llvm.org GIT mirror llvm / 45013b2
Add the ShadowCallStack attribute Summary: Introduce the ShadowCallStack function attribute. It's added to functions compiled with -fsanitize=shadow-call-stack in order to mark functions to be instrumented by a ShadowCallStack pass to be submitted in a separate change. Reviewers: pcc, kcc, kubamracek Reviewed By: pcc, kcc Subscribers: cryptoad, mehdi_amini, javed.absar, llvm-commits, kcc Differential Revision: https://reviews.llvm.org/D44800 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@329108 91177308-0d34-0410-b5e6-96231b3b80d8 Vlad Tsyrklevich 2 years ago
14 changed file(s) with 36 addition(s) and 2 deletion(s). Raw diff Collapse all Expand all
10551055 * code 55: ``sanitize_hwaddress``
10561056 * code 56: ``nocf_check``
10571057 * code 57: ``optforfuzzing``
1058 * code 58: ``shadowcallstack``
10581059
10591060 .. note::
10601061 The ``allocsize`` attribute has a special encoding for its arguments. Its two
17071707 entity to fine grain the HW control flow protection mechanism. The flag
17081708 is target independant and currently appertains to a function or function
17091709 pointer.
1710 ``shadowcallstack``
1711 This attribute indicates that the ShadowCallStack checks are enabled for
1712 the function. The instrumentation checks that the return address for the
1713 function has not changed between the function prolog and eiplog. It is
1714 currently x86_64-specific.
17101715
17111716 .. _glattrs:
17121717
588588 ATTR_KIND_SANITIZE_HWADDRESS = 55,
589589 ATTR_KIND_NOCF_CHECK = 56,
590590 ATTR_KIND_OPT_FOR_FUZZING = 57,
591 ATTR_KIND_SHADOWCALLSTACK = 58,
591592 };
592593
593594 enum ComdatSelectionKindCodes {
134134
135135 /// Safe Stack protection.
136136 def SafeStack : EnumAttr<"safestack">;
137
138 /// Shadow Call Stack protection.
139 def ShadowCallStack : EnumAttr<"shadowcallstack">;
137140
138141 /// Sign extended before/after call.
139142 def SExt : EnumAttr<"signext">;
210213 def : CompatRule<"isEqual">;
211214 def : CompatRule<"isEqual">;
212215 def : CompatRule<"isEqual">;
216 def : CompatRule<"isEqual">;
213217
214218 class MergeRule {
215219 // The name of the function called to merge the attributes of the caller and
664664 KEYWORD(sspstrong);
665665 KEYWORD(strictfp);
666666 KEYWORD(safestack);
667 KEYWORD(shadowcallstack);
667668 KEYWORD(sanitize_address);
668669 KEYWORD(sanitize_hwaddress);
669670 KEYWORD(sanitize_thread);
11471147 case lltok::kw_sspstrong:
11481148 B.addAttribute(Attribute::StackProtectStrong); break;
11491149 case lltok::kw_safestack: B.addAttribute(Attribute::SafeStack); break;
1150 case lltok::kw_shadowcallstack:
1151 B.addAttribute(Attribute::ShadowCallStack); break;
11501152 case lltok::kw_sanitize_address:
11511153 B.addAttribute(Attribute::SanitizeAddress); break;
11521154 case lltok::kw_sanitize_hwaddress:
14841486 case lltok::kw_sspreq:
14851487 case lltok::kw_sspstrong:
14861488 case lltok::kw_safestack:
1489 case lltok::kw_shadowcallstack:
14871490 case lltok::kw_strictfp:
14881491 case lltok::kw_uwtable:
14891492 HaveError |= Error(Lex.getLoc(), "invalid use of function-only attribute");
15791582 case lltok::kw_sspreq:
15801583 case lltok::kw_sspstrong:
15811584 case lltok::kw_safestack:
1585 case lltok::kw_shadowcallstack:
15821586 case lltok::kw_strictfp:
15831587 case lltok::kw_uwtable:
15841588 HaveError |= Error(Lex.getLoc(), "invalid use of function-only attribute");
213213 kw_sspreq,
214214 kw_sspstrong,
215215 kw_safestack,
216 kw_shadowcallstack,
216217 kw_sret,
217218 kw_sanitize_thread,
218219 kw_sanitize_memory,
11611161 case Attribute::SanitizeHWAddress: return 1ULL << 56;
11621162 case Attribute::NoCfCheck: return 1ULL << 57;
11631163 case Attribute::OptForFuzzing: return 1ULL << 58;
1164 case Attribute::ShadowCallStack: return 1ULL << 59;
11641165 case Attribute::Dereferenceable:
11651166 llvm_unreachable("dereferenceable attribute not supported in raw format");
11661167 break;
13711372 return Attribute::StackProtectStrong;
13721373 case bitc::ATTR_KIND_SAFESTACK:
13731374 return Attribute::SafeStack;
1375 case bitc::ATTR_KIND_SHADOWCALLSTACK:
1376 return Attribute::ShadowCallStack;
13741377 case bitc::ATTR_KIND_STRICT_FP:
13751378 return Attribute::StrictFP;
13761379 case bitc::ATTR_KIND_STRUCT_RET:
672672 return bitc::ATTR_KIND_STACK_PROTECT_STRONG;
673673 case Attribute::SafeStack:
674674 return bitc::ATTR_KIND_SAFESTACK;
675 case Attribute::ShadowCallStack:
676 return bitc::ATTR_KIND_SHADOWCALLSTACK;
675677 case Attribute::StrictFP:
676678 return bitc::ATTR_KIND_STRICT_FP;
677679 case Attribute::StructRet:
331331 return "sspstrong";
332332 if (hasAttribute(Attribute::SafeStack))
333333 return "safestack";
334 if (hasAttribute(Attribute::ShadowCallStack))
335 return "shadowcallstack";
334336 if (hasAttribute(Attribute::StrictFP))
335337 return "strictfp";
336338 if (hasAttribute(Attribute::StructRet))
14121412 case Attribute::StackProtectReq:
14131413 case Attribute::StackProtectStrong:
14141414 case Attribute::SafeStack:
1415 case Attribute::ShadowCallStack:
14151416 case Attribute::NoRedZone:
14161417 case Attribute::NoImplicitFloat:
14171418 case Attribute::Naked:
5252 .Case("argmemonly", Attribute::ArgMemOnly)
5353 .Case("returns_twice", Attribute::ReturnsTwice)
5454 .Case("safestack", Attribute::SafeStack)
55 .Case("shadowcallstack", Attribute::SafeStack)
5556 .Case("sanitize_address", Attribute::SanitizeAddress)
5657 .Case("sanitize_hwaddress", Attribute::SanitizeHWAddress)
5758 .Case("sanitize_memory", Attribute::SanitizeMemory)
687687 case Attribute::OptimizeNone:
688688 case Attribute::OptimizeForSize:
689689 case Attribute::SafeStack:
690 case Attribute::ShadowCallStack:
690691 case Attribute::SanitizeAddress:
691692 case Attribute::SanitizeMemory:
692693 case Attribute::SanitizeThread:
203203 ; CHECK: define void @f34()
204204 {
205205 call void @nobuiltin() nobuiltin
206 ; CHECK: call void @nobuiltin() #35
206 ; CHECK: call void @nobuiltin() #36
207207 ret void;
208208 }
209209
342342 define void @f58() sanitize_hwaddress
343343 {
344344 ret void;
345 }
346
347 ; CHECK: define void @f59() #35
348 define void @f59() shadowcallstack
349 {
350 ret void
345351 }
346352
347353 ; CHECK: attributes #0 = { noreturn }
379385 ; CHECK: attributes #32 = { writeonly }
380386 ; CHECK: attributes #33 = { speculatable }
381387 ; CHECK: attributes #34 = { sanitize_hwaddress }
382 ; CHECK: attributes #35 = { nobuiltin }
388 ; CHECK: attributes #35 = { shadowcallstack }
389 ; CHECK: attributes #36 = { nobuiltin }