[PATCH] D122673: Add kcfi_unchecked attribute

[Joao Moreira via Phabricator via cfe-commits]

joaomoreira added a comment.

> In the previous discussion, @joaomoreira  pointed out that this is very similar to `nocf_check` and proposed reusing that attribute. In an offline discussion, @pcc  was concerned that an attribute may not be the right approach here and suggested  a `__builtin_kcfi_unchecked(function(args))` built-in function to avoid changing the type system.

I'm still thinking a bit about this/needing some time to provide a proper review, but just to not hold the thoughts back since this is moving.

A consideration I can foresee with extending the type system with an attribute is that you then tie the function pointer prototype to the attribute for assignments and this will later require some casting magic if you want to invoke functions without kcfi_unchecked through a kcfi_unchecked pointer (which I assume should be doable). OTOH, it would be nice to get warnings when assigning a kcfi_unchecked functions to pointers which will later be used in checked indirect calls (yet, it would be better to have explicit warning about the inconsistency instead of implicit type mismatching ones).

Regarding nocf_check, my understanding is that the kernel IBT support assumes CET/IBT to be orthogonal to KCFI -- with that said, kernel implementation is set to never use or allow no-track prefixes, meaning that the above situation never happens for IBT (since there are no nocf_check function pointers). OTOH, I assume that there could be situations where you want the function pointer call to be relaxed/coarse-grained? If yes, this would need to be done through a different attribute other than nocf_check, since this sets the compiler to emit notrack prefixes that are invalid in kernel.

With all the above, it seems to me that using a kcfi-specific builtin could be the more flexible option.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D122673/new/

https://reviews.llvm.org/D122673