samitolvanen added inline comments.
================
Comment at: clang/lib/CodeGen/CGExpr.cpp:3168
+ -1);
+ llvm::Value *Test = Builder.CreateICmpEQ(Builder.CreateLoad(HashPtr), Hash);
+ llvm::BasicBlock *ContBB = createBasicBlock("kcfi.cont");
----------------
pcc wrote:
> We considered a scheme like this before and one problem that we discovered
> with comparing the hash in this way is that it can produce gadgets, e.g.
> ```
> movabs $0x0123456789abcdef, %rax
> cmp %rax, ...
> ```
> the `cmp`instruction ends up being a valid target address because the
> `movabs` instruction ends in the hash. The way we thought about solving this
> was to introduce a new intrinsic that would materialize the constant without
> these gadgets (e.g. invert the `movabs` operand and follow it by a `not`).
Yes, that's a concern with this approach, at least on x86_64. As the hash is
more or less random, I assume you'd have to actually check that the inverted
form won't have useful gadgets either, and potentially split the single
`movabs` into multiple instructions if needed etc. Did you ever start work on
the intrinsic or was that just an idea?
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D119296/new/
https://reviews.llvm.org/D119296
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
