pcc added a comment. > Note that if additional data has been injected between the KCFI > type identifier and the start of the function, e.g. by using > -fpatchable-function-entry, the offset in bytes must be specified > using -fsanitize-kcfi-offset=<value> to avoid errors. The offset > must be the same for all indirectly called functions in every > translation unit.
On x86 the specific constant 6 is necessary to ensure that the constant embedded in the cmpl operand can't be used as a gadget. So any value other than 6 will potentially impact the security of KCFI. I would prefer not to design an interaction between -fpatchable-function-entry and KCFI until the specific use case is known. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D119296/new/ https://reviews.llvm.org/D119296 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
