[LLVMdev] [RFC] Simple control-flow integrity
Tom Roeder
tmroeder at google.com
Mon Feb 10 17:13:10 PST 2014
On Mon, Feb 10, 2014 at 4:22 PM, JF Bastien <jfb at google.com> wrote:
> Hi Tom,
>
> A few questions:
> - Have you tried running your CFI on LLVM itself? Did you need to add
> any annotations?
Actually, I haven't. That will depend on me being able to compile LLVM
under LTO. I'll give it a try.
> - What is the performance and size hit on different applications?
The overhead varies a bit, but perf's generally been in the small # of
percent over a version compiled with LLVM LTO. For example, a version
of Chromium M31 had about a 4% perf overhead running the dromaeo.com
benchmark. The size hit mostly depends on the number of functions and
call sites; e.g., in x86-64, each function entry in the table takes up
8 bytes, and each rewritten indirect call instruction takes up 35
extra bytes for the pointer rewriting and the branch and call in the
case of a violation.
More information about the llvm-dev
mailing list