[libc] add cmake for hardening mode #86527
Labels
Comments
nickdesaulniers
added
enhancement
|
@llvm/issue-subscribers-libc Author: Nick Desaulniers (nickdesaulniers)
We'd need to think about what precisely we'd want here, but I'd like to have some configuration knob for llvm-libc, for users that want additional hardening levels applied to their build.
For example, a bunch of the syscall wrappers take pointers. If we pass these to the Linux kernel, the kernel aught to flag this. But sometimes we use/trust those pointers, and that can lead to a bad time. As an example #86169 creates a reference from these pointers without checking for nullptr. Should that be an LIBC_ASSERT? Should someone just enable assertions for their build of llvm-libc if they're paranoid? Do we need two different configs to distinguish between potentially expensive asserts vs hardening asserts? This is probably worth an RFC, but filing a feature request for now. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We'd need to think about what precisely we'd want here, but I'd like to have some configuration knob for llvm-libc, for users that want additional hardening levels applied to their build.
For example, a bunch of the syscall wrappers take pointers. If we pass these to the Linux kernel, the kernel aught to flag this. But sometimes we use/trust those pointers, and that can lead to a bad time. As an example #86169 creates a reference from these pointers without checking for nullptr.
Should that be an LIBC_ASSERT? Should someone just enable assertions for their build of llvm-libc if they're paranoid? Do we need two different configs to distinguish between potentially expensive asserts vs hardening asserts?
This is probably worth an RFC, but filing a feature request for now.
The text was updated successfully, but these errors were encountered: