[PATCH] Add a flag to clang to support forward-edge control-flow integrity
Tom Roeder
tmroeder at google.com
Mon Jul 7 16:50:22 PDT 2014
On Sat, Jul 5, 2014 at 7:39 PM, Nick Lewycky <nicholas at mxc.ca> wrote:
> +cc Kostya.
>
> Kostya, I'm wondering whether I could interest you or anyone on your team in
> looking at http://reviews.llvm.org/D4167 . It's an IR transforming runtime
> instrumentation with a lot in common with the asan/tsan/msan passes, except
> that it has a different goal (security guarantees instead of bug finding)
> and that it runs as part of llc due to its integration with the jump tables.
> I think the sanitizers are the closest thing to this in llvm and it would be
> nice to get a review from the sanitizer developers.
>
>
> Tom Roeder wrote:
>>
>> This patch adds a clang flag -ffcfi that enables forward-edge
>> control-flow integrity. It depends on the (not yet reviewed) FCFI
>> patch at http://reviews.llvm.org/D4167.
>>
>> Specifically, it sets FCFI in llvm::TargetOptions when called LLVM
>> directly, and it passes the LLVM flag -fcfi through LTO to LLVM when
>> using gold.
>
>
> There is not yet a -fcfi flag on the gold plugin. Is that out for review
> already? I looked but I may have missed it.
That's part of D4167 as of DIff 10978 on June 30th. It's in
include/llvm/CodeGen/CommandFlags.h
Thanks,
Tom
More information about the llvm-commits
mailing list