[PATCH] D76900: Enable IBT(Indirect Branch Tracking) in JIT with CET(Control-flow Enforcement Technology)
Xiang Zhang via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Mar 30 01:35:29 PDT 2020
xiangzhangllvm added a comment.
If "1 Check CET in JIT instead of checking -fcf-protection-branch" can't let VNC passed. The crash must happen at "Take address of a internal function."
This is not a IBT problem only for JIT, but also the static llvm compiler, e.g. llc.
And it may unable to track these calling through function address, because these function address may be calculated out in runtime or written in a big table.
and it really seems some disaccord/unbeautiful to add "isJITwithCET" for the old patch.
I think we should change the condition from
if ((**isJITwithCET ||**
MF.getFunction().hasAddressTaken() ||
!MF.getFunction().hasLocalLinkage()) &&
!MF.getFunction().doesNoCfCheck()) {
auto MBB = MF.begin();
Changed |= addENDBR(*MBB, MBB->begin());
}
to
if (!MF.getFunction().doesNoCfCheck()) {
auto MBB = MF.begin();
Changed |= addENDBR(*MBB, MBB->begin());
}
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D76900/new/
https://reviews.llvm.org/D76900
More information about the llvm-commits
mailing list