[llvm-commits] [PATCH] -fstack-protector-strong parts 1 and 2

Magee, Josh Joshua.Magee at am.sony.com
Mon Jan 14 19:36:46 PST 2013 

Ping - with updated patches.

Part 1 is an updated version of my previously attached patch, which adds the IR attribute  'sspstrong'.
I could see that this patch by itself may not be that interesting or helpful in seeing where this feature is going, so attached the second patch as well.  Part 2 implements the strong heuristic itself.
The requirements of the strong heuristic are:
* A Protector is required for functions which contain an array, regardless of type or length.
* A Protector is required for functions which contain a structure/union which
  contains an array, regardless of type or length.  Note, there is no limit to the depth of nesting.
* A protector is required when the address of a local variable (i.e., stack based variable) is exposed.  (E.g., such as through a local whose address is taken as part of the RHS of an assignment or a local whose address is taken as part of a function argument.)

One of the requirements for standard SSP mode (-fstack-protector) was not fully met, so it needed to be tweaked.
The requirements for the standard heuristic are:
* Protector is required for a functions which contain a call to alloca with a variable size or constant size greater than ssp-buffer-size (default 8).
The existing implementation would enable protectors for all calls to alloca.

Please ask questions / make comments.

The remaining patches are:
Part 3 - Data layout Rules (Implements stricter data layout rules to place SSP-triggering variables closer to the protector)
Part 4 - Clang Command line options
Part 5 - Clang Attributes

In the spirit of delivering in small increments, I would prefer to get the current patches reviewed before sending additional ones. :-)


Thanks,
Josh


________________________________________
From: llvm-commits-bounces at cs.uiuc.edu [llvm-commits-bounces at cs.uiuc.edu] on behalf of Magee, Josh [Joshua.Magee at am.sony.com]
Sent: 21 November 2012 17:50
To: llvm-commits at cs.uiuc.edu
Subject: [llvm-commits] [PATCH] -fstack-protector-strong part 1: sspstrong      IR attribute

Hi,

This is the first patch for an implementation of ssp-strong previously
proposed to llvm-dev:
http://lists.cs.uiuc.edu/pipermail/llvmdev/2012-October/053931.html

This patch adds the IR attribute 'sspstrong'.  For now, sspstrong is treated
identically to sspreq.  The actual "strong" heuristic will be provided in a
subsequent patch.

Rather than updating the documentation at the end, I plan to keep it in sync
with each patch.  For now it lists 'sspstrong' as being equivalent to 'sspreq',
but once the heuristic is in place then the docs will be updated accordingly.
(If preferred the documentation could be provided at the end, but I thought
delivering it incrementally along with the code would be better.)

Thanks,
Josh
-------------- next part --------------
A non-text attachment was scrubbed...
Name: part1-sspstrong-ir-attribute.diff
Type: application/octet-stream
Size: 40363 bytes
Desc: part1-sspstrong-ir-attribute.diff
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20130115/a602b800/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: part2-sspstrong-heuristic.diff
Type: application/octet-stream
Size: 83644 bytes
Desc: part2-sspstrong-heuristic.diff
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20130115/a602b800/attachment-0001.obj>

More information about the llvm-commits mailing list