[PATCH] D22258: [compiler-rt] Enhance funcion padding detection for function interception

Etienne Bergeron via llvm-commits llvm-commits at lists.llvm.org
Mon Jul 11 22:37:32 PDT 2016 

etienneb created this revision.
etienneb added a reviewer: rnk.
etienneb added subscribers: chrisha, wang0109, llvm-commits.

Many CRT (64-bits) functions contains a "hint-nop". The current padding
detection is not able to recognize the 10-bytes padding and the HotPatch
hooking technique cannot be used.

Other patterns may be discover and may be added later.

http://reviews.llvm.org/D22258

Files:
  lib/interception/interception_win.cc

Index: lib/interception/interception_win.cc
===================================================================
--- lib/interception/interception_win.cc
+++ lib/interception/interception_win.cc
@@ -202,6 +202,29 @@
   return true;
 }
 
+static const u8 kHintNop10Bytes[] = {
+  0x66, 0x66, 0x0F, 0x1F, 0x84,
+  0x00, 0x00, 0x00, 0x00, 0x00
+};
+
+template<class T>
+NOINLINE static bool FunctionHasPrefix(uptr address, const T &pattern) {
+  u8* function = (u8*)address - sizeof(pattern);
+  for (size_t i = 0; i < sizeof(pattern); ++i)
+    if (function[i] != pattern[i])
+      return false;
+  return true;
+}
+
+NOINLINE static bool FunctionHasPadding(uptr address, uptr size) {
+  if (IsMemoryPadding(address - size, size))
+    return true;
+  if (size <= sizeof(kHintNop10Bytes) &&
+      FunctionHasPrefix(address, kHintNop10Bytes))
+    return true;
+  return false;
+}
+
 static void WritePadding(uptr from, uptr size) {
   _memset((void*)from, 0xCC, (size_t)size);
 }
@@ -617,7 +640,7 @@
   // Validate that the function is hot patchable.
   size_t instruction_size = GetInstructionSize(old_func);
   if (instruction_size < kShortJumpInstructionLength ||
-      !IsMemoryPadding(header, kHotPatchHeaderLen))
+      !FunctionHasPadding(old_func, kHotPatchHeaderLen))
     return false;
 
   if (orig_old_func) {


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D22258.63639.patch
Type: text/x-patch
Size: 1322 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20160712/81283f1e/attachment.bin>

More information about the llvm-commits mailing list