[llvm-bugs] [Bug 46293] New: __cfi_check not aligned to 4k on relocatable files with no executable code

via llvm-bugs llvm-bugs at lists.llvm.org
Thu Jun 11 15:29:06 PDT 2020 

https://bugs.llvm.org/show_bug.cgi?id=46293

            Bug ID: 46293
           Summary: __cfi_check not aligned to 4k on relocatable files
                    with no executable code
           Product: new-bugs
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: new bugs
          Assignee: peter at pcc.me.uk
          Reporter: samitolvanen at google.com
                CC: eugeni.stepanov at gmail.com, htmldeveloper at gmail.com,
                    llvm-bugs at lists.llvm.org, ndesaulniers at google.com

When building a Linux kernel module with no executable code using
-fsanitize=cfi + -fsanitize-cfi-cross-dso, I noticed the compiler-generated
__cfi_check function was not aligned to 4096 bytes as expected:

$ echo "int a;" > test.c
$ clang -flto=thin -fvisibility=default \
    -fsanitize=cfi -fsanitize-cfi-cross-dso -c test.c
$ ld.lld -r -o test.ko test.o
$ llvm-readelf -S --wide test.ko
...
Section Headers:
  [Nr] Name              Type            Address          Off    Size   ES Flg
Lk Inf Al
  [ 2] .text.__cfi_check_fail PROGBITS   0000000000000000 000040 000026 00  AX 
0   0 16
...


Note Al = 16 in the section header. Adding a function to the file results in
__cfi_check to be aligned to 4096 again:

$ echo "int a; void b() {}" > test.c
$ clang -flto=thin -fvisibility=default \
    -fsanitize=cfi -fsanitize-cfi-cross-dso -c test.c
$ ld.lld -r -o test.ko test.o
$ llvm-readelf -S --wide test.ko
...
Section Headers:
  [Nr] Name              Type            Address          Off    Size   ES Flg
Lk Inf Al
  [ 2] .text.__cfi_check PROGBITS        0000000000000000 001000 000032 00  AX 
0   0 4096
...

I couldn't find documentation that says __cfi_check is guaranteed to be aligned
to 4k, but it's implied in the CFI design document and compiler-rt's CFI shadow
implementation also assumes it:

https://clang.llvm.org/docs/ControlFlowIntegrityDesign.html#cfi-shadow

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20200611/d2fe3e15/attachment-0001.html>

More information about the llvm-bugs mailing list