doxygen/InstrOrderFile_8cpp_source.html

//===- InstrOrderFile.cpp ---- Late IR instrumentation for order file ----===//

//

// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.

// See https://llvm.org/LICENSE.txt for license information.

// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception

//

//===----------------------------------------------------------------------===//

//

//===----------------------------------------------------------------------===//


#include "llvm/Transforms/Instrumentation/InstrOrderFile.h"

#include "llvm/IR/Constants.h"

#include "llvm/IR/Function.h"

#include "llvm/IR/GlobalValue.h"

#include "llvm/IR/IRBuilder.h"

#include "llvm/IR/Instructions.h"

#include "llvm/IR/Module.h"

#include "llvm/ProfileData/InstrProf.h"

#include "llvm/Support/CommandLine.h"

#include "llvm/Support/FileSystem.h"

#include "llvm/Support/raw_ostream.h"

#include "llvm/Transforms/Utils/Instrumentation.h"

#include <mutex>

#include <sstream>


using namespace llvm;

#define DEBUG_TYPE "instrorderfile"


static cl::opt<std::string> ClOrderFileWriteMapping(

    "orderfile-write-mapping", cl::init(""),

    cl::desc(

        "Dump functions and their MD5 hash to deobfuscate profile data"),

    cl::Hidden);


namespace {


// We need a global bitmap to tell if a function is executed. We also

// need a global variable to save the order of functions. We can use a

// fixed-size buffer that saves the MD5 hash of the function. We need

// a global variable to save the index into the buffer.


std::mutex MappingMutex;


struct InstrOrderFile {

private:

  GlobalVariable *OrderFileBuffer;

  GlobalVariable *BufferIdx;

  GlobalVariable *BitMap;

  ArrayType *BufferTy;

  ArrayType *MapTy;


public:

  InstrOrderFile() = default;


  void createOrderFileData(Module &M) {

    LLVMContext &Ctx = M.getContext();

    int NumFunctions = 0;

    for (Function &F : M) {

      if (!F.isDeclaration())

        NumFunctions++;

    }


    BufferTy =

        ArrayType::get(Type::getInt64Ty(Ctx), INSTR_ORDER_FILE_BUFFER_SIZE);

    Type *IdxTy = Type::getInt32Ty(Ctx);

    MapTy = ArrayType::get(Type::getInt8Ty(Ctx), NumFunctions);


    // Create the global variables.

    std::string SymbolName = INSTR_PROF_ORDERFILE_BUFFER_NAME_STR;

    OrderFileBuffer = new GlobalVariable(M, BufferTy, false, GlobalValue::LinkOnceODRLinkage,

                           Constant::getNullValue(BufferTy), SymbolName);

    Triple TT = Triple(M.getTargetTriple());

    OrderFileBuffer->setSection(

        getInstrProfSectionName(IPSK_orderfile, TT.getObjectFormat()));


    std::string IndexName = INSTR_PROF_ORDERFILE_BUFFER_IDX_NAME_STR;

    BufferIdx = new GlobalVariable(M, IdxTy, false, GlobalValue::LinkOnceODRLinkage,

                           Constant::getNullValue(IdxTy), IndexName);


    std::string BitMapName = "bitmap_0";

    BitMap = new GlobalVariable(M, MapTy, false, GlobalValue::PrivateLinkage,

                                Constant::getNullValue(MapTy), BitMapName);

  }


  // Generate the code sequence in the entry block of each function to

  // update the buffer.

  void generateCodeSequence(Module &M, Function &F, int FuncId) {

    if (!ClOrderFileWriteMapping.empty()) {

      std::lock_guard<std::mutex> LogLock(MappingMutex);

      std::error_code EC;

      llvm::raw_fd_ostream OS(ClOrderFileWriteMapping, EC,

                              llvm::sys::fs::OF_Append);

      if (EC) {

        report_fatal_error(Twine("Failed to open ") + ClOrderFileWriteMapping +

                           " to save mapping file for order file instrumentation\n");

      } else {

        std::stringstream stream;

        stream << std::hex << MD5Hash(F.getName());

        std::string singleLine = "MD5 " + stream.str() + " " +

                                 std::string(F.getName()) + '\n';

        OS << singleLine;

      }

    }


    BasicBlock *OrigEntry = &F.getEntryBlock();


    LLVMContext &Ctx = M.getContext();

    IntegerType *Int32Ty = Type::getInt32Ty(Ctx);

    IntegerType *Int8Ty = Type::getInt8Ty(Ctx);


    // Create a new entry block for instrumentation. We will check the bitmap

    // in this basic block.

    BasicBlock *NewEntry =

        BasicBlock::Create(M.getContext(), "order_file_entry", &F, OrigEntry);

    IRBuilder<> entryB(NewEntry);

    // Create a basic block for updating the circular buffer.

    BasicBlock *UpdateOrderFileBB =

        BasicBlock::Create(M.getContext(), "order_file_set", &F, OrigEntry);

    IRBuilder<> updateB(UpdateOrderFileBB);


    // Check the bitmap, if it is already 1, do nothing.

    // Otherwise, set the bit, grab the index, update the buffer.

    Value *IdxFlags[] = {ConstantInt::get(Int32Ty, 0),

                         ConstantInt::get(Int32Ty, FuncId)};

    Value *MapAddr = entryB.CreateGEP(MapTy, BitMap, IdxFlags, "");

    LoadInst *loadBitMap = entryB.CreateLoad(Int8Ty, MapAddr, "");

    entryB.CreateStore(ConstantInt::get(Int8Ty, 1), MapAddr);

    Value *IsNotExecuted =

        entryB.CreateICmpEQ(loadBitMap, ConstantInt::get(Int8Ty, 0));

    entryB.CreateCondBr(IsNotExecuted, UpdateOrderFileBB, OrigEntry);


    // Fill up UpdateOrderFileBB: grab the index, update the buffer!

    Value *IdxVal = updateB.CreateAtomicRMW(

        AtomicRMWInst::Add, BufferIdx, ConstantInt::get(Int32Ty, 1),

        MaybeAlign(), AtomicOrdering::SequentiallyConsistent);

    // We need to wrap around the index to fit it inside the buffer.

    Value *WrappedIdx = updateB.CreateAnd(

        IdxVal, ConstantInt::get(Int32Ty, INSTR_ORDER_FILE_BUFFER_MASK));

    Value *BufferGEPIdx[] = {ConstantInt::get(Int32Ty, 0), WrappedIdx};

    Value *BufferAddr =

        updateB.CreateGEP(BufferTy, OrderFileBuffer, BufferGEPIdx, "");

    updateB.CreateStore(ConstantInt::get(Type::getInt64Ty(Ctx), MD5Hash(F.getName())),

                        BufferAddr);

    updateB.CreateBr(OrigEntry);

  }


  bool run(Module &M) {

    createOrderFileData(M);


    int FuncId = 0;

    for (Function &F : M) {

      if (F.isDeclaration())

        continue;

      generateCodeSequence(M, F, FuncId);

      ++FuncId;

    }


    return true;

  }


}; // End of InstrOrderFile struct

} // End anonymous namespace


PreservedAnalyses

InstrOrderFilePass::run(Module &M, ModuleAnalysisManager &AM) {

  if (InstrOrderFile().run(M))

    return PreservedAnalyses::none();

  return PreservedAnalyses::all();

}

CommandLine.h

Constants.h
This file contains the declarations for the subclasses of Constant, which represent the different fla...

FileSystem.h

GlobalValue.h

IRBuilder.h

Function.h

Module.h
Module.h This file contains the declarations for the Module class.

ClOrderFileWriteMapping
static cl::opt< std::string > ClOrderFileWriteMapping("orderfile-write-mapping", cl::init(""), cl::desc("Dump functions and their MD5 hash to deobfuscate profile data"), cl::Hidden)

InstrOrderFile.h

InstrProf.h

Instructions.h

Instrumentation.h

F
#define F(x, y, z)
Definition: MD5.cpp:55

FuncId
Profile::FuncID FuncId
Definition: Profile.cpp:321

OS
raw_pwrite_stream & OS
Definition: SampleProfWriter.cpp:51

ArrayType
Definition: ItaniumDemangle.h:785

llvm::AnalysisManager
A container for analyses that lazily runs them and caches their results.
Definition: PassManager.h:253

llvm::AtomicRMWInst::Add
@ Add
*p = old + v
Definition: Instructions.h:720

llvm::BasicBlock
LLVM Basic Block Representation.
Definition: BasicBlock.h:61

llvm::BasicBlock::Create
static BasicBlock * Create(LLVMContext &Context, const Twine &Name="", Function *Parent=nullptr, BasicBlock *InsertBefore=nullptr)
Creates a new BasicBlock.
Definition: BasicBlock.h:212

llvm::Constant::getNullValue
static Constant * getNullValue(Type *Ty)
Constructor to create a '0' constant of arbitrary type.
Definition: Constants.cpp:373

llvm::Function
Definition: Function.h:63

llvm::GlobalObject::setSection
void setSection(StringRef S)
Change the section for this global.
Definition: Globals.cpp:273

llvm::GlobalValue::PrivateLinkage
@ PrivateLinkage
Like Internal, but omit from symbol table.
Definition: GlobalValue.h:60

llvm::GlobalValue::LinkOnceODRLinkage
@ LinkOnceODRLinkage
Same, but only replaced by something equivalent.
Definition: GlobalValue.h:55

llvm::GlobalVariable
Definition: GlobalVariable.h:39

llvm::IRBuilder
This provides a uniform API for creating instructions and inserting them into a basic block: either a...
Definition: IRBuilder.h:2705

llvm::InstrOrderFilePass::run
PreservedAnalyses run(Module &M, ModuleAnalysisManager &AM)
Definition: InstrOrderFile.cpp:165

llvm::IntegerType
Class to represent integer types.
Definition: DerivedTypes.h:42

llvm::LLVMContext
This is an important class for using LLVM in a threaded context.
Definition: LLVMContext.h:67

llvm::LoadInst
An instruction for reading from memory.
Definition: Instructions.h:176

llvm::Module
A Module instance is used to store all the information related to an LLVM module.
Definition: Module.h:65

llvm::PreservedAnalyses
A set of analyses that are preserved following a run of a transformation pass.
Definition: Analysis.h:111

llvm::PreservedAnalyses::none
static PreservedAnalyses none()
Convenience factory function for the empty preserved set.
Definition: Analysis.h:114

llvm::PreservedAnalyses::all
static PreservedAnalyses all()
Construct a special preserved set that preserves all passes.
Definition: Analysis.h:117

llvm::Triple
Triple - Helper class for working with autoconf configuration names.
Definition: Triple.h:44

llvm::Twine
Twine - A lightweight data structure for efficiently representing the concatenation of temporary valu...
Definition: Twine.h:81

llvm::Type
The instances of the Type class are immutable: once they are created, they are never changed.
Definition: Type.h:45

llvm::Type::getInt8Ty
static IntegerType * getInt8Ty(LLVMContext &C)

llvm::Type::getInt32Ty
static IntegerType * getInt32Ty(LLVMContext &C)

llvm::Type::getInt64Ty
static IntegerType * getInt64Ty(LLVMContext &C)

llvm::Value
LLVM Value Representation.
Definition: Value.h:74

llvm::cl::opt
Definition: CommandLine.h:1423

llvm::raw_fd_ostream
A raw_ostream that writes to a file descriptor.
Definition: raw_ostream.h:460

llvm::AMDGPU::HSAMD::Kernel::Key::SymbolName
constexpr char SymbolName[]
Key for Kernel::Metadata::mSymbolName.
Definition: AMDGPUMetadata.h:387

llvm::ARM::PredBlockMask::TT
@ TT

llvm::ARM::ProfileKind::M
@ M

llvm::cl::Hidden
@ Hidden
Definition: CommandLine.h:137

llvm::cl::init
initializer< Ty > init(const Ty &Val)
Definition: CommandLine.h:443

llvm::codeview::CompileSym2Flags::EC
@ EC

llvm::dxil::PointerTypeAnalysis::run
PointerTypeMap run(const Module &M)
Compute the PointerTypeMap for the module M.
Definition: PointerTypeAnalysis.cpp:191

llvm::sampleprof::MD5Hash
uint64_t MD5Hash(const FunctionId &Obj)
Definition: FunctionId.h:167

llvm::sys::fs::OF_Append
@ OF_Append
The file should be opened in append mode.
Definition: FileSystem.h:766

llvm
This is an optimization pass for GlobalISel generic memory operations.
Definition: AddressRanges.h:18

llvm::getInstrProfSectionName
std::string getInstrProfSectionName(InstrProfSectKind IPSK, Triple::ObjectFormatType OF, bool AddSegmentInfo=true)
Return the name of the profile section corresponding to IPSK.
Definition: InstrProf.cpp:236

llvm::report_fatal_error
void report_fatal_error(Error Err, bool gen_crash_diag=true)
Report a serious error, calling any installed error handler.
Definition: Error.cpp:167

raw_ostream.h

llvm::MaybeAlign
This struct is a compact representation of a valid (power of two) or undefined (0) alignment.
Definition: Alignment.h:117

llvm::cl::desc
Definition: CommandLine.h:409