|
|
Log in / Subscribe / Register

banishing pointers in static domains

banishing pointers in static domains

Posted Feb 7, 2026 0:09 UTC (Sat) by Fowl (subscriber, #65667)
Parent article: Kernel control-flow-integrity support comes to GCC

I’m wondering if an index+switch scheme would have a prohibitive performance impact. Would avoid the problem of having to suppress optimizations and in fact they’d likely be welcomed - devirtualization in the kernel wow!

I’m not sure how to resolve the “C files are compiled separately” thing - *waves hand* linker magic? More hand waving for loadable modules.

Perhaps there would be compensating memory savings - eg. use a u8 instead of a pointer for each function pointer member, modulo alignment/atomicity. 2^8 possible functions per signature ought to be enough for anyone ey?

to post comments

banishing pointers in static domains

Posted Feb 7, 2026 0:23 UTC (Sat) by Fowl (subscriber, #65667) [Link] (2 responses)

Ahh reading the documentation (super power), it’s hinted that jump tables can be generated for the non-kernel CFI, but with static linking limitations.

> -fsanitize=kcfi
> This is an alternative indirect call control-flow integrity scheme designed for low-level system software, such as operating system kernels. Unlike -fsanitize=cfi-icall, it doesn’t require -flto, won’t result in function pointers being replaced with jump table references, and never breaks cross-DSO function address equality. These properties make KCFI easier to adopt in low-level software. KCFI is limited to checking only function pointers, and isn’t compatible with executable-only memory.

https://clang.llvm.org/docs/ControlFlowIntegrity.html?utm...

I guess being willing to make deeper changes to the code rather than sticking mostly inside the compiler could overcome that.

banishing pointers in static domains

Posted Feb 7, 2026 16:39 UTC (Sat) by nivedita76 (subscriber, #121790) [Link] (1 responses)

The first couple of links are earlier lwn articles that describe the jump table implementation and some of its limitations.

banishing pointers in static domains

Posted Feb 7, 2026 16:42 UTC (Sat) by nivedita76 (subscriber, #121790) [Link]

https://lwn.net/Articles/856514/

Actually this is probably the one that has most detail.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds