[sanitizer] Support Intel CET

1. Include <cet.h> in sanitizer_common/sanitizer_asm.h to mark Intel CET support when Intel CET is enabled. 2. Add _CET_ENDBR to function entries in assembly codes so that ENDBR instruction will be generated when Intel CET is enabled. Reviewed By: dvyukov Differential Revision: https://reviews.llvm.org/D111185
2021-09-10 06:24:36 -07:00 · 2021-09-10 06:24:36 -07:00 · fdf4c03522
parent f0ffff43b7
commit fdf4c03522
5 changed files with 14 additions and 0 deletions
--- a/compiler-rt/lib/hwasan/hwasan_setjmp_x86_64.S
+++ b/compiler-rt/lib/hwasan/hwasan_setjmp_x86_64.S
@ -35,6 +35,7 @@
 ASM_TYPE_FUNCTION(__interceptor_setjmp)
 __interceptor_setjmp:
  CFI_STARTPROC
+  _CET_ENDBR
  xorl %esi, %esi
  jmp	__interceptor_sigsetjmp
  CFI_ENDPROC
@ -44,6 +45,7 @@ ASM_SIZE(__interceptor_setjmp)
 ASM_TYPE_FUNCTION(__interceptor_sigsetjmp)
 __interceptor_sigsetjmp:
  CFI_STARTPROC
+  _CET_ENDBR

  // Save callee save registers.
  mov %rbx, (0*8)(%rdi)
--- a/compiler-rt/lib/sanitizer_common/sanitizer_asm.h
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_asm.h
@ -66,3 +66,7 @@
 #else
 #define NO_EXEC_STACK_DIRECTIVE
 #endif
+
+#if defined(__x86_64__) || defined(__i386__)
+#include <cet.h>
+#endif
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_vfork_i386.inc.S
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_vfork_i386.inc.S
@ -6,6 +6,7 @@
 .globl ASM_WRAPPER_NAME(vfork)
 ASM_TYPE_FUNCTION(ASM_WRAPPER_NAME(vfork))
 ASM_WRAPPER_NAME(vfork):
+        _CET_ENDBR
        // Store return address in the spill area and tear down the stack frame.
        sub     $12, %esp
        call    COMMON_INTERCEPTOR_SPILL_AREA
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_vfork_x86_64.inc.S
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_vfork_x86_64.inc.S
@ -6,6 +6,7 @@
 .globl ASM_WRAPPER_NAME(vfork)
 ASM_TYPE_FUNCTION(ASM_WRAPPER_NAME(vfork))
 ASM_WRAPPER_NAME(vfork):
+        _CET_ENDBR
        // Store return address in the spill area and tear down the stack frame.
        push    %rcx
        call    COMMON_INTERCEPTOR_SPILL_AREA
--- a/compiler-rt/lib/tsan/rtl/tsan_rtl_amd64.S
+++ b/compiler-rt/lib/tsan/rtl/tsan_rtl_amd64.S
@ -13,6 +13,7 @@ ASM_HIDDEN(__tsan_trace_switch)
 .globl ASM_SYMBOL(__tsan_trace_switch_thunk)
 ASM_SYMBOL(__tsan_trace_switch_thunk):
  CFI_STARTPROC
+  _CET_ENDBR
  # Save scratch registers.
  push %rax
  CFI_ADJUST_CFA_OFFSET(8)
@ -93,6 +94,7 @@ ASM_HIDDEN(__tsan_report_race)
 .globl ASM_SYMBOL(__tsan_report_race_thunk)
 ASM_SYMBOL(__tsan_report_race_thunk):
  CFI_STARTPROC
+  _CET_ENDBR
  # Save scratch registers.
  push %rax
  CFI_ADJUST_CFA_OFFSET(8)
@ -185,6 +187,7 @@ ASM_TYPE_FUNCTION(ASM_SYMBOL_INTERCEPTOR(setjmp))
 ASM_SYMBOL_INTERCEPTOR(setjmp):
 #endif
  CFI_STARTPROC
+  _CET_ENDBR
  // save env parameter
  push %rdi
  CFI_ADJUST_CFA_OFFSET(8)
@ -226,6 +229,7 @@ ASM_SIZE(ASM_SYMBOL_INTERCEPTOR(setjmp))
 ASM_TYPE_FUNCTION(ASM_SYMBOL_INTERCEPTOR(_setjmp))
 ASM_SYMBOL_INTERCEPTOR(_setjmp):
  CFI_STARTPROC
+  _CET_ENDBR
  // save env parameter
  push %rdi
  CFI_ADJUST_CFA_OFFSET(8)
@ -267,6 +271,7 @@ ASM_TYPE_FUNCTION(ASM_SYMBOL_INTERCEPTOR(sigsetjmp))
 ASM_SYMBOL_INTERCEPTOR(sigsetjmp):
 #endif
  CFI_STARTPROC
+  _CET_ENDBR
  // save env parameter
  push %rdi
  CFI_ADJUST_CFA_OFFSET(8)
@ -323,6 +328,7 @@ ASM_SIZE(ASM_SYMBOL_INTERCEPTOR(sigsetjmp))
 ASM_TYPE_FUNCTION(ASM_SYMBOL_INTERCEPTOR(__sigsetjmp))
 ASM_SYMBOL_INTERCEPTOR(__sigsetjmp):
  CFI_STARTPROC
+  _CET_ENDBR
  // save env parameter
  push %rdi
  CFI_ADJUST_CFA_OFFSET(8)