linux-hardening.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [RFC/RFT 0/3] Add compiler support for Control Flow Integrity
@ 2022-12-19  5:54 Dan Li
  2022-12-19  5:54 ` [RFC/RFT 1/3] [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to 64 bits to support more features Dan Li
                   ` (5 more replies)
  0 siblings, 6 replies; 16+ messages in thread
From: Dan Li @ 2022-12-19  5:54 UTC (permalink / raw)
  To: gcc-patches, Richard Sandiford, Masahiro Yamada, Michal Marek,
	Nick Desaulniers, Catalin Marinas, Will Deacon, Sami Tolvanen,
	Kees Cook, Nathan Chancellor, Tom Rix, Peter Zijlstra,
	Paul E. McKenney, Mark Rutland, Josh Poimboeuf,
	Frederic Weisbecker, Eric W. Biederman, Dan Li, Marco Elver,
	Christophe Leroy, Song Liu, Andrew Morton, Uros Bizjak,
	Kumar Kartikeya Dwivedi, Juergen Gross, Luis Chamberlain,
	Borislav Petkov, Masami Hiramatsu, Dmitry Torokhov, Aaron Tomlin,
	Kalesh Singh, Yuntao Wang, Changbin Du
  Cc: linux-kbuild, linux-kernel, linux-arm-kernel, llvm, linux-hardening

This series of patches is mainly used to support the control flow
integrity protection of the linux kernel [1], which is similar to
-fsanitize=kcfi in clang 16.0 [2,3].

I hope that this feature will also support user-mode CFI in the
future (at least for developers who can recompile the runtime),
so I use -fsanitize=cfi as a compilation option here.

Any suggestion please let me know :).

Thanks, Dan.

[1] https://lore.kernel.org/all/20220908215504.3686827-1-samitolvanen@google.com/
[2] https://clang.llvm.org/docs/ControlFlowIntegrity.html
[3] https://reviews.llvm.org/D119296

Dan Li (3):
  [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to
    64 bits to support more features
  [PR102768] Support CFI: Add new pass for Control Flow Integrity
  [PR102768] aarch64: Add support for Control Flow Integrity

Signed-off-by: Dan Li <ashimida.1990@gmail.com>

---
 gcc/Makefile.in                               |   1 +
 gcc/asan.h                                    |   4 +-
 gcc/c-family/c-attribs.cc                     |  10 +-
 gcc/c-family/c-common.h                       |   2 +-
 gcc/c/c-parser.cc                             |   4 +-
 gcc/cgraphunit.cc                             |  34 +++
 gcc/common.opt                                |   4 +-
 gcc/config/aarch64/aarch64.cc                 | 106 ++++++++
 gcc/cp/typeck.cc                              |   2 +-
 gcc/doc/invoke.texi                           |  35 +++
 gcc/doc/passes.texi                           |  10 +
 gcc/doc/tm.texi                               |  27 +++
 gcc/doc/tm.texi.in                            |   8 +
 gcc/dwarf2asm.cc                              |   2 +-
 gcc/flag-types.h                              |  67 ++---
 gcc/opt-suggestions.cc                        |   2 +-
 gcc/opts.cc                                   |  26 +-
 gcc/opts.h                                    |   8 +-
 gcc/output.h                                  |   3 +
 gcc/passes.def                                |   1 +
 gcc/target.def                                |  39 +++
 .../aarch64/control_flow_integrity_1.c        |  14 ++
 .../aarch64/control_flow_integrity_2.c        |  25 ++
 .../aarch64/control_flow_integrity_3.c        |  23 ++
 gcc/toplev.cc                                 |   4 +
 gcc/tree-cfg.cc                               |   2 +-
 gcc/tree-cfi.cc                               | 229 ++++++++++++++++++
 gcc/tree-pass.h                               |   1 +
 gcc/tree.cc                                   | 144 +++++++++++
 gcc/tree.h                                    |   1 +
 gcc/varasm.cc                                 |  29 +++
 31 files changed, 803 insertions(+), 64 deletions(-)
 create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_1.c
 create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_2.c
 create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_3.c
 create mode 100644 gcc/tree-cfi.cc

-- 
2.17.1


^ permalink raw reply	[flat|nested] 16+ messages in thread

end of thread, other threads:[~2023-07-19  8:41 UTC | newest]

Thread overview: 16+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-19  5:54 [RFC/RFT 0/3] Add compiler support for Control Flow Integrity Dan Li
2022-12-19  5:54 ` [RFC/RFT 1/3] [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to 64 bits to support more features Dan Li
2022-12-19  5:54 ` [RFC/RFT 2/3] [PR102768] Support CFI: Add new pass for Control Flow Integrity Dan Li
2022-12-19  5:54 ` [RFC/RFT 3/3] [PR102768] aarch64: Add support " Dan Li
2023-02-09  1:48 ` [RFC/RFT 0/3] Add compiler " Hongtao Liu
2023-02-10 16:18   ` Dan Li
2023-02-13  1:39     ` Hongtao Liu
2023-02-09  5:32 ` Peter Collingbourne
2023-02-10 16:20   ` Dan Li
2023-03-25  8:11 ` [RFC/RFT,V2 0/3] Add compiler support for Kernel " Dan Li
2023-03-25  8:11   ` [RFC/RFT,V2 1/3] [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to 64 bits to support more features Dan Li
2023-03-25  8:11   ` [RFC/RFT,V2 2/3] [PR102768] Support CFI: Add basic support for Kernel Control Flow Integrity Dan Li
2023-03-25  8:11   ` [RFC/RFT,V2 3/3] [PR102768] aarch64: Add " Dan Li
2023-06-21 21:54   ` [RFC/RFT,V2 0/3] Add compiler " Kees Cook
2023-07-19  8:20     ` Dan Li
2023-07-19  8:41   ` Dan Li

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).