similar to: RFC: Using link-time optimization to eliminate retpolines

Displaying 20 results from an estimated 6000 matches similar to: "RFC: Using link-time optimization to eliminate retpolines"

2018 Jan 26
0
RFC: Using link-time optimization to eliminate retpolines
Wouldn't a branch funnel open the door to a type 1 attack? E.g. if the code looks like this, then a branch funnel basically turns into a standard type 1 pattern AFAICT: struct Base { virtual int f(long) = 0; }; struct A : Base { int f(long x) override { return 0; }; }; struct B : Base { int f(long x) override { // As in listing 1 in
2018 Jan 26
1
RFC: Using link-time optimization to eliminate retpolines
Hi, Sean Silva via llvm-dev wrote: > Wouldn't a branch funnel open the door to a type 1 attack? Only if the code looks exactly as you wrote it. If I understand this correctly the problem with indirect branches is that the "gadget", the code leaking the data, could be *anywhere* in the binary, giving the attacker much more freedom. So restricting these calls to one of the
2016 May 04
4
RFC [ThinLTO]: An embedded summary encoding to support CFI and vtable opt
Hi all, I wanted to make this proposal to extend ThinLTO to allow a bitcode module to embed another bitcode module containing summary information. The purpose of doing so is to support CFI and whole-program devirtualization optimizations under ThinLTO. Overview The CFI and whole-program devirtualization optimizations work by transforming vtables according to the class hierarchy. For example,
2016 Jan 28
8
Proposal: virtual constant propagation
Hi all, I'd like to make the following proposal to implement an optimization called virtual constant propagation. ==Introduction== After enabling control flow integrity protection in Chromium, we have observed an unacceptable performance regression in certain critical layout microbenchmarks. Profiling [0] revealed that the cause of the regression was a large number of virtual calls, each
2016 Jan 28
2
Proposal: virtual constant propagation
Hi, I just thought about another use case: VTable compression. If you know that an entry in the Vtable is never used, just remove it! I’d hope we could even eliminate some unused virtual functions from the final binary. — Mehdi > On Jan 27, 2016, at 10:29 PM, Mehdi Amini via llvm-dev <llvm-dev at lists.llvm.org> wrote: > > Hi Peter, > > Pete (Cooper, CC'ed) had a
2016 Jan 28
2
Proposal: virtual constant propagation
Hi Peter, Thanks for your answer! > On Jan 28, 2016, at 10:17 AM, Peter Collingbourne <peter at pcc.me.uk> wrote: > > Hans wrote: >> (and start-up time if we can drop the vtables and >> void the dynamic relocations). > > On Thu, Jan 28, 2016 at 09:15:05AM -0800, Mehdi Amini wrote: >> Hi, >> >> I just thought about another use case: VTable
2016 Jun 01
5
RFC: a renaming/redesign for LLVM's bitset metadata
Hi all, The bitset metadata currently used in LLVM has a few problems: 1. It has the wrong name. The name "bitset" refers to an implementation detail of one use of the metadata (i.e. its original use case, CFI). This makes it harder to understand, as the name makes no sense in the context of virtual call optimization. 2. It is represented using a global named metadata node, rather than
2017 Jun 19
2
[CFI] Manually linking classes that have no inheritance link
As you noted the class links are actually of the whitelisting kind and not of the blacklisting kind. Doing this with an attribute is pretty interesting and sounds like a better fit to me. I think this could look something like: __attribute__((compatible_vtable_layout("JSComponentMath", "JSComponentImage"))) class ProxyClass{ public: ... } Would this be more admissible? On
2016 Oct 26
2
RFC: a more detailed design for ThinLTO + vcall CFI
Hi all, As promised, here is a brain dump on how I see CFI for vcalls working under ThinLTO. Most of this has been prototyped, so the design does appear to be sound. For context on how CFI currently works under regular LTO, please read: http://llvm.org/docs/TypeMetadata.html http://clang.llvm.org/docs/ControlFlowIntegrityDesign.html http://clang.llvm.org/docs/LTOVisibility.html ==== Summary
2016 Oct 28
0
RFC: a more detailed design for ThinLTO + vcall CFI
Hi Peter, Thanks for sending this and sorry for the slow response. Some questions below. Teresa On Tue, Oct 25, 2016 at 5:27 PM, Peter Collingbourne <peter at pcc.me.uk> wrote: > Hi all, > > As promised, here is a brain dump on how I see CFI for vcalls working > under ThinLTO. Most of this has been prototyped, so the design does appear > to be sound. For context on how CFI
2018 Sep 26
4
Concerns about enabling retpolines by default
We recently discovered that our OpenSSH distribution binaries contain retpoline thunks. It's due to this OSSH_CHECK_CFLAG_COMPILE([-mfunction-return=thunk]) # gcc OSSH_CHECK_CFLAG_COMPILE([-mindirect-branch=thunk]) # gcc This was quite surprising because at least the GNU/Linux userspace has no provisions for retpolines. You also fail to enable -fno-plt, so you need
2019 Dec 11
5
RFC: Safe Whole Program Devirtualization Enablement
Please send any comments. As mentioned at the end I will follow up with some patches as soon as they are cleaned up and I create some test cases. RFC: Safe Whole Program Devirtualization Enablement =================================================== High Level Summary ------------------ The goal of the changes described in this RFC is to support aggressive Whole Program Devirtualization without
2017 Jun 15
2
[CFI] Manually linking classes that have no inheritance link
Hi, I would like to propose extending the Control-Flow Integrity (CFI) mechanism in LLVM/Clang with a feature that allows users to explicitly link classes that have no inheritance link. Usually, if one class is used at locations in code where this class is not expected, this will create a CFI error at runtime, assuming the application is built with CFI enabled. However, in cases where the user
2017 Jun 16
2
[CFI] Manually linking classes that have no inheritance link
-krasin@ On Fri, Jun 16, 2017 at 11:05 AM, Kostya Serebryany <kcc at google.com> wrote: > > > On Thu, Jun 15, 2017 at 10:39 PM, Enes Göktaş <enes.goktas at gmail.com> > wrote: > >> Hi Kostya, >> >> Please find attached the minimized motivation test. >> I hope it is minimized enough. If not please let me know so I can try to >> make it more
2017 Jun 16
2
[CFI] Manually linking classes that have no inheritance link
Hi Kostya, Please find attached the minimized motivation test. I hope it is minimized enough. If not please let me know so I can try to make it more minimal. Were you expecting something like this? Also I think the tests that I should provide along with the patch should be in a special format right? I think I should be looking at http://llvm.org/docs/DeveloperPolicy.html#test-cases, and
2016 Sep 20
2
[cfe-dev] Recent clang regressions
I get some failing tests from compiler-rt. FAIL: cfi :: cross-dso/stats.cpp (30831 of 30893) ******************** TEST 'cfi :: cross-dso/stats.cpp' FAILED ******************** Script: -- /usr/local/google/home/prazek/llvm-build-release/./bin/clang -fuse-ld=gold -flto -fsanitize=cfi -fwhole-program-vtables --driver-mode=g++ -fsanitize-cfi-cross-dso -fvisibility=default -DSHARED_LIB -fPIC
2015 Sep 02
3
llvm cfi
Ask a simple question : I svn checkout compiler-rt in llvm/project. And I compile llvm through cmake. How can I make for all those testing files? make test? - mudongliang 2015-09-02 0:58 GMT+08:00 Kostya Serebryany <kcc at google.com>: > Take a look at > > clang.llvm.org/docs/ControlFlowIntegrityDesign.html > clang.llvm.org/docs/ControlFlowIntegrity.html > > And the
2016 Feb 29
10
RFC: A new ABI for virtual calls, and a change to the virtual call representation in the IR
Hi all, I'd like to make a proposal to implement the new vtable ABI described in PR26723, which I'll call the relative ABI. That bug gives more details and justification for that ABI. The user interface for the new ABI would be that -fwhole-program-vtables would take an optional value indicating which aspects of the program have whole-program scope. For example, the existing
2015 Feb 18
2
[LLVMdev] Adding CFI checks to clang vs llvm
On Tue, Feb 17, 2015 at 07:00:14PM -0800, Chandler Carruth wrote: > On Tue, Feb 17, 2015 at 12:35 PM, Peter Collingbourne <peter at pcc.me.uk> > wrote: > > > Hi, > > > > In http://reviews.llvm.org/D7424 we've been discussing whether to insert > > control flow integrity checks in Clang or LLVM. The main challenge is that > > the checks need
2017 Apr 26
2
Identify virtual function call sites and candidate callees for it
Hi, I have an analysis pass which collects information about functions based on their call sites. There are problems I'm facing with processing virtual function calls, namely . How identify virtual call sites in my pass? . How Identify candidate callees for the given virtual call site? For the following example, the information I want to get would be identify call of F and as a possible