Add the ShadowCallStack attribute

Summary:
Introduce the ShadowCallStack function attribute. It's added to
functions compiled with -fsanitize=shadow-call-stack in order to mark
functions to be instrumented by a ShadowCallStack pass to be submitted
in a separate change.

Reviewers: pcc, kcc, kubamracek

Reviewed By: pcc, kcc

Subscribers: cryptoad, mehdi_amini, javed.absar, llvm-commits, kcc

Differential Revision: https://reviews.llvm.org/D44800

llvm-svn: 329108
This commit is contained in:
Vlad Tsyrklevich 2018-04-03 20:10:40 +00:00
parent c6bf37d56d
commit d17f61ea3b
14 changed files with 36 additions and 2 deletions

View File

@ -1056,6 +1056,7 @@ The integer codes are mapped to well-known attributes as follows.
* code 55: ``sanitize_hwaddress``
* code 56: ``nocf_check``
* code 57: ``optforfuzzing``
* code 58: ``shadowcallstack``
.. note::
The ``allocsize`` attribute has a special encoding for its arguments. Its two

View File

@ -1708,6 +1708,11 @@ example:
entity to fine grain the HW control flow protection mechanism. The flag
is target independant and currently appertains to a function or function
pointer.
``shadowcallstack``
This attribute indicates that the ShadowCallStack checks are enabled for
the function. The instrumentation checks that the return address for the
function has not changed between the function prolog and eiplog. It is
currently x86_64-specific.
.. _glattrs:

View File

@ -589,6 +589,7 @@ enum AttributeKindCodes {
ATTR_KIND_SANITIZE_HWADDRESS = 55,
ATTR_KIND_NOCF_CHECK = 56,
ATTR_KIND_OPT_FOR_FUZZING = 57,
ATTR_KIND_SHADOWCALLSTACK = 58,
};
enum ComdatSelectionKindCodes {

View File

@ -136,6 +136,9 @@ def ReturnsTwice : EnumAttr<"returns_twice">;
/// Safe Stack protection.
def SafeStack : EnumAttr<"safestack">;
/// Shadow Call Stack protection.
def ShadowCallStack : EnumAttr<"shadowcallstack">;
/// Sign extended before/after call.
def SExt : EnumAttr<"signext">;
@ -211,6 +214,7 @@ def : CompatRule<"isEqual<SanitizeThreadAttr>">;
def : CompatRule<"isEqual<SanitizeMemoryAttr>">;
def : CompatRule<"isEqual<SanitizeHWAddressAttr>">;
def : CompatRule<"isEqual<SafeStackAttr>">;
def : CompatRule<"isEqual<ShadowCallStackAttr>">;
class MergeRule<string F> {
// The name of the function called to merge the attributes of the caller and

View File

@ -665,6 +665,7 @@ lltok::Kind LLLexer::LexIdentifier() {
KEYWORD(sspstrong);
KEYWORD(strictfp);
KEYWORD(safestack);
KEYWORD(shadowcallstack);
KEYWORD(sanitize_address);
KEYWORD(sanitize_hwaddress);
KEYWORD(sanitize_thread);

View File

@ -1148,6 +1148,8 @@ bool LLParser::ParseFnAttributeValuePairs(AttrBuilder &B,
case lltok::kw_sspstrong:
B.addAttribute(Attribute::StackProtectStrong); break;
case lltok::kw_safestack: B.addAttribute(Attribute::SafeStack); break;
case lltok::kw_shadowcallstack:
B.addAttribute(Attribute::ShadowCallStack); break;
case lltok::kw_sanitize_address:
B.addAttribute(Attribute::SanitizeAddress); break;
case lltok::kw_sanitize_hwaddress:
@ -1485,6 +1487,7 @@ bool LLParser::ParseOptionalParamAttrs(AttrBuilder &B) {
case lltok::kw_sspreq:
case lltok::kw_sspstrong:
case lltok::kw_safestack:
case lltok::kw_shadowcallstack:
case lltok::kw_strictfp:
case lltok::kw_uwtable:
HaveError |= Error(Lex.getLoc(), "invalid use of function-only attribute");
@ -1580,6 +1583,7 @@ bool LLParser::ParseOptionalReturnAttrs(AttrBuilder &B) {
case lltok::kw_sspreq:
case lltok::kw_sspstrong:
case lltok::kw_safestack:
case lltok::kw_shadowcallstack:
case lltok::kw_strictfp:
case lltok::kw_uwtable:
HaveError |= Error(Lex.getLoc(), "invalid use of function-only attribute");

View File

@ -214,6 +214,7 @@ enum Kind {
kw_sspreq,
kw_sspstrong,
kw_safestack,
kw_shadowcallstack,
kw_sret,
kw_sanitize_thread,
kw_sanitize_memory,

View File

@ -1162,6 +1162,7 @@ static uint64_t getRawAttributeMask(Attribute::AttrKind Val) {
case Attribute::SanitizeHWAddress: return 1ULL << 56;
case Attribute::NoCfCheck: return 1ULL << 57;
case Attribute::OptForFuzzing: return 1ULL << 58;
case Attribute::ShadowCallStack: return 1ULL << 59;
case Attribute::Dereferenceable:
llvm_unreachable("dereferenceable attribute not supported in raw format");
break;
@ -1372,6 +1373,8 @@ static Attribute::AttrKind getAttrFromCode(uint64_t Code) {
return Attribute::StackProtectStrong;
case bitc::ATTR_KIND_SAFESTACK:
return Attribute::SafeStack;
case bitc::ATTR_KIND_SHADOWCALLSTACK:
return Attribute::ShadowCallStack;
case bitc::ATTR_KIND_STRICT_FP:
return Attribute::StrictFP;
case bitc::ATTR_KIND_STRUCT_RET:

View File

@ -673,6 +673,8 @@ static uint64_t getAttrKindEncoding(Attribute::AttrKind Kind) {
return bitc::ATTR_KIND_STACK_PROTECT_STRONG;
case Attribute::SafeStack:
return bitc::ATTR_KIND_SAFESTACK;
case Attribute::ShadowCallStack:
return bitc::ATTR_KIND_SHADOWCALLSTACK;
case Attribute::StrictFP:
return bitc::ATTR_KIND_STRICT_FP;
case Attribute::StructRet:

View File

@ -332,6 +332,8 @@ std::string Attribute::getAsString(bool InAttrGrp) const {
return "sspstrong";
if (hasAttribute(Attribute::SafeStack))
return "safestack";
if (hasAttribute(Attribute::ShadowCallStack))
return "shadowcallstack";
if (hasAttribute(Attribute::StrictFP))
return "strictfp";
if (hasAttribute(Attribute::StructRet))

View File

@ -1413,6 +1413,7 @@ static bool isFuncOnlyAttr(Attribute::AttrKind Kind) {
case Attribute::StackProtectReq:
case Attribute::StackProtectStrong:
case Attribute::SafeStack:
case Attribute::ShadowCallStack:
case Attribute::NoRedZone:
case Attribute::NoImplicitFloat:
case Attribute::Naked:

View File

@ -53,6 +53,7 @@ static Attribute::AttrKind parseAttrKind(StringRef Kind) {
.Case("argmemonly", Attribute::ArgMemOnly)
.Case("returns_twice", Attribute::ReturnsTwice)
.Case("safestack", Attribute::SafeStack)
.Case("shadowcallstack", Attribute::SafeStack)
.Case("sanitize_address", Attribute::SanitizeAddress)
.Case("sanitize_hwaddress", Attribute::SanitizeHWAddress)
.Case("sanitize_memory", Attribute::SanitizeMemory)

View File

@ -688,6 +688,7 @@ Function *CodeExtractor::constructFunction(const ValueSet &inputs,
case Attribute::OptimizeNone:
case Attribute::OptimizeForSize:
case Attribute::SafeStack:
case Attribute::ShadowCallStack:
case Attribute::SanitizeAddress:
case Attribute::SanitizeMemory:
case Attribute::SanitizeThread:

View File

@ -204,7 +204,7 @@ define void @f34()
; CHECK: define void @f34()
{
call void @nobuiltin() nobuiltin
; CHECK: call void @nobuiltin() #35
; CHECK: call void @nobuiltin() #36
ret void;
}
@ -345,6 +345,12 @@ define void @f58() sanitize_hwaddress
ret void;
}
; CHECK: define void @f59() #35
define void @f59() shadowcallstack
{
ret void
}
; CHECK: attributes #0 = { noreturn }
; CHECK: attributes #1 = { nounwind }
; CHECK: attributes #2 = { readnone }
@ -380,4 +386,5 @@ define void @f58() sanitize_hwaddress
; CHECK: attributes #32 = { writeonly }
; CHECK: attributes #33 = { speculatable }
; CHECK: attributes #34 = { sanitize_hwaddress }
; CHECK: attributes #35 = { nobuiltin }
; CHECK: attributes #35 = { shadowcallstack }
; CHECK: attributes #36 = { nobuiltin }