git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@270634 91177308-0d34-0410-b5e6-96231b3b80d8

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@240696 91177308-0d34-0410-b5e6-96231b3b80d8

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@240536 91177308-0d34-0410-b5e6-96231b3b80d8

This patch makes the following improvements to the SafeStack documentation:

Explicitly states the security guarantees of the SafeStack
Clarifies which of the security guarantees are probabilistic
Re-orders security limitations to put the most severe ones first
Explains how `__attribute__((no_sanitize("safe-stack")))` works and how to use it safely
Explains that SafeStack should be combined with a forward-edge protection mechanism, such as CPI, IFCC or others
Multiple readability and stylistic improvements

Patch by Volodymyr Kuznetsov!

Differential Revision: http://reviews.llvm.org/D10598

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@240472 91177308-0d34-0410-b5e6-96231b3b80d8

Protection against stack-based memory corruption errors using SafeStack: Clang command line option and function attribute

This patch adds the -fsanitize=safe-stack command line argument for clang,
which enables the Safe Stack protection (see http://reviews.llvm.org/D6094
for the detailed description of the Safe Stack).

This patch is our implementation of the safe stack on top of Clang. The
patches make the following changes:

- Add -fsanitize=safe-stack and -fno-sanitize=safe-stack options to clang
  to control safe stack usage (the safe stack is disabled by default).

- Add __attribute__((no_sanitize("safe-stack"))) attribute to clang that can be
  used to disable the safe stack for individual functions even when enabled
  globally.

Original patch by Volodymyr Kuznetsov and others at the Dependable Systems
Lab at EPFL; updates and upstreaming by myself.

Differential Revision: http://reviews.llvm.org/D6095

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@239762 91177308-0d34-0410-b5e6-96231b3b80d8