1 |
Hi, |
2 |
|
3 |
Control Flow Integrity is a new set of exploit mitigations (strictly |
4 |
speaking, there is not "the CFI", but many variants). LLVM/clang has |
5 |
support for some form of CFI since a while. The rough idea is that it |
6 |
adds additional checks to the code to avoid jumps to code pieces that |
7 |
shouldn't happen. |
8 |
|
9 |
I'm wondering if there's interest in creating a gentoo-hardened-cfi |
10 |
variant. I've been playing with it a bit. By setting the right |
11 |
cc/cflags/etc. variables it's relatively straightforward to compile |
12 |
single packages with cfi. |
13 |
|
14 |
However when one tries to recompile packages a lot of errors show up. |
15 |
Most of them aren't directly related to CFI (though some are). CFI |
16 |
depends on: |
17 |
* clang, which is not our default (there has been work in the past for |
18 |
gentoo with clang). |
19 |
* fvisibility=hidden. This was afair discussed a while back, but never |
20 |
considered to be enabled in general, only for specific packages. |
21 |
* link time optimization/lto and thus the gold linker, because the |
22 |
"classic" ld doesn't support lto. |
23 |
Many issues that pop up seem like issues to build systems and linking. |
24 |
In some cases though one needs to fix function pointer definitions that |
25 |
don't match their respective functions. (Here's a fix [1] that I sent |
26 |
to curl and that'll be applied in the next version.) |
27 |
|
28 |
For now I'm just investigating whether there's interest in this. I |
29 |
could create some docs in the wiki on how to get started. |
30 |
|
31 |
[1] |
32 |
https://github.com/curl/curl/commit/aced311d189a70c7d9b2d958739bcfc1231b3698 |
33 |
-- |
34 |
Hanno Böck |
35 |
https://hboeck.de/ |
36 |
|
37 |
mail/jabber: hanno@××××××.de |
38 |
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 |