[LLVMdev] Adding CFI checks to clang vs llvm
Peter Collingbourne
peter at pcc.me.uk
Tue Feb 17 16:59:28 PST 2015
It may be a good idea to use patchpoints (or something like them) to give a
linker space to assemble a (possibly optimized based on global information)
check if we wanted to drop the dependency on LTO. I'd need to think about this
more though, and this is probably not something we'd want to do in version 1.
In general, the idea of representing the calls as an intrinsic call taking
a function pointer/args seems interesting, but it may be simplest to avoid
trying to overload one of the existing intrinsics.
Peter
On Tue, Feb 17, 2015 at 04:22:49PM -0800, Philip Reames wrote:
> Rather than using a new intrinsic, you could use either patchpoint or
> statepoints to represent this. If you passed the string you needed tied
> to the call as an argument, it would end up in the stackmap section.
> You'd be guaranteed that the string was available throughout the
> optimizer as well.
>
> Philip
>
> On 02/17/2015 12:35 PM, Peter Collingbourne wrote:
>> Hi,
>>
>> In http://reviews.llvm.org/D7424 we've been discussing whether to insert
>> control flow integrity checks in Clang or LLVM. The main challenge is that
>> the checks need something like a string associated with each call, and
>> there's currently no stable way to ensure that the string stays with the call.
>>
>> The current version of the patch does the checks with an intrinsic, but
>> there's a concern that this may interfere with devirtualization.
>>
>> Does anyone have any opinions besides what's been discussed on the review
>> thread?
>>
>> Thanks,
>
>
--
Peter
More information about the llvm-dev
mailing list