Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / immunant/ia2-phase2 issues and pull requests

#465 - Potential `dav1d` Call Gate Verification Discussion

Issue - State: open - Opened by kkysen 23 days ago

#464 - Add support for building with `-Wl,--no-undefined`

Issue - State: open - Opened by ayrtonm 25 days ago

#463 - Fix ARM tests and gate on new failures

Issue - State: open - Opened by fw-immunant 29 days ago - 2 comments

#462 - Tag accesses to stack pointer TLS locations in call gates

Pull Request - State: open - Opened by fw-immunant 29 days ago - 3 comments

#461 - ARM: build and wire up dependencies in CI

Pull Request - State: closed - Opened by fw-immunant about 1 month ago - 2 comments

#460 - Protect all pages in MTE `ia2_mprotect_with_tag`

Pull Request - State: closed - Opened by fw-immunant about 1 month ago

#455 - `pthread_atfork` undefined link error in permissive mode

Issue - State: open - Opened by kkysen about 1 month ago

#454 - docs: add detailed docs of how `dav1d` was compartmentalized

Pull Request - State: open - Opened by kkysen about 1 month ago

#453 - WIP Print backtrace on failed ASSERT_PKRUs

Pull Request - State: open - Opened by ayrtonm about 1 month ago - 2 comments

#452 - Make `ASSERT_PKRU` print a backtrace and make `IA2_DEBUG` on by default

Issue - State: open - Opened by ayrtonm about 1 month ago - 3 comments
Labels: enhancement, ergonomics

#451 - rewriter: Define call gates for function pointers in source defining the pointee

Pull Request - State: open - Opened by ayrtonm about 1 month ago - 3 comments

#450 - Make glibc stdio streams in main binary shared

Issue - State: open - Opened by ayrtonm about 1 month ago

#449 - Does `ld.so` need padded TLS?

Issue - State: open - Opened by fw-immunant about 2 months ago - 3 comments
Labels: security, threads

#448 - Replace criterion with our test runner on x86

Pull Request - State: closed - Opened by ayrtonm about 2 months ago - 2 comments

#447 - Improve static address taken function rewriting

Pull Request - State: closed - Opened by rinon about 2 months ago - 2 comments

#446 - cmake: Disable PartitionAlloc on ARM

Pull Request - State: closed - Opened by ayrtonm about 2 months ago - 2 comments

#443 - rewriter: support compiling with `-fvisibility=hidden`

Issue - State: open - Opened by kkysen about 2 months ago

#442 - runtime: support compiling with `-fvisibility=hidden`

Issue - State: closed - Opened by kkysen about 2 months ago

#441 - rewriter: Redeclare static functions that have their address taken with used

Pull Request - State: closed - Opened by ayrtonm about 2 months ago - 6 comments

#440 - Secure PKRU during thread startup

Pull Request - State: closed - Opened by rinon about 2 months ago - 2 comments

#439 - Replace use of prebuilt criterion with our test runner

Issue - State: closed - Opened by ayrtonm about 2 months ago - 1 comment

#438 - Add support for literal zero in `FnPtrNull` rewriter pass

Pull Request - State: open - Opened by ayrtonm about 2 months ago - 1 comment

#437 - Handle function pointers coerced to bool in ternary conditions

Pull Request - State: closed - Opened by ayrtonm about 2 months ago

#436 - Pass indirect call target in first register

Pull Request - State: open - Opened by rinon about 2 months ago - 2 comments

#435 - Support compiling with `-fvisibility=hidden`

Issue - State: open - Opened by ayrtonm about 2 months ago

#434 - Add stack traces to permissive mode logs

Pull Request - State: open - Opened by ayrtonm about 2 months ago - 5 comments

#433 - runtime: Flush queue before exiting process in permissive mode

Pull Request - State: closed - Opened by ayrtonm about 2 months ago

#432 - rewriter: immediately make directory CLI args absolute

Pull Request - State: closed - Opened by kkysen about 2 months ago

#431 - runtime: use `__attribute__((__noreturn__))` instead of `_Noreturn` to avoid errors

Pull Request - State: closed - Opened by kkysen about 2 months ago - 5 comments

#430 - runtime: fix `-Wsign-compare` warnings

Pull Request - State: closed - Opened by kkysen about 2 months ago - 7 comments

#429 - rewriter: `struct __va_list_tag *` used instead of `va_list`

Issue - State: open - Opened by kkysen about 2 months ago - 2 comments

#428 - rewriter: `static` fns with the same name result in duplicate `extern IA2_fn_ptr_* __ia2_*` declarations

Issue - State: open - Opened by kkysen about 2 months ago - 8 comments
Labels: Low priority

#427 - rewriter: callbacks to other libraries (e.x. `pthread`, `libc`) are rewritten

Issue - State: open - Opened by kkysen about 2 months ago - 1 comment

#426 - rewriter: `IA2_ADDR` not added in `?` ternaries

Issue - State: closed - Opened by kkysen about 2 months ago - 1 comment

#425 - rewriter: fn ptr casts from `void*` (e.x. `dlsym`) unhandled

Issue - State: open - Opened by kkysen about 2 months ago - 1 comment

#424 - [DNM] Integrate various ARM branches

Pull Request - State: open - Opened by fw-immunant about 2 months ago

#423 - Add verbose debug logging to libia2

Pull Request - State: closed - Opened by rinon about 2 months ago - 3 comments

#422 - Fix ELF segment end computation

Pull Request - State: closed - Opened by rinon about 2 months ago - 6 comments

#421 - Label /proc/pid/maps entries in permissive mode logs

Pull Request - State: open - Opened by ayrtonm about 2 months ago

#420 - `static` address-taken functions generate linker errors

Issue - State: closed - Opened by randomPoison about 2 months ago - 1 comment

#419 - Fix propagation of partition-alloc link options

Pull Request - State: closed - Opened by rinon about 2 months ago - 1 comment

#418 - Remove build dir before re-building

Pull Request - State: closed - Opened by rinon about 2 months ago

#417 - Support disabling rewriting for specific function pointer types

Issue - State: open - Opened by randomPoison about 2 months ago - 2 comments

#416 - Allow `IA2_BEGIN_NO_WRAP` to apply to function pointers

Issue - State: closed - Opened by randomPoison about 2 months ago

#415 - Version scripts that hide symbols break linkage for compartmentalized builds

Issue - State: open - Opened by randomPoison about 2 months ago - 5 comments

#414 - Rewriter fails to emit `used` attribute for `static` fns when using a macro

Issue - State: open - Opened by randomPoison about 2 months ago - 9 comments

#413 - heap_two_keys and three_keys_minimal

Issue - State: closed - Opened by rinon about 2 months ago - 1 comment

#412 - Assignments to function pointer fields get rewritten incorrectly

Issue - State: open - Opened by randomPoison about 2 months ago - 4 comments

#411 - Rewriter generates incorrect `IA2_ADDR` invocations for null checks

Issue - State: open - Opened by randomPoison about 2 months ago - 5 comments

#409 - Document missing build steps

Issue - State: open - Opened by randomPoison about 2 months ago - 5 comments
Labels: documentation

#408 - Using a relative path for `--root-directory` breaks rewriter file copies

Issue - State: closed - Opened by randomPoison about 2 months ago - 2 comments
Labels: bug

#407 - Fix stack tagging on AArch64

Pull Request - State: closed - Opened by fw-immunant about 2 months ago - 8 comments

#406 - Consider adding stacktraces to permissive mode logs

Issue - State: open - Opened by ayrtonm about 2 months ago - 1 comment

#405 - Add mmap region descriptions to permissive mode logs

Issue - State: open - Opened by ayrtonm about 2 months ago - 1 comment

#404 - Check if TLS segments are padded at runtime

Issue - State: open - Opened by ayrtonm about 2 months ago - 2 comments
Labels: tooling, threads

#403 - Certain fn ptrs are never rewritten with `IA2_CALL` even in simple cases

Issue - State: closed - Opened by kkysen about 2 months ago - 1 comment

#401 - ci: run CI on all PRs, not just PRs to `main`, so we can stack PRs

Pull Request - State: closed - Opened by kkysen 2 months ago

#399 - `File path /some/path is invalid.` warning

Issue - State: open - Opened by kkysen 2 months ago

#398 - rewriter: warn on multiple compile commands per src and truncate to first one

Pull Request - State: closed - Opened by kkysen 2 months ago - 1 comment

#397 - Fix indirect call stack return handling

Pull Request - State: closed - Opened by rinon 2 months ago - 2 comments

#396 - Indirect calls that return a value on the stack are broken

Issue - State: closed - Opened by rinon 2 months ago - 1 comment

#395 - rewriter: avoid segfaulting on non-scalar, non-struct direct types

Pull Request - State: closed - Opened by kkysen 2 months ago

#394 - test_runner: Fail if child was terminated by signal

Pull Request - State: closed - Opened by rinon 2 months ago

#392 - rewriter: avoid segfaulting on non-scalar, non-struct direct types

Pull Request - State: closed - Opened by kkysen 2 months ago - 2 comments

#390 - rewriter: segfault in `classifyDirectType` for non-scalar, non-struct types

Issue - State: closed - Opened by kkysen 2 months ago - 1 comment

#389 - Document that `ia2_internal.h` uses GNU extensions

Issue - State: open - Opened by kkysen 2 months ago - 2 comments

#388 - rewriter: add script to canonicalize all paths in a `compile_commands.json`

Pull Request - State: closed - Opened by kkysen 3 months ago - 1 comment

#387 - Fix struct copying for structs with an unaligned size

Pull Request - State: closed - Opened by rinon 3 months ago - 3 comments

#386 - LLVM fork issues

Issue - State: open - Opened by fw-immunant 4 months ago - 1 comment
Labels: ARM

#385 - Disable more header defs when IA2_ENABLE=0

Pull Request - State: closed - Opened by randomPoison 4 months ago - 2 comments

#384 - Improve error for invalid pkey range

Pull Request - State: closed - Opened by randomPoison 4 months ago

#383 - rewriter: use `llvm::sys::fs::create_directories` instead of doing the logic ourselves

Pull Request - State: closed - Opened by kkysen 4 months ago - 2 comments

#382 - ci: test building Clang in release mode

Pull Request - State: closed - Opened by fw-immunant 4 months ago - 1 comment

#381 - cmake: give CMAKE_CROSSCOMPILING_EMULATOR a default

Pull Request - State: closed - Opened by fw-immunant 4 months ago

#378 - test_fault_handler: exit nonzero if expected segfault missing

Pull Request - State: closed - Opened by fw-immunant 4 months ago - 3 comments

#373 - Flesh out `spoofed_criterion` for AArch64

Pull Request - State: closed - Opened by fw-immunant 4 months ago - 1 comment

#368 - System headers missing when using `meson` (`dav1d`)

Issue - State: closed - Opened by kkysen 4 months ago
Labels: bug, rewriter

#365 - Structs test fails on Arch (LLVM 18)

Issue - State: closed - Opened by rinon 4 months ago - 1 comment

#362 - Port runtime to ARM

Pull Request - State: closed - Opened by fw-immunant 6 months ago - 1 comment

#355 - Add support for creating threads on ARM

Pull Request - State: open - Opened by ayrtonm 6 months ago - 1 comment

#334 - runtime/libia2: enable MTE

Pull Request - State: closed - Opened by ayrtonm 8 months ago - 2 comments

#333 - Port callgate generation code to ARM

Pull Request - State: closed - Opened by ayrtonm 8 months ago - 9 comments

#328 - Rewriter command-line interface is inscrutable

Issue - State: open - Opened by fw-immunant 9 months ago - 3 comments
Labels: documentation, ergonomics, rewriter

#319 - Add library-only mode

Issue - State: open - Opened by ayrtonm 10 months ago - 4 comments

#314 - Add support for ARM64 using MTE

Issue - State: open - Opened by ayrtonm 11 months ago - 11 comments

#257 - Thread startup saves PKRU in spillable register across function calls

Issue - State: closed - Opened by fw-immunant over 1 year ago - 2 comments
Labels: security, threads

#252 - Add Perl module in compartment 3

Pull Request - State: closed - Opened by endbr64 over 1 year ago - 3 comments

#226 - `ia2_fn_ptr` shouldn't be shared between threads or compartments

Issue - State: open - Opened by fw-immunant over 1 year ago - 6 comments
Labels: Medium priority, security

#198 - Add rewriter pass for function pointers that are compared or implicitly cast to bool

Issue - State: open - Opened by ayrtonm over 1 year ago - 5 comments
Labels: Medium priority, rewriter