[PATCH] D108479: [Clang] Add __builtin_addressof_nocfi

John McCall via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Sat Nov 13 20:47:40 PST 2021

rjmccall added a comment.

In D108479#3129571 <https://reviews.llvm.org/D108479#3129571>, @jrtc27 wrote:

> For CHERI there's the added complication that descriptors and trampolines can exist for security reasons when crossing security domains, and you absolutely should not let one compartment get pointers to the entry point of another compartment's function. You can hand it out if sealed or the permissions are cleared, as then you can't really do anything with it other than look at the integer address, but that seems a bit odd.

That would be consistent with getting an unsigned pointer under pointer authentication or an address with the THUMB bit potentially stripped: it's just a raw address that you can't safely call.  In any case, I suspect it would be fine for us to say that we just don't support this builtin when the target is using weird function pointers unless we have some way to bypass the special treatment in LLVM.

I agree that "symbol" address is probably the wrong name.  Maybe `__builtin_function_start` or something like that?  But before we go much further on this, we should get confirmation from Peter that we're targeting the right design.

  rG LLVM Github Monorepo



More information about the cfe-commits mailing list