include/llvm/CodeGen/ForwardControlFlowIntegrity.h - external/github.com/kripken/emscripten-fastcomp - Git at Google

 //===-- ForwardControlFlowIntegrity.h: Forward-Edge CFI ---------*- C++ -*-===//
 //
 // This file is distributed under the University of Illinois Open Source
 // License. See LICENSE.TXT for details.
 //
 //===----------------------------------------------------------------------===//
 //
 // This pass instruments indirect calls with checks to ensure that these calls
 // pass through the appropriate jump-instruction table generated by
 // JumpInstrTables.
 //
 //===----------------------------------------------------------------------===//

 #ifndef LLVM_CODEGEN_FORWARDCONTROLFLOWINTEGRITY_H
 #define LLVM_CODEGEN_FORWARDCONTROLFLOWINTEGRITY_H

 #include "llvm/ADT/DenseMap.h"
 #include "llvm/ADT/SmallVector.h"
 #include "llvm/Pass.h"
 #include "llvm/Target/TargetOptions.h"

 #include <string>

 namespace llvm {

 class AnalysisUsage;
 class BasicBlock;
 class Constant;
 class Function;
 class Instruction;
 class Module;
 class Value;

 /// ForwardControlFlowIntegrity uses the information from JumpInstrTableInfo to
 /// prepend checks to indirect calls to make sure that these calls target valid
 /// locations.
 class ForwardControlFlowIntegrity : public ModulePass {
 public:
   static char ID;

   ForwardControlFlowIntegrity();
   ForwardControlFlowIntegrity(JumpTable::JumpTableType JTT,
                               CFIntegrity CFIType,
                               bool CFIEnforcing, std::string CFIFuncName);
   ~ForwardControlFlowIntegrity() override;

   /// Runs the CFI pass on a given module. This works best if the module in
   /// question is the result of link-time optimization (see lib/LTO).
   bool runOnModule(Module &M) override;
   const char *getPassName() const override {
     return "Forward Control-Flow Integrity";
   }
   void getAnalysisUsage(AnalysisUsage &AU) const override;

 private:
   typedef SmallVector<Instruction *, 64> CallSet;

   /// A structure that is used to keep track of constant table information.
   struct CFIConstants {
     Constant *StartValue;
     Constant *MaskValue;
     Constant *Size;
   };

   /// A map from function type to the base of the table for this type and a mask
   /// for the table
   typedef DenseMap<FunctionType *, CFIConstants> CFITables;

   CallSet IndirectCalls;

   /// The type of jumptable implementation.
   JumpTable::JumpTableType JTType;

   /// The type of CFI check to add before each indirect call.
   CFIntegrity CFIType;

   /// A value that controls whether or not CFI violations cause a halt.
   bool CFIEnforcing;

   /// The name of the function to call in case of a CFI violation when
   /// CFIEnforcing is false. There is a default function that ignores
   /// violations.
   std::string CFIFuncName;

   /// The alignment of each entry in the table, from JumpInstrTableInfo. The
   /// JumpInstrTableInfo class always makes this a power of two.
   uint64_t ByteAlignment;

   /// The base-2 logarithm of ByteAlignment, needed for some of the transforms
   /// (like CFIntegrity::Ror)
   unsigned LogByteAlignment;

   /// Adds checks to each indirect call site to make sure that it is calling a
   /// function in our jump table.
   void updateIndirectCalls(Module &M, CFITables &CFIT);

   /// Walks the instructions to find all the indirect calls.
   void getIndirectCalls(Module &M);

   /// Adds a function that handles violations in non-enforcing mode
   /// (!CFIEnforcing). The default warning function simply returns, since the
   /// exact details of how to handle CFI violations depend on the application.
   void addWarningFunction(Module &M);

   /// Rewrites a function pointer in a call/invoke instruction to force it into
   /// a table.
   void rewriteFunctionPointer(Module &M, Instruction *I, Value *FunPtr,
                               Constant *JumpTableStart, Constant *JumpTableMask,
                               Constant *JumpTableSize);

   /// Inserts a check and a call to a warning function at a given instruction
   /// that must be an indirect call.
   void insertWarning(Module &M, BasicBlock *Block, Instruction *I,
                      Value *FunPtr);
 };

 ModulePass *
 createForwardControlFlowIntegrityPass(JumpTable::JumpTableType JTT,
                                       CFIntegrity CFIType,
                                       bool CFIEnforcing, StringRef CFIFuncName);
 }

 #endif // LLVM_CODEGEN_FORWARDCONTROLFLOWINTEGRITY_H
	//===-- ForwardControlFlowIntegrity.h: Forward-Edge CFI ---------- C++ --===//
	//
	// This file is distributed under the University of Illinois Open Source
	// License. See LICENSE.TXT for details.
	//
	//===----------------------------------------------------------------------===//
	//
	// This pass instruments indirect calls with checks to ensure that these calls
	// pass through the appropriate jump-instruction table generated by
	// JumpInstrTables.
	//
	//===----------------------------------------------------------------------===//

	#ifndef LLVM_CODEGEN_FORWARDCONTROLFLOWINTEGRITY_H
	#define LLVM_CODEGEN_FORWARDCONTROLFLOWINTEGRITY_H

	#include "llvm/ADT/DenseMap.h"
	#include "llvm/ADT/SmallVector.h"
	#include "llvm/Pass.h"
	#include "llvm/Target/TargetOptions.h"

	#include <string>

	namespace llvm {

	class AnalysisUsage;
	class BasicBlock;
	class Constant;
	class Function;
	class Instruction;
	class Module;
	class Value;

	/// ForwardControlFlowIntegrity uses the information from JumpInstrTableInfo to
	/// prepend checks to indirect calls to make sure that these calls target valid
	/// locations.
	class ForwardControlFlowIntegrity : public ModulePass {
	public:
	static char ID;

	ForwardControlFlowIntegrity();
	ForwardControlFlowIntegrity(JumpTable::JumpTableType JTT,
	CFIntegrity CFIType,
	bool CFIEnforcing, std::string CFIFuncName);
	~ForwardControlFlowIntegrity() override;

	/// Runs the CFI pass on a given module. This works best if the module in
	/// question is the result of link-time optimization (see lib/LTO).
	bool runOnModule(Module &M) override;
	const char *getPassName() const override {
	return "Forward Control-Flow Integrity";
	}
	void getAnalysisUsage(AnalysisUsage &AU) const override;

	private:
	typedef SmallVector<Instruction *, 64> CallSet;

	/// A structure that is used to keep track of constant table information.
	struct CFIConstants {
	Constant *StartValue;
	Constant *MaskValue;
	Constant *Size;
	};

	/// A map from function type to the base of the table for this type and a mask
	/// for the table
	typedef DenseMap<FunctionType *, CFIConstants> CFITables;

	CallSet IndirectCalls;

	/// The type of jumptable implementation.
	JumpTable::JumpTableType JTType;

	/// The type of CFI check to add before each indirect call.
	CFIntegrity CFIType;

	/// A value that controls whether or not CFI violations cause a halt.
	bool CFIEnforcing;

	/// The name of the function to call in case of a CFI violation when
	/// CFIEnforcing is false. There is a default function that ignores
	/// violations.
	std::string CFIFuncName;

	/// The alignment of each entry in the table, from JumpInstrTableInfo. The
	/// JumpInstrTableInfo class always makes this a power of two.
	uint64_t ByteAlignment;

	/// The base-2 logarithm of ByteAlignment, needed for some of the transforms
	/// (like CFIntegrity::Ror)
	unsigned LogByteAlignment;

	/// Adds checks to each indirect call site to make sure that it is calling a
	/// function in our jump table.
	void updateIndirectCalls(Module &M, CFITables &CFIT);

	/// Walks the instructions to find all the indirect calls.
	void getIndirectCalls(Module &M);

	/// Adds a function that handles violations in non-enforcing mode
	/// (!CFIEnforcing). The default warning function simply returns, since the
	/// exact details of how to handle CFI violations depend on the application.
	void addWarningFunction(Module &M);

	/// Rewrites a function pointer in a call/invoke instruction to force it into
	/// a table.
	void rewriteFunctionPointer(Module &M, Instruction I, Value FunPtr,
	Constant JumpTableStart, Constant JumpTableMask,
	Constant *JumpTableSize);

	/// Inserts a check and a call to a warning function at a given instruction
	/// that must be an indirect call.
	void insertWarning(Module &M, BasicBlock Block, Instruction I,
	Value *FunPtr);
	};

	ModulePass *
	createForwardControlFlowIntegrityPass(JumpTable::JumpTableType JTT,
	CFIntegrity CFIType,
	bool CFIEnforcing, StringRef CFIFuncName);
	}

	#endif // LLVM_CODEGEN_FORWARDCONTROLFLOWINTEGRITY_H