search for: controlflowintegritydesign

Ask a simple question : I svn checkout compiler-rt in llvm/project. And I compile llvm through cmake. How can I make for all those testing files? make test? - mudongliang 2015-09-02 0:58 GMT+08:00 Kostya Serebryany <kcc at google.com>: > Take a look at > > clang.llvm.org/docs/ControlFlowIntegrityDesign.html > clang.llvm.org/docs/ControlFlowIntegrity.html > > And the tests: > https://github.com/llvm-mirror/compiler-rt/tree/master/test/cfi > > On Mon, Aug 31, 2015 at 7:43 PM, 慕冬亮 via llvm-dev <llvm-dev at lists.llvm.org > > wrote: > >> I want to create an experim...

...l, As promised, here is a brain dump on how I see CFI for vcalls working under ThinLTO. Most of this has been prototyped, so the design does appear to be sound. For context on how CFI currently works under regular LTO, please read: http://llvm.org/docs/TypeMetadata.html http://clang.llvm.org/docs/ControlFlowIntegrityDesign.html http://clang.llvm.org/docs/LTOVisibility.html ==== Summary extensions ==== The combined summary index would be extended to include a mapping from type identifiers to "resolutions". The resolution would control what type of code we generate to create a CFI check for that type identi...

...ain dump on how I see CFI for vcalls working > under ThinLTO. Most of this has been prototyped, so the design does appear > to be sound. For context on how CFI currently works under regular LTO, > please read: > > http://llvm.org/docs/TypeMetadata.html > http://clang.llvm.org/docs/ControlFlowIntegrityDesign.html > http://clang.llvm.org/docs/LTOVisibility.html > > ==== Summary extensions ==== > > The combined summary index would be extended to include a mapping from > type identifiers to "resolutions". The resolution would control what type > of code we generate to create...

...g CFI checks at call sites that > use branch funnels when CFI is enabled. > > To control the layout of vtables and function pointers, we can > extend existing mechanisms for controlling layout that are used to > implement CFI (see > https://clang.llvm.org/docs/ControlFlowIntegrityDesign.html > <https://clang.llvm.org/docs/ControlFlowIntegrityDesign.html>) so > that they are also used whenever a branch funnel needs to be created. > > The compiler will only use branch funnels when both the retpoline > mitigation (-mretpoline) and whole-program d...

...low integrity by itself, we can also avoid emitting CFI checks at call sites that use branch funnels when CFI is enabled. To control the layout of vtables and function pointers, we can extend existing mechanisms for controlling layout that are used to implement CFI (see https://clang.llvm.org/docs/ControlFlowIntegrityDesign.html) so that they are also used whenever a branch funnel needs to be created. The compiler will only use branch funnels when both the retpoline mitigation (-mretpoline) and whole-program devirtualization (-fwhole-program-vtables) features are enabled (the former is on the assumption that in gener...

...s an index for vtables in a similar way to how ThinLTO importing summaries already work. However, this would add even more complexity to the bitcode format, when I feel that we should really be going the other way with a simpler bitcode format. Thanks, -- -- Peter [1] http://clang.llvm.org/docs/ControlFlowIntegrityDesign.html [2] http://llvm.org/docs/BitSets.html [3] http://lists.llvm.org/pipermail/llvm-dev/2016-April/098081.html -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20160504/e6e6d5f0/attachment.html>

...an > also avoid emitting CFI checks at call sites that use branch funnels when > CFI is enabled. > > To control the layout of vtables and function pointers, we can extend > existing mechanisms for controlling layout that are used to implement CFI > (see https://clang.llvm.org/docs/ControlFlowIntegrityDesign.html) so that > they are also used whenever a branch funnel needs to be created. > > The compiler will only use branch funnels when both the retpoline > mitigation (-mretpoline) and whole-program devirtualization > (-fwhole-program-vtables) features are enabled (the former is on the...

...ontrol flow integrity checks in Clang rely on a so-called bit set lowering pass to implement its checks efficiently. The current implementation of the bit set lowering pass requires whole-program visibility. The full details of why are described in the design document at: http://clang.llvm.org/docs/ControlFlowIntegrityDesign.html We currently achieve whole-program visibility using LTO. The trouble with LTO is that it comes with a significant compile time cost -- on large programs such as Chrome, compiling with link-time optimization can be over 7x slower (over 3 hours has been measured) than compiling without. So I w...

I want to create an experiment to show the effectiveness of cfi : For example , I first need a program with vulnerability so that we can hijack its control flow; then I enforce cfi of llvm and we can't hijack its control flow. Do you have any advice for me? - mudongliang -------------- next part -------------- An HTML attachment was scrubbed... URL:

On 10/24/2016 1:07 PM, Peter Collingbourne via llvm-dev wrote: > On Mon, Oct 10, 2016 at 8:12 PM, Peter Collingbourne <peter at pcc.me.uk > <mailto:peter at pcc.me.uk>> wrote: > > The specific change I have in mind is to allow !range metadata on > GlobalObjects. This would > be similar to existing !range metadata, but it would apply to the >

Hello Vic, I don't have a lot to add myself. I think that majority of the input needs to come from the OS stakeholders. My main concern is if it requires work on every platform to take advantage or avoid regressions then perhaps it is worth adding as an option rather than changing the default. Some questions: - Does this need work in every OS for correctness of programs? For example you