[PATCH] D119296: KCFI sanitizer
Sami Tolvanen via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Apr 7 17:28:56 PDT 2022
samitolvanen added a comment.
In D119296#3437604 <https://reviews.llvm.org/D119296#3437604>, @pcc wrote:
>> Note that if additional data has been injected between the KCFI
>> type identifier and the start of the function, e.g. by using
>> -fpatchable-function-entry, the offset in bytes must be specified
>> using -fsanitize-kcfi-offset=<value> to avoid errors. The offset
>> must be the same for all indirectly called functions in every
>> translation unit.
>
> On x86 the specific constant 6 is necessary to ensure that the constant embedded in the cmpl operand can't be used as a gadget. So any value other than 6 will potentially impact the security of KCFI.
>
> I would prefer not to design an interaction between -fpatchable-function-entry and KCFI until the specific use case is known.
Sure, that's a valid point. In the Linux kernel, only PA-RISC currently injects nops before function entry, so this isn't an issue for any of the architectures we currently plan to support. I'll drop the flag from the next version and we can revisit this when we have an actual use case.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D119296/new/
https://reviews.llvm.org/D119296
More information about the llvm-commits
mailing list