LLVM Discussion Forums

Has-cet.exe detected as malware by Carbon Black

Hello all! I apologize if this isn’t the right place to post this, but I discovered that a file in the GitHub repository is being detected as malware “APC” by Carbon Black. I assume this is a false positive, as the file has to do with Intel Controlflow Enforcement Technology, and I guess that Carbon Black is seeing that and flagging it as malware. However, I thought it would be good to report this so it’s at least documented somewhere for others to see.

The full path to the file in question is llvm/test/tools/llvm-readobj/COFF/Inputs/has-cet.exe

https://github.com/llvm/llvm-project/blob/master/llvm/test/tools/llvm-readobj/COFF/Inputs/has-cet.exe