| Message ID | 20230325081117.93245-1-ashimida.1990@gmail.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Add compiler support for Kernel Control Flow Integrity | expand |
On Sat, Mar 25, 2023 at 01:11:14AM -0700, Dan Li wrote: > This series of patches is mainly used to support the control flow > integrity protection of the linux kernel [1], which is similar to > -fsanitize=kcfi in clang 16.0 [2,3]. > > Any suggestion please let me know :). Hi Dan, It's been a couple months, and I didn't see any other feedback on this proposal. I was curious what the status of this work is. Are you able to attend GNU Cauldron[1] this year? I'd love to see this get some traction in GCC. Thanks! -Kees [1] https://gcc.gnu.org/wiki/cauldron2023
Hi Kees, Sincerely sorry, I just saw this email. Embarrassingly, due to another job change, my plan was postponed again :(. I may not be able to attend this year's GCC meeting. Is there any other way to let this get some traction in GCC? I really hope someone can help with this topic. BTW, I'm still looking at this and plan to finish it by the end of this year, but it's taking too long and there's a lot of uncertainty, so please just consider this only as a backup option. Thanks, Dan. On Thu, 22 Jun 2023 at 05:54, Kees Cook <keescook@chromium.org> wrote: > > On Sat, Mar 25, 2023 at 01:11:14AM -0700, Dan Li wrote: > > This series of patches is mainly used to support the control flow > > integrity protection of the linux kernel [1], which is similar to > > -fsanitize=kcfi in clang 16.0 [2,3]. > > > > Any suggestion please let me know :). > > Hi Dan, > > It's been a couple months, and I didn't see any other feedback on this > proposal. I was curious what the status of this work is. Are you able to > attend GNU Cauldron[1] this year? I'd love to see this get some traction > in GCC. > > Thanks! > > -Kees > > [1] https://gcc.gnu.org/wiki/cauldron2023 > > -- > Kees Cook
Hi All, Embarrassingly, due to personal reasons, I may not be able to complete the series of patches on the forward side of GCC CFI for the time being. Please forgive me for not realizing that I should have sent this help email a long time ago :( This topic has been delayed for a long time, and I would be very grateful if someone can help complete this series of patches. BTW, please let me know if there are more groups I can cc for help. Thanks! Dan. On Sat, 25 Mar 2023 at 16:11, Dan Li <ashimida.1990@gmail.com> wrote: > > This series of patches is mainly used to support the control flow > integrity protection of the linux kernel [1], which is similar to > -fsanitize=kcfi in clang 16.0 [2,3]. > > Any suggestion please let me know :). > > Thanks, Dan. > > [1] https://lore.kernel.org/all/20220908215504.3686827-1-samitolvanen@google.com/ > [2] https://clang.llvm.org/docs/ControlFlowIntegrity.html > [3] https://reviews.llvm.org/D119296 > > Signed-off-by: Dan Li <ashimida.1990@gmail.com> > > --- > Dan Li (3): > [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to > 64 bits to support more features > [PR102768] Support CFI: Add basic support for Kernel Control Flow > Integrity > [PR102768] aarch64: Add support for Kernel Control Flow Integrity > > gcc/asan.h | 4 +- > gcc/c-family/c-attribs.cc | 10 +- > gcc/c-family/c-common.h | 2 +- > gcc/c/c-parser.cc | 4 +- > gcc/cfgexpand.cc | 26 ++++++ > gcc/cgraphunit.cc | 34 +++++++ > gcc/combine.cc | 1 + > gcc/common.opt | 4 +- > gcc/config/aarch64/aarch64.cc | 166 ++++++++++++++++++++++++++++++++++ > gcc/cp/typeck.cc | 2 +- > gcc/doc/invoke.texi | 36 ++++++++ > gcc/doc/tm.texi | 27 ++++++ > gcc/doc/tm.texi.in | 8 ++ > gcc/dwarf2asm.cc | 2 +- > gcc/emit-rtl.cc | 1 + > gcc/emit-rtl.h | 4 + > gcc/final.cc | 24 ++++- > gcc/flag-types.h | 67 +++++++------- > gcc/gimple.cc | 11 +++ > gcc/gimple.h | 5 +- > gcc/opt-suggestions.cc | 2 +- > gcc/opts.cc | 26 +++--- > gcc/opts.h | 8 +- > gcc/output.h | 3 + > gcc/reg-notes.def | 1 + > gcc/target.def | 38 ++++++++ > gcc/toplev.cc | 4 + > gcc/tree-cfg.cc | 2 +- > gcc/tree.cc | 144 +++++++++++++++++++++++++++++ > gcc/tree.h | 1 + > gcc/varasm.cc | 26 ++++++ > 31 files changed, 627 insertions(+), 66 deletions(-) > > -- > 2.17.1 >
This series of patches is mainly used to support the control flow integrity protection of the linux kernel [1], which is similar to -fsanitize=kcfi in clang 16.0 [2,3]. Any suggestion please let me know :). Thanks, Dan. [1] https://lore.kernel.org/all/20220908215504.3686827-1-samitolvanen@google.com/ [2] https://clang.llvm.org/docs/ControlFlowIntegrity.html [3] https://reviews.llvm.org/D119296 Signed-off-by: Dan Li <ashimida.1990@gmail.com> --- Dan Li (3): [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to 64 bits to support more features [PR102768] Support CFI: Add basic support for Kernel Control Flow Integrity [PR102768] aarch64: Add support for Kernel Control Flow Integrity gcc/asan.h | 4 +- gcc/c-family/c-attribs.cc | 10 +- gcc/c-family/c-common.h | 2 +- gcc/c/c-parser.cc | 4 +- gcc/cfgexpand.cc | 26 ++++++ gcc/cgraphunit.cc | 34 +++++++ gcc/combine.cc | 1 + gcc/common.opt | 4 +- gcc/config/aarch64/aarch64.cc | 166 ++++++++++++++++++++++++++++++++++ gcc/cp/typeck.cc | 2 +- gcc/doc/invoke.texi | 36 ++++++++ gcc/doc/tm.texi | 27 ++++++ gcc/doc/tm.texi.in | 8 ++ gcc/dwarf2asm.cc | 2 +- gcc/emit-rtl.cc | 1 + gcc/emit-rtl.h | 4 + gcc/final.cc | 24 ++++- gcc/flag-types.h | 67 +++++++------- gcc/gimple.cc | 11 +++ gcc/gimple.h | 5 +- gcc/opt-suggestions.cc | 2 +- gcc/opts.cc | 26 +++--- gcc/opts.h | 8 +- gcc/output.h | 3 + gcc/reg-notes.def | 1 + gcc/target.def | 38 ++++++++ gcc/toplev.cc | 4 + gcc/tree-cfg.cc | 2 +- gcc/tree.cc | 144 +++++++++++++++++++++++++++++ gcc/tree.h | 1 + gcc/varasm.cc | 26 ++++++ 31 files changed, 627 insertions(+), 66 deletions(-)