StackProtector.h revision 360784 
1//===- StackProtector.h - Stack Protector Insertion -------------*- C++ -*-===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8//
9// This pass inserts stack protectors into functions which need them. A variable
10// with a random value in it is stored onto the stack before the local variables
11// are allocated. Upon exiting the block, the stored value is checked. If it's
12// changed, then there was some sort of violation and the program aborts.
13//
14//===----------------------------------------------------------------------===//
15
16#ifndef LLVM_CODEGEN_STACKPROTECTOR_H
17#define LLVM_CODEGEN_STACKPROTECTOR_H
18
19#include "llvm/ADT/SmallPtrSet.h"
20#include "llvm/ADT/Triple.h"
21#include "llvm/CodeGen/MachineFrameInfo.h"
22#include "llvm/IR/Instructions.h"
23#include "llvm/IR/ValueMap.h"
24#include "llvm/Pass.h"
25
26namespace llvm {
27
28class BasicBlock;
29class DominatorTree;
30class Function;
31class Instruction;
32class Module;
33class TargetLoweringBase;
34class TargetMachine;
35class Type;
36
37class StackProtector : public FunctionPass {
38private:
39  /// A mapping of AllocaInsts to their required SSP layout.
40  using SSPLayoutMap = DenseMap<const AllocaInst *,
41                                MachineFrameInfo::SSPLayoutKind>;
42
43  const TargetMachine *TM = nullptr;
44
45  /// TLI - Keep a pointer of a TargetLowering to consult for determining
46  /// target type sizes.
47  const TargetLoweringBase *TLI = nullptr;
48  Triple Trip;
49
50  Function *F;
51  Module *M;
52
53  DominatorTree *DT;
54
55  /// Layout - Mapping of allocations to the required SSPLayoutKind.
56  /// StackProtector analysis will update this map when determining if an
57  /// AllocaInst triggers a stack protector.
58  SSPLayoutMap Layout;
59
60  /// The minimum size of buffers that will receive stack smashing
61  /// protection when -fstack-protection is used.
62  unsigned SSPBufferSize = 0;
63
64  /// VisitedPHIs - The set of PHI nodes visited when determining
65  /// if a variable's reference has been taken.  This set
66  /// is maintained to ensure we don't visit the same PHI node multiple
67  /// times.
68  SmallPtrSet<const PHINode *, 16> VisitedPHIs;
69
70  // A prologue is generated.
71  bool HasPrologue = false;
72
73  // IR checking code is generated.
74  bool HasIRCheck = false;
75
76  /// InsertStackProtectors - Insert code into the prologue and epilogue of
77  /// the function.
78  ///
79  ///  - The prologue code loads and stores the stack guard onto the stack.
80  ///  - The epilogue checks the value stored in the prologue against the
81  ///    original value. It calls __stack_chk_fail if they differ.
82  bool InsertStackProtectors();
83
84  /// CreateFailBB - Create a basic block to jump to when the stack protector
85  /// check fails.
86  BasicBlock *CreateFailBB();
87
88  /// ContainsProtectableArray - Check whether the type either is an array or
89  /// contains an array of sufficient size so that we need stack protectors
90  /// for it.
91  /// \param [out] IsLarge is set to true if a protectable array is found and
92  /// it is "large" ( >= ssp-buffer-size).  In the case of a structure with
93  /// multiple arrays, this gets set if any of them is large.
94  bool ContainsProtectableArray(Type *Ty, bool &IsLarge, bool Strong = false,
95                                bool InStruct = false) const;
96
97  /// Check whether a stack allocation has its address taken.
98  bool HasAddressTaken(const Instruction *AI);
99
100  /// RequiresStackProtector - Check whether or not this function needs a
101  /// stack protector based upon the stack protector level.
102  bool RequiresStackProtector();
103
104public:
105  static char ID; // Pass identification, replacement for typeid.
106
107  StackProtector();
108
109  void getAnalysisUsage(AnalysisUsage &AU) const override;
110
111  // Return true if StackProtector is supposed to be handled by SelectionDAG.
112  bool shouldEmitSDCheck(const BasicBlock &BB) const;
113
114  bool runOnFunction(Function &Fn) override;
115
116  void copyToMachineFrameInfo(MachineFrameInfo &MFI) const;
117};
118
119} // end namespace llvm
120
121#endif // LLVM_CODEGEN_STACKPROTECTOR_H
122