samitolvanen wrote: > > Looking at this a bit closer, the `nocf_check` attribute also applies to > > function pointers with `-fcf-protection`, and disables tracking for > > indirect branches. > > Wait, like, as variable/struct-member attribute?
For function pointer types, specifically. Performing an indirect call through a `nocf_check` attributed function pointer sets the NOTRACK prefix, which disables IBT for the branch. This is disabled in the kernel, but the compiler should still handle this gracefully. > > Edit: RISC-V also supports `-fcf-protection`, but not `nocf_check`, so > > presumably we would still want to produce a warning for `nocf_check` usage > > when used with `-fcf-protection` alone on non-X86 architectures if we want > > to support the attribute on other architectures with KCFI. > > Hm, this is getting a bit weird. Perhaps we should instead leave `nocf_check` > alone and create a KCFI-specific attribute for preamble disabling instead? > Bike-shed: `__attribute__((kcfi_invisible))`? `kcfi_uncallable`? > `kcfi_no_preamble`? Adding a new attribute would certainly avoid the corner cases with `nocf_check`. @AaronBallman any thoughts about this? https://github.com/llvm/llvm-project/pull/158133 _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
