forked from OSchip/llvm-project
0cb55919ec
When shadow stack from Intel CET is enabled, the first instruction of all
indirect branch targets must be a special instruction, ENDBR.
lib/asan/asan_interceptors.cc has
...
int res = REAL(swapcontext)(oucp, ucp);
...
REAL(swapcontext) is a function pointer to swapcontext in libc. Since
swapcontext may return via indirect branch on x86 when shadow stack is
enabled, as in this case,
int res = REAL(swapcontext)(oucp, ucp);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This function may be
returned via an indirect branch.
Here compiler must insert ENDBR after call, like
call *bar(%rip)
endbr64
I opened an LLVM bug:
https://bugs.llvm.org/show_bug.cgi?id=38207
to add the indirect_return attribute so that it can be used to inform
compiler to insert ENDBR after REAL(swapcontext) call. We mark
REAL(swapcontext) with the indirect_return attribute if it is available.
This fixed:
https://bugs.llvm.org/show_bug.cgi?id=38249
Reviewed By: eugenis
Differential Revision: https://reviews.llvm.org/D49608
llvm-svn: 337603
|
||
|---|---|---|
| .. | ||
| BlocksRuntime | ||
| asan | ||
| builtins | ||
| cfi | ||
| dfsan | ||
| esan | ||
| fuzzer | ||
| hwasan | ||
| interception | ||
| lsan | ||
| msan | ||
| profile | ||
| safestack | ||
| sanitizer_common | ||
| scudo | ||
| stats | ||
| tsan | ||
| ubsan | ||
| ubsan_minimal | ||
| xray | ||
| CMakeLists.txt | ||