[llvm-dev] Collect all possible return address and write in a new section
Dean Michael Berris via llvm-dev
llvm-dev at lists.llvm.org
Mon Jul 16 18:47:20 PDT 2018
Hi -- can you describe a bit more what you mean by coarse-grained CFI?
We do some of what you're describing in the XRay implementation, where
we have a section for the instrumentation map and at runtime we're
able to tell which functions are instrumented.
The way we've had to do this is with attributes at LLVM IR for
functions, have a pass that will lower certain instructions (returns
and tail exits) into pseudo-instructions, and further lowering to
target/platform specific details (sections in ELF/MachO etc.).
On Tue, Jul 17, 2018 at 5:53 AM 王大天 via llvm-dev
<llvm-dev at lists.llvm.org> wrote:
>
> Hi
>
> I try to implement a coarse-grained CFI in LLVM
>
> (CFI = Contorl Flow Integrity)
>
> I want to collect all address after call instructions
>
> address after a call equals to a valid return site in coarse-grained CFI
>
> I want to add a new section
>
> and write all the possible return address in the new section
>
> (and then, add the integrity check)
>
> I have some quetions:
>
> (1)
> Which part of LLVM code should I implement my CFI ?
> IR level or SelectionDAG/CodeGen?
>
> (2)
> LLVM MC can let me add a new section, right?
>
> (3)
> How can I get the real address of instruction in compile time?
> Or should I modify linker/loader?
>
> Thank you
>
>
>
>
>
>
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
--
Dean
More information about the llvm-dev
mailing list