- User Since
- Jul 29 2020, 8:27 AM (175 w, 2 d)
Dec 22 2022
Given https://reviews.llvm.org/D140363, this patch is being abandoned.
FWIIW, agreed on removing this until we figure out how to make it work properly. Thanks for the patch @MaskRay.
Dec 15 2022
Dec 14 2022
Weirdly enough, I double-tested the behavior for -flto=thin + -mibt-seal; the kernel did boot fine on my setup, but when dumped/grep'ed for ENDBRs, it had ~500 less ENDBRs throughout the binary
Did you confirm the issue with the reproducer in the CBL bug? It would be interesting to find out why you couldn't reproduce this in the kernel.
Sep 30 2022
Sep 29 2022
Aug 13 2022
Aug 12 2022
Jul 27 2022
I really like this revision. It removes the redundancy of having KCFI passes both in CodeGen and in the backend; it detangles CALL instructions from KCFI by creating a new MIR instruction; it fixes alignment while still supporting the -fpatchable-function-entry option; it doesn't add hashes/gadgets through the code as it was before needed by the use of cmp instructions. With all this said, the patch LGTM.
Jun 2 2022
May 5 2022
May 2 2022
Apr 28 2022
I looked at your code quickly and I wonder if using operand bundles would be better than adding an attribute. Thoughts?
I agree that a separate pass wasn't ideal, but InstCombine seems to be full of code to "fix what other passes messed up". :) I'm not sure if messed up is the correct term though, these are checks that were necessary before optimizations, but are no longer needed.
This seems like a reasonable approach, and was also the approach taken for the PAuth ABI. The PAuth ABI attaches an operand bundle to the call instruction and arranges for the code for the check to be generated together with the call. This helps with avoiding spills of the verified function pointer between the check and the call. The code isn't upstream but is available on this branch: https://github.com/pcc/llvm-project/tree/apple-pac4
Grep for something like undle.*ptrauth and you should find the relevant code.
I think there are no more untied knots... @pengfei, do you think this is ready to merge? If yes, can you please merge it? tks!
Apr 21 2022
Oh, one other tiny detail I forgot to mention. I noticed that the tag is pushing the functions 6 bytes forward, regardless of any prepending padding nops that were added to ensure 16b alignment. It would be cool to care about the proper function alignment and also to not emit dummy padding nops when the padding area can be filled with the tag itself.
I played a little bit with kcfi and here are some thoughts:
Apr 19 2022
Apr 11 2022
In the previous discussion, @joaomoreira pointed out that this is very similar to nocf_check and proposed reusing that attribute. In an offline discussion, @pcc was concerned that an attribute may not be the right approach here and suggested a __builtin_kcfi_unchecked(function(args)) built-in function to avoid changing the type system.
Apr 5 2022
Apr 4 2022
Mar 23 2022
I did track down the problem to clang/lib/Frontend/CompilerInvocation.cpp -- RoundTrip method. There, we can se the following statement:
Mar 3 2022
Feb 25 2022
No problem! And thanks! The test looks better than the one I had half-way implemented. I'm also updating the test which got broken by this fix... let me know if you see a problem with it!
Hm. I got tests almost ready (fixed the broken one and am working on finishing a new one). I'll update the diff in a few minutes. I can also update the description, let me know if you have suggestions.
Feb 8 2022
Feb 1 2022
Jan 27 2022
Jan 26 2022
Hi Gabriel, thanks for the updated review. Here are the cmake flags as you asked:
Jan 25 2022
Hm. First, thanks a lot for the detailed review. I double check on my end and I still don't get the flag as expected. Here are some of my outputs:
Jan 24 2022
Jan 20 2022
Jan 18 2022
Hi, is anything still preventing this from being merged?
Dec 21 2021
Modularized needsPrologueENDBR function and removed missed comment.
Dec 20 2021
Dec 7 2021
FWIIW, looks correct to me too. Tks @DavidSpickett
Dec 6 2021
It seems this was not merged yet. Is there anything else needed?
Oct 4 2021
Oct 9 2020
I noticed that this commit breaks MUSL 1.2.0. Here is an isolated test-case that illustrates the issue:
Sep 18 2020
The test was updated in the last revision, diff was also updated for context. Is there anything else needed for this?
Sep 10 2020
Sep 8 2020
Jul 30 2020
- Applied suggestions made by @RKSimon,
- Fixed "opcode" variable name capitalization.