| 1 |
Hi, |
| 2 |
|
| 3 |
Control Flow Integrity is a new set of exploit mitigations (strictly |
| 4 |
speaking, there is not "the CFI", but many variants). LLVM/clang has |
| 5 |
support for some form of CFI since a while. The rough idea is that it |
| 6 |
adds additional checks to the code to avoid jumps to code pieces that |
| 7 |
shouldn't happen. |
| 8 |
|
| 9 |
I'm wondering if there's interest in creating a gentoo-hardened-cfi |
| 10 |
variant. I've been playing with it a bit. By setting the right |
| 11 |
cc/cflags/etc. variables it's relatively straightforward to compile |
| 12 |
single packages with cfi. |
| 13 |
|
| 14 |
However when one tries to recompile packages a lot of errors show up. |
| 15 |
Most of them aren't directly related to CFI (though some are). CFI |
| 16 |
depends on: |
| 17 |
* clang, which is not our default (there has been work in the past for |
| 18 |
gentoo with clang). |
| 19 |
* fvisibility=hidden. This was afair discussed a while back, but never |
| 20 |
considered to be enabled in general, only for specific packages. |
| 21 |
* link time optimization/lto and thus the gold linker, because the |
| 22 |
"classic" ld doesn't support lto. |
| 23 |
Many issues that pop up seem like issues to build systems and linking. |
| 24 |
In some cases though one needs to fix function pointer definitions that |
| 25 |
don't match their respective functions. (Here's a fix [1] that I sent |
| 26 |
to curl and that'll be applied in the next version.) |
| 27 |
|
| 28 |
For now I'm just investigating whether there's interest in this. I |
| 29 |
could create some docs in the wiki on how to get started. |
| 30 |
|
| 31 |
[1] |
| 32 |
https://github.com/curl/curl/commit/aced311d189a70c7d9b2d958739bcfc1231b3698 |
| 33 |
-- |
| 34 |
Hanno Böck |
| 35 |
https://hboeck.de/ |
| 36 |
|
| 37 |
mail/jabber: hanno@××××××.de |
| 38 |
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 |
Archives