From: "Theo de Raadt" <deraadt@openbsd.org>
Subject: Re: ruby arm64 BTI
To: Mark Kettenis <mark.kettenis@xs4all.nl>
Cc: sthen@openbsd.org, jeremy@openbsd.org, ports@openbsd.org
Date: Sat, 22 Jun 2024 06:16:03 -0600

Mark Kettenis <mark.kettenis@xs4all.nl> wrote:

> Theo pointed out the NOBTCFI reversal here.  Now the reason that we
> still see SIGILL despite fixes to the assembly code is because the
> -mbranch-protection=pac-ret option added by the configure script
> actually downgrades our default of enabling both BTI and PAC to just
> enabling PAC.  So the necessary BTI instructrions were missing from
> the C code.

How did this issue arise?  Is PAC without BTI the case on MacOS?

> With the diff below things seem to work fine on Apple M2.  There is
> one failure in the testsuite:
>   1) Failure:
> TestIO_Console#test_failed_path [/home/ports/pobj/ruby-3.3.3/ruby-3.3.3/test/io/console/test_io_console.rb:46]:
> [Errno::ENODEV, Errno::ENOTTY, Errno::EBADF, Errno::ENXIO] exception expected, not #<Errno::EOPNOTSUPP: Operation not supported - /dev/null>.
> 
> but I'm pretty sure that is unrelated to BTI support.

I suspect that's the recent delution over "isatty is poorly standardized,
and we believe it should return linux errno".