[clang] [llvm] [X86] Extend kCFI with a 3-bit arity indicator (PR #121070)
Sebastian Ă–sterlund via llvm-commits
llvm-commits at lists.llvm.org
Wed Jan 22 00:19:24 PST 2025
sirmc wrote:
I had a quick look (sorry for not getting to this earlier, was traveling around Vietnam for a few weeks). Looks good to me. Especially the trick of encoding the arity into the MOV32ri register seems very neat from a compatibility standpoint.
So if I understand this correctly, the only compatibility conflict this introduces is with the kernel's handling of rewriting the kCFI function prologue, which can be checked with `__has_feature`. Enabling this arity hardening in Rust, if desired, seems straight-forward to me.
My only concern for the current PR was that the change might be incompatible with the handling on the kernel side (i.e., that the kernel's rewrite code assumed EAX rather than any other value in the reg field), which could fail older kernel builds with a newer toolchain. But after a quick look it seems like the decoding doesn't create conflict (see https://github.com/torvalds/linux/blob/c4b9570cfb63501638db720f3bee9f6dfd044b82/arch/x86/kernel/alternative.c#L1112). And AFAIK there's no other users of kCFI besides the Linux kernel (but please correct me if I'm wrong). I do see some initial work on supporting kCFI in FreeBSD https://reviews.freebsd.org/D46193, but this also seems compatible to me too.
So in short, all seems ok to me.
https://github.com/llvm/llvm-project/pull/121070
More information about the llvm-commits
mailing list