From: Hongtao Liu <crazylht@gmail.com>
To: Dan Li <ashimida.1990@gmail.com>
Cc: gcc-patches@gcc.gnu.org,
Richard Sandiford <richard.sandiford@arm.com>,
Masahiro Yamada <masahiroy@kernel.org>,
Michal Marek <michal.lkml@markovi.net>,
Nick Desaulniers <ndesaulniers@google.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Sami Tolvanen <samitolvanen@google.com>,
Kees Cook <keescook@chromium.org>,
Nathan Chancellor <nathan@kernel.org>, Tom Rix <trix@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
"Paul E. McKenney" <paulmck@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Josh Poimboeuf <jpoimboe@kernel.org>,
Frederic Weisbecker <frederic@kernel.org>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Marco Elver <elver@google.com>,
Christophe Leroy <christophe.leroy@csgroup.eu>,
Song Liu <song@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Uros Bizjak <ubizjak@gmail.com>,
Kumar Kartikeya Dwivedi <memxor@gmail.com>,
Juergen Gross <jgross@suse.com>,
Luis Chamberlain <mcgrof@kernel.org>,
Borislav Petkov <bp@suse.de>,
Masami Hiramatsu <mhiramat@kernel.org>,
Dmitry Torokhov <dmitry.torokhov@gmail.com>,
Aaron Tomlin <atomlin@redhat.com>,
Kalesh Singh <kaleshsingh@google.com>,
Yuntao Wang <ytcoode@gmail.com>,
Changbin Du <changbin.du@intel.com>,
linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev,
linux-hardening@vger.kernel.org
Subject: Re: [RFC/RFT 0/3] Add compiler support for Control Flow Integrity
Date: Thu, 9 Feb 2023 09:48:10 +0800 [thread overview]
Message-ID: <CAMZc-bzmACcpSePKxuuA=ug2+yik+Zo3-mfqr2OyZ-n_nT=OnQ@mail.gmail.com> (raw)
In-Reply-To: <20221219055431.22596-1-ashimida.1990@gmail.com>
On Mon, Dec 19, 2022 at 3:59 PM Dan Li via Gcc-patches
<gcc-patches@gcc.gnu.org> wrote:
>
> This series of patches is mainly used to support the control flow
> integrity protection of the linux kernel [1], which is similar to
> -fsanitize=kcfi in clang 16.0 [2,3].
>
> I hope that this feature will also support user-mode CFI in the
> future (at least for developers who can recompile the runtime),
> so I use -fsanitize=cfi as a compilation option here.
>
> Any suggestion please let me know :).
Do you have this series as a branch somewhere that we could also try for x86?
>
> Thanks, Dan.
>
> [1] https://lore.kernel.org/all/20220908215504.3686827-1-samitolvanen@google.com/
> [2] https://clang.llvm.org/docs/ControlFlowIntegrity.html
> [3] https://reviews.llvm.org/D119296
>
> Dan Li (3):
> [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to
> 64 bits to support more features
> [PR102768] Support CFI: Add new pass for Control Flow Integrity
> [PR102768] aarch64: Add support for Control Flow Integrity
>
> Signed-off-by: Dan Li <ashimida.1990@gmail.com>
>
> ---
> gcc/Makefile.in | 1 +
> gcc/asan.h | 4 +-
> gcc/c-family/c-attribs.cc | 10 +-
> gcc/c-family/c-common.h | 2 +-
> gcc/c/c-parser.cc | 4 +-
> gcc/cgraphunit.cc | 34 +++
> gcc/common.opt | 4 +-
> gcc/config/aarch64/aarch64.cc | 106 ++++++++
> gcc/cp/typeck.cc | 2 +-
> gcc/doc/invoke.texi | 35 +++
> gcc/doc/passes.texi | 10 +
> gcc/doc/tm.texi | 27 +++
> gcc/doc/tm.texi.in | 8 +
> gcc/dwarf2asm.cc | 2 +-
> gcc/flag-types.h | 67 ++---
> gcc/opt-suggestions.cc | 2 +-
> gcc/opts.cc | 26 +-
> gcc/opts.h | 8 +-
> gcc/output.h | 3 +
> gcc/passes.def | 1 +
> gcc/target.def | 39 +++
> .../aarch64/control_flow_integrity_1.c | 14 ++
> .../aarch64/control_flow_integrity_2.c | 25 ++
> .../aarch64/control_flow_integrity_3.c | 23 ++
> gcc/toplev.cc | 4 +
> gcc/tree-cfg.cc | 2 +-
> gcc/tree-cfi.cc | 229 ++++++++++++++++++
> gcc/tree-pass.h | 1 +
> gcc/tree.cc | 144 +++++++++++
> gcc/tree.h | 1 +
> gcc/varasm.cc | 29 +++
> 31 files changed, 803 insertions(+), 64 deletions(-)
> create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_1.c
> create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_2.c
> create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_3.c
> create mode 100644 gcc/tree-cfi.cc
>
> --
> 2.17.1
>
--
BR,
Hongtao
next prev parent reply other threads:[~2023-02-09 1:48 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-19 5:54 Dan Li
2022-12-19 5:54 ` [RFC/RFT 1/3] [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to 64 bits to support more features Dan Li
2022-12-19 5:54 ` [RFC/RFT 2/3] [PR102768] Support CFI: Add new pass for Control Flow Integrity Dan Li
2022-12-19 5:54 ` [RFC/RFT 3/3] [PR102768] aarch64: Add support " Dan Li
2023-02-09 1:48 ` Hongtao Liu [this message]
2023-02-10 16:18 ` [RFC/RFT 0/3] Add compiler " Dan Li
2023-02-13 1:39 ` Hongtao Liu
2023-02-09 5:32 ` Peter Collingbourne
2023-02-10 16:20 ` Dan Li
2023-03-25 8:11 ` [RFC/RFT,V2 0/3] Add compiler support for Kernel " Dan Li
2023-03-25 8:11 ` [RFC/RFT,V2 1/3] [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to 64 bits to support more features Dan Li
2023-03-25 8:11 ` [RFC/RFT,V2 2/3] [PR102768] Support CFI: Add basic support for Kernel Control Flow Integrity Dan Li
2023-03-25 8:11 ` [RFC/RFT,V2 3/3] [PR102768] aarch64: Add " Dan Li
2023-06-21 21:54 ` [RFC/RFT,V2 0/3] Add compiler " Kees Cook
2023-07-19 8:20 ` Dan Li
2023-07-19 8:41 ` Dan Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAMZc-bzmACcpSePKxuuA=ug2+yik+Zo3-mfqr2OyZ-n_nT=OnQ@mail.gmail.com' \
--to=crazylht@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=ashimida.1990@gmail.com \
--cc=atomlin@redhat.com \
--cc=bp@suse.de \
--cc=catalin.marinas@arm.com \
--cc=changbin.du@intel.com \
--cc=christophe.leroy@csgroup.eu \
--cc=dmitry.torokhov@gmail.com \
--cc=ebiederm@xmission.com \
--cc=elver@google.com \
--cc=frederic@kernel.org \
--cc=gcc-patches@gcc.gnu.org \
--cc=jgross@suse.com \
--cc=jpoimboe@kernel.org \
--cc=kaleshsingh@google.com \
--cc=keescook@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=mark.rutland@arm.com \
--cc=masahiroy@kernel.org \
--cc=mcgrof@kernel.org \
--cc=memxor@gmail.com \
--cc=mhiramat@kernel.org \
--cc=michal.lkml@markovi.net \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=richard.sandiford@arm.com \
--cc=samitolvanen@google.com \
--cc=song@kernel.org \
--cc=trix@redhat.com \
--cc=ubizjak@gmail.com \
--cc=will@kernel.org \
--cc=ytcoode@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).