[PATCH] D58102: Support X86 Control-flow Enforcement Technology (CET) in LLD
Florian Weimer via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Tue Feb 26 22:32:38 PST 2019
fweimer added a comment.
In D58102#1410870 <https://reviews.llvm.org/D58102#1410870>, @ruiu wrote:
> I don't think you added a new command line option. My suggestion was this:
>
> 1. Add a new command line option, say, `--intel-cet` (that's perhaps not the final name of the option, I chose it tentatively to move things forward.)
> 2. If `--intel-cet` is given, verify that each input file contains a .note section with an appropriate bit, and discard .note section after reading it (so we don't merge them or copy them to the output file). If there's a file that doesn't contain a proper .note, report an error and stop.
> 3. When creating an input file, create a .note section with appropriate contents when `--intel-cet` was given.
>
> Specifically, I don't think you should add a new member `X86Feature1AND` to `Config` because with the above scheme you are no longer merging .note section so you don't need to collect bits. `mergeAggregateMetadata` should also be deleted from the patch.
>
> What do you think?
This will not work because it makes it impossible to roll out CET support in a distribution incrementally. Each time a library is CET-enabled (because all its assembler files are properly annotated), all reverse dependencies would have to be patched and their build systems changed to pass a new flag to the linker.
How does lld handle the non-executable stack flag? From a developer point of view, the CET processing is supposed to be very similar.
Repository:
rLLD LLVM Linker
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D58102/new/
https://reviews.llvm.org/D58102
More information about the llvm-commits
mailing list