[all-commits] [llvm/llvm-project] fc4494: [StackProtector] don't check stack protector befor...
Nick Desaulniers via All-commits
all-commits at lists.llvm.org
Thu Apr 13 09:37:39 PDT 2023
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: fc4494dffa5422b2be5442c235554e76bed79c8a
https://github.com/llvm/llvm-project/commit/fc4494dffa5422b2be5442c235554e76bed79c8a
Author: Nick Desaulniers <ndesaulniers at google.com>
Date: 2023-04-13 (Thu, 13 Apr 2023)
Changed paths:
M llvm/lib/CodeGen/StackProtector.cpp
M llvm/test/CodeGen/X86/stack-protector-2.ll
M llvm/test/CodeGen/X86/stack-protector-recursively.ll
Log Message:
-----------
[StackProtector] don't check stack protector before calling nounwind functions
https://reviews.llvm.org/rGd656ae28095726830f9beb8dbd4d69f5144ef821
introduced a additional checks before calling noreturn functions in
response to this security paper related to Catch Handler Oriented
Programming (CHOP):
https://download.vusec.net/papers/chop_ndss23.pdf
See also:
https://bugs.chromium.org/p/llvm/issues/detail?id=30
This causes stack canaries to be inserted in C code which was
unexpected; we noticed certain Linux kernel trees stopped booting after
this (in functions trying to initialize the stack canary itself).
https://github.com/ClangBuiltLinux/linux/issues/1815
There is no point checking the stack canary like this when exceptions
are disabled (-fno-exceptions or function is marked noexcept) or for C
code. The GCC patch for this issue does something similar:
https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=a25982ada523689c8745d7fb4b1b93c8f5dab2e7
Android measured a 2% regression in RSS as a result of d656ae280957 and
undid it globally:
https://android-review.googlesource.com/c/platform/build/soong/+/2524336
Reviewed By: xiangzhangllvm
Differential Revision: https://reviews.llvm.org/D147975
More information about the All-commits
mailing list