Commit Graph

70 Commits

Author SHA1 Message Date
Mitch Phillips c15bdf5598 [cfi-verify] Add blacklist parsing for result filtering.
Adds blacklist parsing behaviour for filtering results into four categories:

 - Expected Protected: Things that are not in the blacklist and are protected.
 - Unexpected Protected: Things that are in the blacklist and are protected.
 - Expected Unprotected: Things that are in the blacklist and are unprotected.
 - Unexpected Unprotected: Things that are not in the blacklist and are unprotected.

 now can optionally be invoked with a second command line argument, which specifies the blacklist file that the binary was built with.

Current  statistics for chromium:

Reviewers: vlad.tsyrklevich

Subscribers: mgorny, llvm-commits, pcc, kcc

Differential Revision: https://reviews.llvm.org/D39525

llvm-svn: 317364
2017-11-03 20:54:26 +00:00
Mitch Phillips 4ab6fc0cd6 Update cl::opt<uint64_t> instances to cl::opt<unsigned long long>
cl::opt<uint64_t> fails when parsing command line arguments.

See https://bugs.llvm.org/show_bug.cgi?id=19665.

Reviewers: pcc

Subscribers: mgorny, llvm-commits, kcc

Differential Revision: https://reviews.llvm.org/D38657

llvm-svn: 317141
2017-11-01 23:39:41 +00:00
Mitch Phillips 7db6f7a344 Parse DWARF information to reduce false positives.
Summary: Help differentiate code and data by parsing DWARF information. This will reduce false positive rates where data is placed in executable sections and is mistakenly parsed as code, resulting in an inflation in the number of indirect CF instructions (and hence an inflation of the number of unprotected).

Also prints the DWARF line data around the region of each indirect CF instruction.

Reviewers: pcc

Subscribers: probinson, llvm-commits, vlad.tsyrklevich, mgorny, aprantl, kcc

Differential Revision: https://reviews.llvm.org/D38654

llvm-svn: 317050
2017-10-31 23:20:05 +00:00
Mitch Phillips 5ff01cdc59 Add FileVerifier::isCFIProtected().
Add a CFI protection check that is implemented by building a graph and inspecting the output to deduce if the indirect CF instruction is CFI protected. Also added the output of this instruction to printIndirectInstructions().

Reviewers: vlad.tsyrklevich

Subscribers: llvm-commits, kcc, pcc, mgorny

Differential Revision: https://reviews.llvm.org/D38428

llvm-svn: 316610
2017-10-25 21:21:16 +00:00
Sam Clegg dabd5be42d Fix LLVM_LINK_LLVM_DYLIB=On build of llvm-cfi-verify
Subscribers: mgorny, aheejin

Differential Revision: https://reviews.llvm.org/D39250

llvm-svn: 316493
2017-10-24 20:21:15 +00:00
Mitch Phillips d9af383d58 Made llvm-cfi-verify not execute unit tests on non-x86 builds.
Patched out from D38427.

Reviewers: vlad.tsyrklevich

Reviewed By: vlad.tsyrklevich

Subscribers: llvm-commits, kcc, pcc, mgorny

Differential Revision: https://reviews.llvm.org/D39197

llvm-svn: 316375
2017-10-23 20:54:01 +00:00
Mitch Phillips 99fa140501 Graph builder implementation.
Implement a localised graph builder for indirect control flow
instructions. Main interface is through GraphBuilder::buildFlowGraph,
which will build a flow graph around an indirect CF instruction. Various
modifications to FileVerifier are also made to const-expose some members
needed for machine code analysis done by the graph builder.

Reviewers: vlad.tsyrklevich

Reviewed By: vlad.tsyrklevich

Subscribers: llvm-commits, kcc, pcc

Differential Revision: https://reviews.llvm.org/D38427

llvm-svn: 316372
2017-10-23 20:25:19 +00:00
Mitch Phillips e140b3d122 Accidently merged an incomplete upstream patch in 10e6ee563a6b5ca498f27972ca6dbe6c308f1ac2 - reverting the changes.
llvm-svn: 316359
2017-10-23 18:17:56 +00:00
Mitch Phillips f91a31b7a3 Patch in
llvm-svn: 316358
2017-10-23 18:11:31 +00:00
Vlad Tsyrklevich 4dc1c9735b Statically link llvm-cfi-verify's libraries.
Summary:
llvm-cfi-verify (D38379) introduced a potential build failure when compiling with `-DLLVM_BUILD_LLVM_DYLIB=ON -DLLVM_LINK_LLVM_DYLIB=ON`. Specific versions of cmake seem to treat the `add_subdirectory()` rule differently. It seems as if old versions of cmake BFS these rules, adding them to the fringe for expansion later. Newer versions of cmake seem to immediately execute CMakeFiles that are present in this subdirectory.

If the subdirectory is expanded through the fringe, the globbing resultant from `llvm_add_implicit_projects()` from `cmake/modules/AddLLVM.cmake:1012` means that `tools/llvm-shlib/CMakeFile.txt` gets executed before `tools/llvm-cfi-verify/lib/CMakeFile.txt`. As the latter CMakeFile adds a new library, this expansion order means that the library files required the unit tests in `unittests/tools/llvm-cfi-verify/` are not present in the dynamic library. This causes unit tests to fail as the required functions can't be found.

This change now ensures that the libraries created by `llvm-cfi-verify` are statically linked into the unit tests. As `tools/llvm-cfi-verify/lib` no longer adds anything to `llvm-shlib`, there should be no concern about the order-of-compilation.

Reviewers: skatkov, pcc

Reviewed By: skatkov, pcc

Subscribers: llvm-commits, kcc, pcc, aheejin, vlad.tsyrklevich, mgorny

Differential Revision: https://reviews.llvm.org/D39020

llvm-svn: 316059
2017-10-18 04:27:53 +00:00
Vlad Tsyrklevich 0ee2632403 MC Helpers for llvm-cfi-verify.
Add instruction analysis and machinecode traversal helpers in
preparation for control flow graph generation implementation.

Reviewers: vlad.tsyrklevich

Reviewed By: vlad.tsyrklevich

Subscribers: mgorny, llvm-commits, pcc, kcc

Differential Revision: https://reviews.llvm.org/D38424

llvm-svn: 315528
2017-10-11 23:17:29 +00:00
Vlad Tsyrklevich 89c3c8c403 Reland 'Classify llvm-cfi-verify.'
Summary: Move llvm-cfi-verify into a class in preparation for CFI analysis to come.

Reviewers: vlad.tsyrklevich

Reviewed By: vlad.tsyrklevich

Subscribers: mgorny, llvm-commits, pcc, kcc

Differential Revision: https://reviews.llvm.org/D38379

llvm-svn: 315504
2017-10-11 20:35:01 +00:00
Vlad Tsyrklevich a45919f54d Revert "Classify llvm-cfi-verify."
This reverts commit r315363. It has a simple build failure, but more
importantly I want to confirm that unit tests run in check-all to make
sure that they don't silently break in the future.

llvm-svn: 315370
2017-10-10 21:21:13 +00:00
Vlad Tsyrklevich b5488a2281 Classify llvm-cfi-verify.
Summary: Move llvm-cfi-verify into a class in preparation for CFI analysis to come.

Reviewers: vlad.tsyrklevich

Reviewed By: vlad.tsyrklevich

Subscribers: mgorny, llvm-commits, pcc, kcc

Differential Revision: https://reviews.llvm.org/D38379

llvm-svn: 315363
2017-10-10 20:59:08 +00:00
Sam Clegg 31a2c80935 [WebAssembly] Add support for local symbol bindings
Differential Revision: https://reviews.llvm.org/D38096

llvm-svn: 313817
2017-09-20 21:17:04 +00:00
Vlad Tsyrklevich 31b4531aa9 Introduce the llvm-cfi-verify tool (resubmission of D37937).
Summary: Resubmission of D37937. Fixed i386 target building (conversion from std::size_t& to uint64_t& failed). Fixed documentation warning failure about docs/CFIVerify.rst not being in the tree.

Reviewers: vlad.tsyrklevich

Reviewed By: vlad.tsyrklevich

Patch by Mitch Phillips

Subscribers: sbc100, mgorny, pcc, llvm-commits, kcc

Differential Revision: https://reviews.llvm.org/D38089

llvm-svn: 313809
2017-09-20 20:38:14 +00:00
Vlad Tsyrklevich 0f245eccd6 Revert "Introduce the llvm-cfi-verify tool (resubmission of D37937)."
This reverts commit r313798, it's causing buildbot failures.

llvm-svn: 313804
2017-09-20 19:46:02 +00:00
Vlad Tsyrklevich 501cad8bbc Introduce the llvm-cfi-verify tool (resubmission of D37937).
Summary: Resubmission of D37937. Fixed i386 target building (conversion from std::size_t& to uint64_t& failed). Fixed documentation warning failure about docs/CFIVerify.rst not being in the tree.

Reviewers: vlad.tsyrklevich

Reviewed By: vlad.tsyrklevich

Patch by Mitch Phillips

Subscribers: mgorny, pcc, llvm-commits, kcc

Differential Revision: https://reviews.llvm.org/D38089

llvm-svn: 313798
2017-09-20 19:14:16 +00:00
Vlad Tsyrklevich 8930f383fc Revert "Introduce the llvm-cfi-verify tool."
This reverts commit r313688, it caused build failures for
llvm-i686-linux-RA

llvm-svn: 313689
2017-09-19 22:36:32 +00:00
Vlad Tsyrklevich 564060193f Introduce the llvm-cfi-verify tool.
Summary: Introduces the llvm-cfi-verify tool to llvm. Includes the design document (docs/CFIVerify.rst). Current implementation of the tool is simply a disassembler that identifies and prints the indirect control flow instructions.

Reviewers: vlad.tsyrklevich

Reviewed By: vlad.tsyrklevich

Patch by Mitch Phillips

Subscribers: llvm-commits, kcc, pcc, mgorny

Differential Revision: https://reviews.llvm.org/D37937

llvm-svn: 313688
2017-09-19 22:33:09 +00:00