[PATCH] D56373: Support X86 CET (Control-flow Enforcement Technology) in LLD

Rui Ueyama via llvm-commits llvm-commits at lists.llvm.org
Mon Jan 7 13:20:00 PST 2019 

I cannot see the patch: Phabricator says that "You Shall Not Pass:
Restricted Differential Revision". Can you fix this?

On Sun, Jan 6, 2019 at 5:53 PM Xiang Zhang via Phabricator via llvm-commits
<llvm-commits at lists.llvm.org> wrote:

> xiangzhangllvm created this revision.
> xiangzhangllvm added reviewers: hjl.tools, LuoYuanke, craig.topper,
> vzakhari, annita.zhang, smaslov.
> xiangzhangllvm added a project: lld.
> Herald added subscribers: llvm-commits, MaskRay, arichardson, emaste.
> Herald added a reviewer: espindola.
>
> Control-flow Enforcement Technology (CET)
> provides the following capabilities to defend against ROP/JOP style
> control-flow subversion attacks: 
> Shadow Stack (SHSTK) – return address protection to defend against Return
> Oriented Programming, 
> Indirect branch tracking (IBT) – free branch protection to defend against
> Jump/Call Oriented Programming.
>
> The key implement of the feature in LLD:
> The flags of SHSTK and IBT will be set at the
> GNU_PROPERTY_X86_FEATURE_1_AND related structure in .note.gnu.property
> section if the CET is enabled.
> The LLD will first check if all the relocatable object files contain the
> GNU_PROPERTY_X86_FEATURE_1_AND related structure.
> Then to create the GNU_PROPERTY_X86_FEATURE_1_AND related section in
> output file or not.
> It is the OS and hardware to check these flags in the related segment, and
> run the features or not.
> Because of the IBT feature need to insert a endbr* instruction at the end
> of indirect jump. So we also deal with the Lazy binding in the LLD by
> adding a second PLT.
>
>
> Repository:
>   rLLD LLVM Linker
>
> https://reviews.llvm.org/D56373
>
> Files:
>   ELF/Arch/X86.cpp
>   ELF/Arch/X86_64.cpp
>   ELF/Config.h
>   ELF/Driver.cpp
>   ELF/Driver.h
>   ELF/InputSection.cpp
>   ELF/InputSection.h
>   ELF/Relocations.cpp
>   ELF/Symbols.cpp
>   ELF/Symbols.h
>   ELF/SyntheticSections.cpp
>   ELF/SyntheticSections.h
>   ELF/Target.h
>   ELF/Writer.cpp
>
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20190107/05ea68db/attachment.html>

More information about the llvm-commits mailing list