[clang] [llvm] [X86] Enhance kCFI type IDs with a 3-bit arity indicator. (PR #117121)
Scott Constable via llvm-commits
llvm-commits at lists.llvm.org
Sat Nov 23 13:02:19 PST 2024
scottconstable wrote:
> > > > @phoebewang and @lvwr I also noticed that there is this code in LLVM:
> > > > https://github.com/llvm/llvm-project/blob/9ba6672b9f0e82a1f6d4100dc832c84447ea545c/llvm/lib/Transforms/Utils/ModuleUtils.cpp#L202-L214
> > > >
> > > > . As far as I can tell, this code is not triggered when I build the Linux kernel with `-fsanitize=kcfi`.
> > > > When is this code triggered? And do you think it is necessary to additionally implement the arity-enhancement to this code?
> > >
> > >
> > > I'm not familar with KCFI. I find it's added by @samitolvanen in [e1c36bd](https://github.com/llvm/llvm-project/commit/e1c36bde0551977d4b2efae032af6dfc4b2b3936). I think you should triger it with attached test case.
> >
> >
> > It looks to me like this code might be triggered in some LTO configurations, and/or when linking code compiled from multiple source languages with the expectation that the KCFI type IDs will be compatible. Is my understanding correct?
>
> Looks like the latter, see [71c7313](https://github.com/llvm/llvm-project/commit/71c7313f42d2b6063fea09854cf4fc46fd0627e1)
Actually, I think this code was introduced to address a compatibility issue with KASAN, which apparently must generate KCFI-enabled code without clang. I found this explanation at https://github.com/llvm/llvm-project/commit/3b14862f0a968dc079530acbce4f2ca4aa7c1492 and https://github.com/ClangBuiltLinux/linux/issues/1742.
Regardless, it looks like `llvm::setKCFIType` is intended to always produce the same KCFI type ID as `CodeGenModule::CreateKCFITypeId` for equivalent function types. For this PR, this implies that `llvm::setKCFIType` and `CodeGenModule::CreateKCFITypeId` must always infer the same arity for the same function type.
https://github.com/llvm/llvm-project/pull/117121
More information about the llvm-commits
mailing list