[clang] [llvm] [X86][KCFI] Do not emit a type prefix for nocf_check functions (PR #158133)
Sami Tolvanen via llvm-commits
llvm-commits at lists.llvm.org
Tue Sep 16 10:31:54 PDT 2025
samitolvanen wrote:
> > Looking at this a bit closer, the `nocf_check` attribute also applies to function pointers with `-fcf-protection`, and disables tracking for indirect branches.
>
> Wait, like, as variable/struct-member attribute?
For function pointer types, specifically. Performing an indirect call through a `nocf_check` attributed function pointer sets the NOTRACK prefix, which disables IBT for the branch. This is disabled in the kernel, but the compiler should still handle this gracefully.
> > Edit: RISC-V also supports `-fcf-protection`, but not `nocf_check`, so presumably we would still want to produce a warning for `nocf_check` usage when used with `-fcf-protection` alone on non-X86 architectures if we want to support the attribute on other architectures with KCFI.
>
> Hm, this is getting a bit weird. Perhaps we should instead leave `nocf_check` alone and create a KCFI-specific attribute for preamble disabling instead? Bike-shed: `__attribute__((kcfi_invisible))`? `kcfi_uncallable`? `kcfi_no_preamble`?
Adding a new attribute would certainly avoid the corner cases with `nocf_check`. @AaronBallman any thoughts about this?
https://github.com/llvm/llvm-project/pull/158133
More information about the llvm-commits
mailing list