kovdan01 wrote:
> Does this need a clang command line option at this point? Would it be
> possible to live with a {{-mllvm}} option to turn on signed GOT? I would
> expect signed GOT (or not) would be part of a higher-level signing schema and
> not toggled at a low-level via clang.
>
> I know that there are existing command-line options for other signing schema
> affecting options, but I'm not sure if we want to add more to them.
@smithp35 Theoretically, we can use `-mllvm` and it was actually used for some
time during downstream implementation and testing. I agree that a ton of
`-fptrauth-*` flags is pretty annoying (and there was already a discussion in
this PR which I've transformed into an issue #97320).
However, as you correctly mentioned, we already have other similar flags and
they are also not intended to be used manually and, instead, should be a part
of high-level signing schema. As for me, it's better to keep things consistent
at each moment - if we use clang driver flags, we use them everywhere, and if
we want to refactor that and move to `-mllvm`, we want to do that for all the
ptrauth flags as well.
So, if it's not a very huge concern right now, I'd prefer to introduce
`-fptrauth-elf-got` flag in this PR and, after further discussion, probably
refactor all the flags logic in subsequent PRs (either move to comma-separeted
flags as discussed above or use `-mllvm` or, maybe, we'll find other ways to
enhance this - it's still needs to be discussed).
https://github.com/llvm/llvm-project/pull/96160
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
