[RFC/RFT 0/3] Add compiler support for Control Flow Integrity
Hongtao Liu
crazylht at gmail.com
Wed Feb 8 17:48:10 PST 2023
On Mon, Dec 19, 2022 at 3:59 PM Dan Li via Gcc-patches
<gcc-patches at gcc.gnu.org> wrote:
>
> This series of patches is mainly used to support the control flow
> integrity protection of the linux kernel [1], which is similar to
> -fsanitize=kcfi in clang 16.0 [2,3].
>
> I hope that this feature will also support user-mode CFI in the
> future (at least for developers who can recompile the runtime),
> so I use -fsanitize=cfi as a compilation option here.
>
> Any suggestion please let me know :).
Do you have this series as a branch somewhere that we could also try for x86?
>
> Thanks, Dan.
>
> [1] https://lore.kernel.org/all/20220908215504.3686827-1-samitolvanen@google.com/
> [2] https://clang.llvm.org/docs/ControlFlowIntegrity.html
> [3] https://reviews.llvm.org/D119296
>
> Dan Li (3):
> [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to
> 64 bits to support more features
> [PR102768] Support CFI: Add new pass for Control Flow Integrity
> [PR102768] aarch64: Add support for Control Flow Integrity
>
> Signed-off-by: Dan Li <ashimida.1990 at gmail.com>
>
> ---
> gcc/Makefile.in | 1 +
> gcc/asan.h | 4 +-
> gcc/c-family/c-attribs.cc | 10 +-
> gcc/c-family/c-common.h | 2 +-
> gcc/c/c-parser.cc | 4 +-
> gcc/cgraphunit.cc | 34 +++
> gcc/common.opt | 4 +-
> gcc/config/aarch64/aarch64.cc | 106 ++++++++
> gcc/cp/typeck.cc | 2 +-
> gcc/doc/invoke.texi | 35 +++
> gcc/doc/passes.texi | 10 +
> gcc/doc/tm.texi | 27 +++
> gcc/doc/tm.texi.in | 8 +
> gcc/dwarf2asm.cc | 2 +-
> gcc/flag-types.h | 67 ++---
> gcc/opt-suggestions.cc | 2 +-
> gcc/opts.cc | 26 +-
> gcc/opts.h | 8 +-
> gcc/output.h | 3 +
> gcc/passes.def | 1 +
> gcc/target.def | 39 +++
> .../aarch64/control_flow_integrity_1.c | 14 ++
> .../aarch64/control_flow_integrity_2.c | 25 ++
> .../aarch64/control_flow_integrity_3.c | 23 ++
> gcc/toplev.cc | 4 +
> gcc/tree-cfg.cc | 2 +-
> gcc/tree-cfi.cc | 229 ++++++++++++++++++
> gcc/tree-pass.h | 1 +
> gcc/tree.cc | 144 +++++++++++
> gcc/tree.h | 1 +
> gcc/varasm.cc | 29 +++
> 31 files changed, 803 insertions(+), 64 deletions(-)
> create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_1.c
> create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_2.c
> create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_3.c
> create mode 100644 gcc/tree-cfi.cc
>
> --
> 2.17.1
>
--
BR,
Hongtao
More information about the linux-arm-kernel
mailing list