LLVM Finally Buttoning Up Its Stack-Clash Protection For x86 CPUs

Written by Michael Larabel in LLVM on 8 February 2020 at 12:09 AM EST. Add A Comment
LLVM
It's been nearly three years since the Stack Clash vulnerability was really tossed into the spotlight while such vulnerabilities have existed longer. Now finally in 2020, the LLVM compiler stack -- and years after GCC's mitigation -- is preparing its stack clash protection.

Since last autumn there has been stack clash protection under review for LLVM. This solution is similar to GCC's and exposes the same -fstack-clash-protection flag. When this stack clash protection feature is enabled on LLVM x86/x86_64, inline stack probing is used. "Probe stack allocation every PAGE_SIZE during frame lowering or dynamic allocation to make sure the page guard, if any, is touched when touching the stack, in a similar manner to GCC. This extends the existing `probe-stack' mechanism with a special value `inline-asm'. Technically the former uses function call before stack allocation while this patch provides inlined stack probes and chunk allocation."

Red Hat had engineered GCC's stack clash protection back during summer 2017.

The stack-clash protection code was finally merged today to the LLVM code-base, but quickly reverted thereafter for breaking macOS and Windows builds as well as separately breaking Arm builds. Hopefully the corrected code will land soon.

The LLVM stack-clash protection support can be tracked via this ticket.

UPDATE: The reworked stack clash protection has now landed in LLVM only to then be reverted yet again over test failures.
Add A Comment
Related News
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
The 2024 LLVM Developers’ Meeting Videos Now Online
LLVM Merges Support The For Tenstorrent TT-Ascalon-D8 RISC-V CPU
AMD Begins Adding "GFX950" GPU Support To LLVM For Next CDNA Accelerator
LLVM Clang 20 Merges Intel Diamond Rapids Support With "-march=diamondrapids"
Red Hat Engineer Nikita Popov Now The Lead Maintainer For LLVM
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features