[PATCH] D58102: Support X86 Control-flow Enforcement Technology (CET) in LLD
Xiang Zhang via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Mar 7 04:01:58 PST 2019
xiangzhangllvm added a comment.
Hi friends:
Today I discussed our option ideals with H.J.
In short, He suggested us to choose "Auto CET in linker by default", he gaves 3 key reason:
1. We rarely used linker to directly link out programs, instead, we mostly use compiler to directly build our programs. So in these cases, users need to set CET compilation options (-fcf-protection)
in the build command lines if they want to use CET. They know it.
2. He illustrate how he enabled CET piece by piece: for the gcc + glibc projects which depends on each other in their 'growth', he first partly CETed gcc, then use it partly CETed glibc, and again use the partly CETed gcc+glibc to build gcc and glibc, after times of this recirculating
he fully CETed the Interdependence projects. He also estimate that there will be cost yesrs to fully CETed the Linux OS and its programs, This is a long process". All of this will be very hard if we set "Enforce CET in linker".
By the way: Do we want to rebuild the Linux with LLVM one day?
3. He explained that, IBT of CET can works in part unit of program process, if one CETed program load NON-CETed dynamic *.so files, The CET can just work in the old part of the program (not contain dynamic libs).
So, he suggest us to choose this "Auto" way, let program try their best to use CET.
Any way, This is just his suggestion. He said he also respect our last selections.
So, friends, if you still have concerns about the option way, please let me know, I'am not object to change the patch. I respect your ideas too.
I just hope to commit the first CET patch in LLD earlier, and then refining it.
Thank you very much!
Repository:
rLLD LLVM Linker
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D58102/new/
https://reviews.llvm.org/D58102
More information about the llvm-commits
mailing list