- User Since
- Dec 16 2015, 4:37 PM (208 w, 2 d)
Feb 9 2017
Only link safestacksepseg, not safestack. I changed the build configuration for safestacksepseg to also include the files in safestack.
- Reserve space during runtime library initialization for safe stacks to be allocated later. This helps to prevent ordinary data from being allocated at addresses that could lead to bound check violations.
- Protect the variable that records the address of the most recent safe stack by moving it above the bound.
- Add MprotectReadWrite to sanitizer_posix.cc.
Feb 7 2017
Removed the portions that are specific to 32-bit segmentation. I plan to resubmit those later as a separate patch.
Jan 27 2017
I don't have a test case yet, since I have only encountered this issue while developing a pass that I have not yet open-sourced. However, I'll look for where else this routine is used and I'll see if I can generate a test based on that.
Jan 18 2017
Dec 5 2016
Nov 29 2016
Mark EAX as not being derived from any possible stack pointer registers after calls.
Nov 28 2016
Nov 16 2016
Converted a condition into an assertion in AddrRegReqs::lookupRoots.
Nov 2 2016
Eliminated unnecessary space in template instantiation.
Revised test for half-open intervals to cover using setStop to create an interval with a length of 1.
Nov 1 2016
Disabled linking of the compiler-rt SafeStack runtime library for musl
environments rather than for targets that use the separate stack segment
feature. This reflects changes in my proposed musl libc patches to add
architecture-independent support for storing USP in the TCB.
Oct 31 2016
Updated so that USP is stored in TCB for all musl libc environments on X86,
rather than just those on Linux with the separate stack segment feature enabled.
Oct 29 2016
Oct 28 2016
Added unit tests.
Sounds good, thanks. :)
The revised assertion will fail in that case. Is deleting the interval actually the desired behavior?
Oct 27 2016
Oct 25 2016
I was able to setup a temporary thread control block early enough in musl libc initialization to obviate the need for an attribute like runtime_init.
I was able to setup a temporary thread control block early enough in musl libc initialization to obviate the need for this patch.
Oct 24 2016
You're correct that there are simpler ways to handle runtime initialization. I have been able to modify musl libc to successfully initialize based on this revised patch. I also no longer need D19853. I use -force-attribute instead.
We've had the same problem on Android, and were able to solve it entirely on the libc side:
I'll try to move initialization of a basic thread control block containing the USP early enough in musl libc to avoid the need for this patch. I'll report back after I've had a chance to try that.
Alternatively, consider moving this code into a runtime library function. Then SafeStack instrumentation would just call a function in the prologue instead of reading from a global. This would be good for code size.
This revised patch uses the existing code that calls out to __safestack_pointer_address.
Changed name of attribute to safestack_call_for_usp.
Invoke a __safestack_pointer_address function instead of generating inline code to select and access multiple USPs.
Added -sep-stk-seg-flat-mem-func option to specify functions that use a flat memory model.
Fixed bug in StackPtrSpillReqs::supply to prevent coalescing of ranges that need to remain separate.
Oct 20 2016
Oct 19 2016
Revised patch so that it no longer modifies X86 subtarget.
Oct 11 2016
Add new pass to registry.
Convert tests to MIR form.
Update tests to reflect previous removal of assertion for certain stores of stack pointers.
Oct 10 2016
Use Subtarget.getTargetTriple().isOSContiki instead of Subtarget.isTargetContiki.
Make TargetLoweringBase::getDefaultSafeStackPointerLocation non-virtual.
Remove isTargetContiki from X86Subtarget.
Oct 6 2016
Oct 5 2016
The hexagon-build-02 buildbot detected failures caused by this patch: http://lab.llvm.org:8011/builders/llvm-hexagon-elf/builds/34095 The "Target machine is required" error is being reported. I was able to reproduce those failures by building a version of LLVM that only targets Hexagon. I'm surprised by these failures, since I would expect such a toolchain to simply report that the test is unsupported given that X86 triples are specified on the opt command lines. I don't yet know of a good way to revise this patch to resolve those failures while still avoiding duplicating code in D19852.
Sep 28 2016
Avoids erasing previous derivation data when a register is both used and defined in an instruction.
Ignores implicit and undef registers when tracking derivation.
Removes code and associated options for tracking variadic argument pointers.
Eliminates assert on storing stack pointers to memory.
Sep 27 2016
Sep 26 2016
Reworded a comment.
Convert assert to report_fatal_error.
Sep 24 2016
Refactored to avoid duplicating code.
Sep 23 2016
Sep 22 2016
Fixed a bug in how segment switching instructions were inserted around string instructions.
Made comment indentation more consistent.
Added support for tracking the flow of stack pointer values through instructions with multiple register inputs (e.g. CMOV instructions).
Enhanced spill/fill tracking to support functions with eliminated frame pointers.
Selected more efficient data structures.
Revised AddrRegReqs::derive to reflect the fact that stack pointer values do not flow through the flags register.
Sep 19 2016
ping. Please keep in mind that this is independent of my patches for supporting a separate stack segment. This patch is needed to enable SafeStack for Contiki OS.
Sep 9 2016
Sep 2 2016
Revise StackPtrSpillReqs::addPredecessor to correctly handle the case when Demand is empty.
Revise comments and fix whitespace.
Sep 1 2016
Fixed indentation of Contiki constructor in ToolChains.h.
Moved new OS type definition to end of list.
Jun 10 2016
Added driver test.
Jun 9 2016
Jun 8 2016
This patch and D19854 are useful independent of my segmentation-related patches. I also have a Contiki OS patch that is blocked on these. So, I would appreciate having these reviewed separately from my other patches. Thanks!