POWER10 Adds New Instructions For Helping Fend Off ROP Exploits
The POWER10 architecture is adding several new instructions to help prevent return-oriented programming exploits.
Hitting the GNU Assembler code this past week was support for new return-oriented programming instructions with POWER10. There are several new POWER instructions intended to help safeguard against this common security exploit means. It's also the first time we've seen these new instructions mentioned.
As it's just the assembler bits being added, it doesn't provide much context to these new ROP instructions but they include: HASHSTP, HASHCHKP, HASHST, and HASHCHK. Presumably based on the instruction names, a means of hashing the stack pointer and hashing/checking the call stack.
In any case, in this day and age it's not surprising to see an increased emphasis on CPU security features. When we learn more about all of the POWER10 features we'll be sure to pass it along. IBM continues working on their POWER10 open-source/Linux bring-up for the compiler toolchains as well as the Linux kernel.
POWER10 systems are expected to be in customer hands before the end of the calendar year while "libre" POWER10 systems are expected to not be out until at least next year for reasons yet to be publicly shared.