doxygen/WinCFGuard_8cpp_source.html

//===-- CodeGen/AsmPrinter/WinCFGuard.cpp - Control Flow Guard Impl ------===//

//

// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.

// See https://llvm.org/LICENSE.txt for license information.

// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception

//

//===----------------------------------------------------------------------===//

//

// This file contains support for writing the metadata for Windows Control Flow

// Guard, including address-taken functions and valid longjmp targets.

//

//===----------------------------------------------------------------------===//


#include "WinCFGuard.h"

#include "llvm/CodeGen/AsmPrinter.h"

#include "llvm/CodeGen/MachineFunction.h"

#include "llvm/CodeGen/MachineModuleInfo.h"

#include "llvm/IR/Constants.h"

#include "llvm/IR/InstrTypes.h"

#include "llvm/MC/MCObjectFileInfo.h"

#include "llvm/MC/MCStreamer.h"


#include <vector>


using namespace llvm;


WinCFGuard::WinCFGuard(AsmPrinter *A) : Asm(A) {}


WinCFGuard::~WinCFGuard() = default;


void WinCFGuard::endFunction(const MachineFunction *MF) {


  // Skip functions without any longjmp targets.

  if (MF->getLongjmpTargets().empty())

    return;


  // Copy the function's longjmp targets to a module-level list.

  llvm::append_range(LongjmpTargets, MF->getLongjmpTargets());

}


/// Returns true if this function's address is escaped in a way that might make

/// it an indirect call target. Function::hasAddressTaken gives different

/// results when a function is called directly with a function prototype

/// mismatch, which requires a cast.

static bool isPossibleIndirectCallTarget(const Function *F) {

  SmallVector<const Value *, 4> Users{F};

  while (!Users.empty()) {

    const Value *FnOrCast = Users.pop_back_val();

    for (const Use &U : FnOrCast->uses()) {

      const User *FnUser = U.getUser();

      if (isa<BlockAddress>(FnUser))

        continue;

      if (const auto *Call = dyn_cast<CallBase>(FnUser)) {

        if (!Call->isCallee(&U))

          return true;

      } else if (isa<Instruction>(FnUser)) {

        // Consider any other instruction to be an escape. This has some weird

        // consequences like no-op intrinsics being an escape or a store *to* a

        // function address being an escape.

        return true;

      } else if (const auto *C = dyn_cast<Constant>(FnUser)) {

        // If this is a constant pointer cast of the function, don't consider

        // this escape. Analyze the uses of the cast as well. This ensures that

        // direct calls with mismatched prototypes don't end up in the CFG

        // table. Consider other constants, such as vtable initializers, to

        // escape the function.

        if (C->stripPointerCasts() == F)

          Users.push_back(FnUser);

        else

          return true;

      }

    }

  }

  return false;

}


MCSymbol *WinCFGuard::lookupImpSymbol(const MCSymbol *Sym) {

  if (Sym->getName().startswith("__imp_"))

    return nullptr;

  return Asm->OutContext.lookupSymbol(Twine("__imp_") + Sym->getName());

}


void WinCFGuard::endModule() {

  const Module *M = Asm->MMI->getModule();

  std::vector<const MCSymbol *> GFIDsEntries;

  std::vector<const MCSymbol *> GIATsEntries;

  for (const Function &F : *M) {

    if (isPossibleIndirectCallTarget(&F)) {

      // If F is a dllimport and has an "__imp_" symbol already defined, add the

      // "__imp_" symbol to the .giats section.

      if (F.hasDLLImportStorageClass()) {

        if (MCSymbol *impSym = lookupImpSymbol(Asm->getSymbol(&F))) {

          GIATsEntries.push_back(impSym);

        }

      }

      // Add the function's symbol to the .gfids section.

      // Note: For dllimport functions, MSVC sometimes does not add this symbol

      // to the .gfids section, but only adds the corresponding "__imp_" symbol

      // to the .giats section. Here we always add the symbol to the .gfids

      // section, since this does not introduce security risks.

      GFIDsEntries.push_back(Asm->getSymbol(&F));

    }

  }


  if (GFIDsEntries.empty() && GIATsEntries.empty() && LongjmpTargets.empty())

    return;


  // Emit the symbol index of each GFIDs entry to form the .gfids section.

  auto &OS = *Asm->OutStreamer;

  OS.switchSection(Asm->OutContext.getObjectFileInfo()->getGFIDsSection());

  for (const MCSymbol *S : GFIDsEntries)

    OS.emitCOFFSymbolIndex(S);


  // Emit the symbol index of each GIATs entry to form the .giats section.

  OS.switchSection(Asm->OutContext.getObjectFileInfo()->getGIATsSection());

  for (const MCSymbol *S : GIATsEntries) {

    OS.emitCOFFSymbolIndex(S);

  }


  // Emit the symbol index of each longjmp target to form the .gljmp section.

  OS.switchSection(Asm->OutContext.getObjectFileInfo()->getGLJMPSection());

  for (const MCSymbol *S : LongjmpTargets) {

    OS.emitCOFFSymbolIndex(S);

  }

}

AsmPrinter.h

A
static GCRegistry::Add< ErlangGC > A("erlang", "erlang-compatible garbage collector")

Constants.h
This file contains the declarations for the subclasses of Constant, which represent the different fla...

Users
iv Induction Variable Users
Definition: IVUsers.cpp:48

InstrTypes.h

MCObjectFileInfo.h

MCStreamer.h

F
#define F(x, y, z)
Definition: MD5.cpp:55

MachineFunction.h

MachineModuleInfo.h

OS
raw_pwrite_stream & OS
Definition: SampleProfWriter.cpp:53

isPossibleIndirectCallTarget
static bool isPossibleIndirectCallTarget(const Function *F)
Returns true if this function's address is escaped in a way that might make it an indirect call targe...
Definition: WinCFGuard.cpp:45

WinCFGuard.h

llvm::AsmPrinter
This class is intended to be used as a driving class for all asm writers.
Definition: AsmPrinter.h:84

llvm::AsmPrinter::getSymbol
MCSymbol * getSymbol(const GlobalValue *GV) const
Definition: AsmPrinter.cpp:662

llvm::AsmPrinter::MMI
MachineModuleInfo * MMI
This is a pointer to the current MachineModuleInfo.
Definition: AsmPrinter.h:105

llvm::AsmPrinter::OutContext
MCContext & OutContext
This is the context for the output file that we are streaming.
Definition: AsmPrinter.h:94

llvm::AsmPrinter::OutStreamer
std::unique_ptr< MCStreamer > OutStreamer
This is the MCStreamer object for the file we are generating.
Definition: AsmPrinter.h:99

llvm::Function
Definition: Function.h:60

llvm::MCContext::getObjectFileInfo
const MCObjectFileInfo * getObjectFileInfo() const
Definition: MCContext.h:450

llvm::MCContext::lookupSymbol
MCSymbol * lookupSymbol(const Twine &Name) const
Get the symbol for Name, or null.
Definition: MCContext.cpp:359

llvm::MCObjectFileInfo::getGFIDsSection
MCSection * getGFIDsSection() const
Definition: MCObjectFileInfo.h:427

llvm::MCObjectFileInfo::getGLJMPSection
MCSection * getGLJMPSection() const
Definition: MCObjectFileInfo.h:429

llvm::MCObjectFileInfo::getGIATsSection
MCSection * getGIATsSection() const
Definition: MCObjectFileInfo.h:428

llvm::MCSymbol
MCSymbol - Instances of this class represent a symbol name in the MC file, and MCSymbols are created ...
Definition: MCSymbol.h:41

llvm::MCSymbol::getName
StringRef getName() const
getName - Get the symbol name.
Definition: MCSymbol.h:203

llvm::MachineFunction
Definition: MachineFunction.h:258

llvm::MachineFunction::getLongjmpTargets
const std::vector< MCSymbol * > & getLongjmpTargets() const
Returns a reference to a list of symbols immediately following calls to _setjmp in the function.
Definition: MachineFunction.h:1081

llvm::MachineModuleInfo::getModule
const Module * getModule() const
Definition: MachineModuleInfo.h:146

llvm::Module
A Module instance is used to store all the information related to an LLVM module.
Definition: Module.h:65

llvm::SmallVector
This is a 'vector' (really, a variable-sized array), optimized for the case when the array is small.
Definition: SmallVector.h:1200

llvm::StringRef::startswith
bool startswith(StringRef Prefix) const
Definition: StringRef.h:261

llvm::Twine
Twine - A lightweight data structure for efficiently representing the concatenation of temporary valu...
Definition: Twine.h:81

llvm::Use
A Use represents the edge between a Value definition and its users.
Definition: Use.h:43

llvm::User
Definition: User.h:44

llvm::Value
LLVM Value Representation.
Definition: Value.h:74

llvm::Value::uses
iterator_range< use_iterator > uses()
Definition: Value.h:376

llvm::WinCFGuard::WinCFGuard
WinCFGuard(AsmPrinter *A)
Definition: WinCFGuard.cpp:27

llvm::WinCFGuard::endModule
void endModule() override
Emit the Control Flow Guard function ID table.
Definition: WinCFGuard.cpp:83

llvm::WinCFGuard::endFunction
void endFunction(const MachineFunction *MF) override
Gather post-function debug information.
Definition: WinCFGuard.cpp:31

llvm::WinCFGuard::~WinCFGuard
~WinCFGuard() override

llvm::CallingConv::C
@ C
The default llvm calling convention, compatible with C.
Definition: CallingConv.h:34

llvm
This is an optimization pass for GlobalISel generic memory operations.
Definition: AddressRanges.h:18

llvm::append_range
void append_range(Container &C, Range &&R)
Wrapper function to append a range to a container.
Definition: STLExtras.h:2129