verify it's a valid destination target to branch to in tight loops that get executed billions of times per second will reduce IPC?
After years in development, Intel is set to debut security mechanisms in its microprocessors that it hopes will block, at the silicon level, exploitation of a class of software vulnerabilities. Known as Control Flow Enforcement Technology, or CET, the protections are designed to prevent miscreants from exploiting certain …
Not really, the main cost is a little bit of space in an instruction cache line.
The fetch was happening anyway. Is basically "jump to X", then X performs an "am I a valid jump target?" trap. With hardware support the cost of that can be zero time (but does cost transistors!) Though on CPUs without support there's a decode & NOP.
Will add more state to context switches, as this will obviously need to be explicitly enabled by processes, but context switch is already expensive.
The difference is that the CPU knows it just returned, so can immediately check whether the jumped-to instruction is one of the "ok" targets.
An application wanting to do the same has to add code to function prologues to mark as "entered function properly" and also add "did we enter this function properly?" checks at various places.
Can probably get most of it by adding checks to the prologue and epilogue to trap if the function was entered without leaving the previous one, or left without entering it, but of course this is several times more code.
Most systems have a lot of older code running as well as the latest most up to date stuff. An application obtained as a binary which the supplier has not updated will have a lot of branches that do not have ENDBRANCH as targets. The CET will have to be something that is turned on at a per application level with the default being off or many applications will break. (Given the extreme speed that some suppliers work, there will still be non conforming applications in 2040 !!)
Icon for systems that enable CET without checking for non-compatible programs.
========================>