LLVM  10.0.0svn
StackProtector.h
Go to the documentation of this file.
1 //===- StackProtector.h - Stack Protector Insertion -------------*- C++ -*-===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This pass inserts stack protectors into functions which need them. A variable
10 // with a random value in it is stored onto the stack before the local variables
11 // are allocated. Upon exiting the block, the stored value is checked. If it's
12 // changed, then there was some sort of violation and the program aborts.
13 //
14 //===----------------------------------------------------------------------===//
15 
16 #ifndef LLVM_CODEGEN_STACKPROTECTOR_H
17 #define LLVM_CODEGEN_STACKPROTECTOR_H
18 
19 #include "llvm/ADT/SmallPtrSet.h"
20 #include "llvm/ADT/Triple.h"
21 #include "llvm/CodeGen/MachineFrameInfo.h"
22 #include "llvm/IR/Instructions.h"
23 #include "llvm/IR/ValueMap.h"
24 #include "llvm/Pass.h"
25 
26 namespace llvm {
27 
28 class BasicBlock;
29 class DominatorTree;
30 class Function;
31 class Instruction;
32 class Module;
33 class TargetLoweringBase;
34 class TargetMachine;
35 class Type;
36 
37 class StackProtector : public FunctionPass {
38 private:
39  /// A mapping of AllocaInsts to their required SSP layout.
40  using SSPLayoutMap = DenseMap<const AllocaInst *,
41  MachineFrameInfo::SSPLayoutKind>;
42 
43  const TargetMachine *TM = nullptr;
44 
45  /// TLI - Keep a pointer of a TargetLowering to consult for determining
46  /// target type sizes.
47  const TargetLoweringBase *TLI = nullptr;
48  Triple Trip;
49 
50  Function *F;
51  Module *M;
52 
53  DominatorTree *DT;
54 
55  /// Layout - Mapping of allocations to the required SSPLayoutKind.
56  /// StackProtector analysis will update this map when determining if an
57  /// AllocaInst triggers a stack protector.
58  SSPLayoutMap Layout;
59 
60  /// The minimum size of buffers that will receive stack smashing
61  /// protection when -fstack-protection is used.
62  unsigned SSPBufferSize = 0;
63 
64  /// VisitedPHIs - The set of PHI nodes visited when determining
65  /// if a variable's reference has been taken. This set
66  /// is maintained to ensure we don't visit the same PHI node multiple
67  /// times.
68  SmallPtrSet<const PHINode *, 16> VisitedPHIs;
69 
70  // A prologue is generated.
71  bool HasPrologue = false;
72 
73  // IR checking code is generated.
74  bool HasIRCheck = false;
75 
76  /// InsertStackProtectors - Insert code into the prologue and epilogue of
77  /// the function.
78  ///
79  /// - The prologue code loads and stores the stack guard onto the stack.
80  /// - The epilogue checks the value stored in the prologue against the
81  /// original value. It calls __stack_chk_fail if they differ.
82  bool InsertStackProtectors();
83 
84  /// CreateFailBB - Create a basic block to jump to when the stack protector
85  /// check fails.
86  BasicBlock *CreateFailBB();
87 
88  /// ContainsProtectableArray - Check whether the type either is an array or
89  /// contains an array of sufficient size so that we need stack protectors
90  /// for it.
91  /// \param [out] IsLarge is set to true if a protectable array is found and
92  /// it is "large" ( >= ssp-buffer-size). In the case of a structure with
93  /// multiple arrays, this gets set if any of them is large.
94  bool ContainsProtectableArray(Type *Ty, bool &IsLarge, bool Strong = false,
95  bool InStruct = false) const;
96 
97  /// Check whether a stack allocation has its address taken.
98  bool HasAddressTaken(const Instruction *AI);
99 
100  /// RequiresStackProtector - Check whether or not this function needs a
101  /// stack protector based upon the stack protector level.
102  bool RequiresStackProtector();
103 
104 public:
105  static char ID; // Pass identification, replacement for typeid.
106 
107  StackProtector() : FunctionPass(ID), SSPBufferSize(8) {
108  initializeStackProtectorPass(*PassRegistry::getPassRegistry());
109  }
110 
111  void getAnalysisUsage(AnalysisUsage &AU) const override;
112 
113  // Return true if StackProtector is supposed to be handled by SelectionDAG.
114  bool shouldEmitSDCheck(const BasicBlock &BB) const;
115 
116  bool runOnFunction(Function &Fn) override;
117 
118  void copyToMachineFrameInfo(MachineFrameInfo &MFI) const;
119 };
120 
121 } // end namespace llvm
122 
123 #endif // LLVM_CODEGEN_STACKPROTECTOR_H
llvm::PassRegistry::getPassRegistry
static PassRegistry * getPassRegistry()
getPassRegistry - Access the global registry object, which is automatically initialized at applicatio...
Definition: PassRegistry.cpp:31
llvm
This class represents lattice values for constants.
Definition: AllocatorList.h:23
llvm::ISD::BasicBlock
Various leaf nodes.
Definition: ISDOpcodes.h:59
llvm::Module
A Module instance is used to store all the information related to an LLVM module. ...
Definition: Module.h:65
llvm::StackProtector::copyToMachineFrameInfo
void copyToMachineFrameInfo(MachineFrameInfo &MFI) const
Definition: StackProtector.cpp:548
llvm::MachineFrameInfo
The MachineFrameInfo class represents an abstract stack frame until prolog/epilog code is inserted...
Definition: MachineFrameInfo.h:106
llvm::DominatorTree
Concrete subclass of DominatorTreeBase that is used to compute a normal dominator tree...
Definition: Dominators.h:144
llvm::StackProtector::runOnFunction
bool runOnFunction(Function &Fn) override
runOnFunction - Virtual method overriden by subclasses to do the per-function processing of the pass...
Definition: StackProtector.cpp:77
llvm::StackProtector::getAnalysisUsage
void getAnalysisUsage(AnalysisUsage &AU) const override
getAnalysisUsage - This function should be overriden by passes that need analysis information to do t...
Definition: StackProtector.cpp:72
llvm::BasicBlock
LLVM Basic Block Representation.
Definition: BasicBlock.h:57
llvm::Type
The instances of the Type class are immutable: once they are created, they are never changed...
Definition: Type.h:46
llvm::AnalysisUsage
Represent the analysis usage information of a pass.
Definition: PassAnalysisSupport.h:42
llvm::FunctionPass
FunctionPass class - This class is used to implement most global optimizations.
Definition: Pass.h:284
llvm::Triple
Triple - Helper class for working with autoconf configuration names.
Definition: Triple.h:43
llvm::TargetLoweringBase
This base class for TargetLowering contains the SelectionDAG-independent parts that can be used from ...
Definition: TargetLowering.h:109
llvm::SmallPtrSet
SmallPtrSet - This class implements a set which is optimized for holding SmallSize or less elements...
Definition: SmallPtrSet.h:417
llvm::MachineFrameInfo::SSPLayoutKind
SSPLayoutKind
Stack Smashing Protection (SSP) rules require that vulnerable stack allocations are located close the...
Definition: MachineFrameInfo.h:110
llvm::initializeStackProtectorPass
void initializeStackProtectorPass(PassRegistry &)
llvm::TargetMachine
Primary interface to the complete machine description for the target machine.
Definition: TargetMachine.h:65
llvm::StackProtector::shouldEmitSDCheck
bool shouldEmitSDCheck(const BasicBlock &BB) const
Definition: StackProtector.cpp:544
llvm::AllocaInst
an instruction to allocate memory on the stack
Definition: Instructions.h:59
Generated on Fri Oct 18 2019 00:33:14 for LLVM by   doxygen 1.8.13