[PATCH] D38379: First (real) implementation of llvm-cfi-verify.

Mitch Phillips via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Thu Sep 28 13:06:01 PDT 2017 

hctim created this revision.
Herald added a subscriber: mgorny.

This is the first commit of a real implementation of llvm-cfi-verify. The FileVerifier class is the interface for CFI validation over a provided file. It traverses the file, disassembles it and exposes public methods for CFI validation.

The most important exposed method is "isCFIProtected" which will allow you to verify whether the provided indirect call/jump is CFI protected. It does this by building a control flow graph around the instruction with all control flows known at compile time. It then analyses this graph to see whether the indirect control flow is (likely) protected by CFI.

This implementaion currently only identifies and is tested for x86_64 elf binaries. It may work with other architectures, although this is not guaranteed.

This commit also adds this tool as part of the unit testing framework.

Further work is required to reduce the false-positive rate of CFI-unprotected instruction detection. The tool already ignores ELF sections that are non-executable, but executable sections such as '.text' contain a lot of 'executable data'. This data is still disassembled and analysed as if it were code, and as such usually results in a false positive for a CFI-unprotected instruction, even though no execution of this data should take place under normal execution.

This is a large first commit (sorry) as it implements basic functionality. Further commits will be far more incremental.


https://reviews.llvm.org/D38379

Files:
  tools/llvm-cfi-verify/CMakeLists.txt
  tools/llvm-cfi-verify/FileVerifier.cpp
  tools/llvm-cfi-verify/FileVerifier.h
  tools/llvm-cfi-verify/llvm-cfi-verify.cpp
  tools/llvm-cfi-verify/unittests/
  tools/llvm-cfi-verify/unittests/CMakeLists.txt
  tools/llvm-cfi-verify/unittests/FileVerifier.cpp
  unittests/CMakeLists.txt

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D38379.117042.patch
Type: text/x-patch
Size: 86742 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170928/feacc240/attachment.bin>

More information about the llvm-commits mailing list