HomePhabricator

SafeStack documentation improvements

Description

SafeStack documentation improvements

This patch makes the following improvements to the SafeStack documentation:

Explicitly states the security guarantees of the SafeStack
Clarifies which of the security guarantees are probabilistic
Re-orders security limitations to put the most severe ones first
Explains how __attribute__((no_sanitize("safe-stack"))) works and how to use it safely
Explains that SafeStack should be combined with a forward-edge protection mechanism, such as CPI, IFCC or others
Multiple readability and stylistic improvements

Patch by Volodymyr Kuznetsov!

Differential Revision: http://reviews.llvm.org/D10598

Details

Committed
pccJun 23 2015, 3:24 PM
Differential Revision
D10598: SafeStack documentation improvements
Parents
rL240471: Devirtualize Constant::destroyConstant.
Branches
Unknown
Tags
Unknown