[PATCH] D87956: [WIP][IR] add fn attr for no_stack_protector; prevent inlining ssp into no-ssp
Nick Desaulniers via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Sep 18 17:07:22 PDT 2020
nickdesaulniers created this revision.
Herald added subscribers: llvm-commits, cfe-commits, dexonsmith, steven_wu, hiraditya.
Herald added a reviewer: jdoerfert.
Herald added projects: clang, LLVM.
nickdesaulniers requested review of this revision.
It's currently ambiguous in IR whether the source language explicitly
did not want a stack a stack protector (in C, via function attribute
no_stack_protector) or doesn't care for any given function.
Prior to this, developers only had translation unit granularity to
enable or disable stack protectors via command line flags. Now we can do
so on a per function level granularity.
It's common for code that manipulates the stack via inline assembly or
that has to set up its own stack canary (such as the Linux kernel) would
like to avoid stack protectors in certain functions. In this case, we've
been bitten by numerous bugs where a callee with a stack protector is
inlined into an __attribute__((__no_stack_protector__)) caller, which
generally breaks the caller's assumptions about not having a stack
protector. LTO can exacerbate the issue.
While developers can avoid this by putting all no_stack_protector
functions in one translation unit together, it's generally not very
ergonomic or as ergonomic as a function attribute, and still doesn't
work for LTO. See also:
https://lore.kernel.org/linux-pm/20200915172658.1432732-1-rkir@google.com/
Typically, when inlining a callee into a caller, the caller will be
upgraded in its level of stack protection (see adjustCallerSSPLevel()).
By adding an explicit attribute in the IR when the function attribute is
used in the source language, we can now identify such cases and prevent
inlining.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D87956
Files:
clang/lib/CodeGen/CodeGenModule.cpp
clang/test/CodeGen/stack-protector.c
llvm/include/llvm/Bitcode/LLVMBitCodes.h
llvm/include/llvm/IR/Attributes.td
llvm/lib/AsmParser/LLParser.cpp
llvm/lib/AsmParser/LLToken.h
llvm/lib/Bitcode/Writer/BitcodeWriter.cpp
llvm/lib/CodeGen/SafeStack.cpp
llvm/lib/CodeGen/StackProtector.cpp
llvm/lib/IR/Attributes.cpp
llvm/lib/IR/Verifier.cpp
llvm/lib/Transforms/IPO/ForceFunctionAttrs.cpp
llvm/lib/Transforms/Utils/CodeExtractor.cpp
llvm/lib/Transforms/Utils/InlineFunction.cpp
llvm/test/Transforms/CodeExtractor/PartialInlineAttributes.ll
llvm/test/Transforms/Inline/inline_ssp.ll
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D87956.292926.patch
Type: text/x-patch
Size: 11894 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20200919/69a15517/attachment.bin>
More information about the llvm-commits
mailing list