Lines Matching +full:build +full:- +full:disabled
4 Control-Flow Integrity (CFI)
7 This document describes the current control-flow integrity (CFI) mechanism in
12 ------
16 The type used in QEMU is a forward-edge control-flow integrity that ensures
21 This type of CFI is entirely compiler-based and relies on the compiler knowing
28 In case of a CFI violation (i.e. call to a non-compatible function) QEMU will
32 -----------------
34 NOTE: CFI requires the use of link-time optimization. Therefore, when CFI is
37 To build with CFI, the minimum requirement is Clang 6+. If you
44 AR=llvm-ar-9 CC=clang-9 CXX=clang++-9 /path/to/configure --enable-cfi
49 of a CFI violation is offered (``--enable-debug-cfi``).
52 -------------------------
58 --------------------------
60 As mentioned above, CFI is entirely compiler-based and therefore relies on
61 compile-time knowledge of the code. This means that, while generally supported
63 create false-positives. The two main patterns that can cause issues are:
65 * Just-in-time compiled code: since such code is created at runtime, the jump
73 1. TCG, since the idea of TCG is to pre-compile groups of instructions at
74 runtime to speed-up interpretation, quite similarly to a JIT compiler
87 -------------------------------------
101 * TCG is not considered a security-sensitive part of QEMU so this does not
107 NOTE: CFI needs to be disabled at the **caller** function, (i.e. a compatible
108 cfi function that calls a non-compatible one), since the check is performed
112 ---------------
124 in remote-but-possible parts of the code.
127 1. Fuzzing relies on the linker performing function wrapping at link-time.
136 AR=llvm-ar-11 CC=clang-11 CXX=clang++-11 /path/to/configure --enable-cfi \
137 -enable-fuzzing --extra-ldflags="-fuse-ld=lld"