[PATCH] D65968: hwasan: Add a code model check for tagged globals.

Peter Collingbourne via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Thu Aug 8 13:19:00 PDT 2019 

pcc created this revision.
pcc added a reviewer: eugenis.
Herald added subscribers: Sanitizers, kubamracek.
Herald added projects: Sanitizers, LLVM.

See D65364 <https://reviews.llvm.org/D65364> for the code model requirements for tagged globals. Because
of the relocations used these requirements cannot be checked at link
time so they must be checked at runtime.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D65968

Files:
  compiler-rt/lib/hwasan/hwasan.cpp


Index: compiler-rt/lib/hwasan/hwasan.cpp
===================================================================
--- compiler-rt/lib/hwasan/hwasan.cpp
+++ compiler-rt/lib/hwasan/hwasan.cpp
@@ -240,13 +240,39 @@
   s32 end_relptr;
 };
 
+// Check that the given library meets the code model requirements for tagged
+// globals. These properties are not checked at link time so they need to be
+// checked at runtime.
+static void CheckCodeModel(ElfW(Addr) base, const ElfW(Phdr) * phdr,
+                           ElfW(Half) phnum) {
+  ElfW(Addr) min_addr = -1ull, max_addr = 0;
+  for (unsigned i = 0; i != phnum; ++i) {
+    if (phdr[i].p_type != PT_LOAD)
+      continue;
+    ElfW(Addr) lo = base + phdr[i].p_vaddr, hi = lo + phdr[i].p_memsz;
+    if (min_addr > lo)
+      min_addr = lo;
+    if (max_addr < hi)
+      max_addr = hi;
+  }
+
+  if (max_addr - min_addr > 1ull << 32) {
+    Report("FATAL: HWAddressSanitizer: library size exceeds 2^32\n");
+    Die();
+  }
+  if (max_addr > 1ull << 48) {
+    Report("FATAL: HWAddressSanitizer: library loaded above address 2^48\n");
+    Die();
+  }
+}
+
 static void InitGlobalsFromPhdrs(ElfW(Addr) base, const ElfW(Phdr) * phdr,
                                  ElfW(Half) phnum) {
-  for (; phnum != 0; ++phdr, --phnum) {
-    if (phdr->p_type != PT_NOTE)
+  for (unsigned i = 0; i != phnum; ++i) {
+    if (phdr[i].p_type != PT_NOTE)
       continue;
-    const char *note = reinterpret_cast<const char *>(base + phdr->p_vaddr);
-    const char *nend = note + phdr->p_memsz;
+    const char *note = reinterpret_cast<const char *>(base + phdr[i].p_vaddr);
+    const char *nend = note + phdr[i].p_memsz;
     while (note < nend) {
       auto *nhdr = reinterpret_cast<const ElfW(Nhdr) *>(note);
       const char *name = note + sizeof(ElfW(Nhdr));
@@ -257,6 +283,10 @@
         continue;
       }
 
+      // Only libraries with instrumented globals need to be checked against the
+      // code model since they use relocations that aren't checked at link time.
+      CheckCodeModel(base, phdr, phnum);
+
       auto *global_note = reinterpret_cast<const hwasan_global_note *>(desc);
       auto *global_begin = reinterpret_cast<const hwasan_global *>(
           note + global_note->begin_relptr);


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D65968.214219.patch
Type: text/x-patch
Size: 2257 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20190808/28a14894/attachment.bin>

More information about the llvm-commits mailing list