1 //==-- X86LoadValueInjectionLoadHardening.cpp - LVI load hardening for x86 --=// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 /// 9 /// Description: This pass finds Load Value Injection (LVI) gadgets consisting 10 /// of a load from memory (i.e., SOURCE), and any operation that may transmit 11 /// the value loaded from memory over a covert channel, or use the value loaded 12 /// from memory to determine a branch/call target (i.e., SINK). After finding 13 /// all such gadgets in a given function, the pass minimally inserts LFENCE 14 /// instructions in such a manner that the following property is satisfied: for 15 /// all SOURCE+SINK pairs, all paths in the CFG from SOURCE to SINK contain at 16 /// least one LFENCE instruction. The algorithm that implements this minimal 17 /// insertion is influenced by an academic paper that minimally inserts memory 18 /// fences for high-performance concurrent programs: 19 /// http://www.cs.ucr.edu/~lesani/companion/oopsla15/OOPSLA15.pdf 20 /// The algorithm implemented in this pass is as follows: 21 /// 1. Build a condensed CFG (i.e., a GadgetGraph) consisting only of the 22 /// following components: 23 /// - SOURCE instructions (also includes function arguments) 24 /// - SINK instructions 25 /// - Basic block entry points 26 /// - Basic block terminators 27 /// - LFENCE instructions 28 /// 2. Analyze the GadgetGraph to determine which SOURCE+SINK pairs (i.e., 29 /// gadgets) are already mitigated by existing LFENCEs. If all gadgets have been 30 /// mitigated, go to step 6. 31 /// 3. Use a heuristic or plugin to approximate minimal LFENCE insertion. 32 /// 4. Insert one LFENCE along each CFG edge that was cut in step 3. 33 /// 5. Go to step 2. 34 /// 6. If any LFENCEs were inserted, return `true` from runOnMachineFunction() 35 /// to tell LLVM that the function was modified. 36 /// 37 //===----------------------------------------------------------------------===// 38 39 #include "ImmutableGraph.h" 40 #include "X86.h" 41 #include "X86Subtarget.h" 42 #include "X86TargetMachine.h" 43 #include "llvm/ADT/DenseMap.h" 44 #include "llvm/ADT/DenseSet.h" 45 #include "llvm/ADT/STLExtras.h" 46 #include "llvm/ADT/SmallSet.h" 47 #include "llvm/ADT/Statistic.h" 48 #include "llvm/ADT/StringRef.h" 49 #include "llvm/CodeGen/MachineBasicBlock.h" 50 #include "llvm/CodeGen/MachineDominanceFrontier.h" 51 #include "llvm/CodeGen/MachineDominators.h" 52 #include "llvm/CodeGen/MachineFunction.h" 53 #include "llvm/CodeGen/MachineFunctionPass.h" 54 #include "llvm/CodeGen/MachineInstr.h" 55 #include "llvm/CodeGen/MachineInstrBuilder.h" 56 #include "llvm/CodeGen/MachineLoopInfo.h" 57 #include "llvm/CodeGen/MachineRegisterInfo.h" 58 #include "llvm/CodeGen/RDFGraph.h" 59 #include "llvm/CodeGen/RDFLiveness.h" 60 #include "llvm/InitializePasses.h" 61 #include "llvm/Support/CommandLine.h" 62 #include "llvm/Support/DOTGraphTraits.h" 63 #include "llvm/Support/Debug.h" 64 #include "llvm/Support/DynamicLibrary.h" 65 #include "llvm/Support/GraphWriter.h" 66 #include "llvm/Support/raw_ostream.h" 67 68 using namespace llvm; 69 70 #define PASS_KEY "x86-lvi-load" 71 #define DEBUG_TYPE PASS_KEY 72 73 STATISTIC(NumFences, "Number of LFENCEs inserted for LVI mitigation"); 74 STATISTIC(NumFunctionsConsidered, "Number of functions analyzed"); 75 STATISTIC(NumFunctionsMitigated, "Number of functions for which mitigations " 76 "were deployed"); 77 STATISTIC(NumGadgets, "Number of LVI gadgets detected during analysis"); 78 79 static cl::opt<std::string> OptimizePluginPath( 80 PASS_KEY "-opt-plugin", 81 cl::desc("Specify a plugin to optimize LFENCE insertion"), cl::Hidden); 82 83 static cl::opt<bool> NoConditionalBranches( 84 PASS_KEY "-no-cbranch", 85 cl::desc("Don't treat conditional branches as disclosure gadgets. This " 86 "may improve performance, at the cost of security."), 87 cl::init(false), cl::Hidden); 88 89 static cl::opt<bool> EmitDot( 90 PASS_KEY "-dot", 91 cl::desc( 92 "For each function, emit a dot graph depicting potential LVI gadgets"), 93 cl::init(false), cl::Hidden); 94 95 static cl::opt<bool> EmitDotOnly( 96 PASS_KEY "-dot-only", 97 cl::desc("For each function, emit a dot graph depicting potential LVI " 98 "gadgets, and do not insert any fences"), 99 cl::init(false), cl::Hidden); 100 101 static cl::opt<bool> EmitDotVerify( 102 PASS_KEY "-dot-verify", 103 cl::desc("For each function, emit a dot graph to stdout depicting " 104 "potential LVI gadgets, used for testing purposes only"), 105 cl::init(false), cl::Hidden); 106 107 static llvm::sys::DynamicLibrary OptimizeDL; 108 typedef int (*OptimizeCutT)(unsigned int *Nodes, unsigned int NodesSize, 109 unsigned int *Edges, int *EdgeValues, 110 int *CutEdges /* out */, unsigned int EdgesSize); 111 static OptimizeCutT OptimizeCut = nullptr; 112 113 namespace { 114 115 struct MachineGadgetGraph : ImmutableGraph<MachineInstr *, int> { 116 static constexpr int GadgetEdgeSentinel = -1; 117 static constexpr MachineInstr *const ArgNodeSentinel = nullptr; 118 119 using GraphT = ImmutableGraph<MachineInstr *, int>; 120 using Node = typename GraphT::Node; 121 using Edge = typename GraphT::Edge; 122 using size_type = typename GraphT::size_type; 123 MachineGadgetGraph(std::unique_ptr<Node[]> Nodes, 124 std::unique_ptr<Edge[]> Edges, size_type NodesSize, 125 size_type EdgesSize, int NumFences = 0, int NumGadgets = 0) 126 : GraphT(std::move(Nodes), std::move(Edges), NodesSize, EdgesSize), 127 NumFences(NumFences), NumGadgets(NumGadgets) {} 128 static inline bool isCFGEdge(const Edge &E) { 129 return E.getValue() != GadgetEdgeSentinel; 130 } 131 static inline bool isGadgetEdge(const Edge &E) { 132 return E.getValue() == GadgetEdgeSentinel; 133 } 134 int NumFences; 135 int NumGadgets; 136 }; 137 138 class X86LoadValueInjectionLoadHardeningPass : public MachineFunctionPass { 139 public: 140 X86LoadValueInjectionLoadHardeningPass() : MachineFunctionPass(ID) {} 141 142 StringRef getPassName() const override { 143 return "X86 Load Value Injection (LVI) Load Hardening"; 144 } 145 void getAnalysisUsage(AnalysisUsage &AU) const override; 146 bool runOnMachineFunction(MachineFunction &MF) override; 147 148 static char ID; 149 150 private: 151 using GraphBuilder = ImmutableGraphBuilder<MachineGadgetGraph>; 152 using Edge = MachineGadgetGraph::Edge; 153 using Node = MachineGadgetGraph::Node; 154 using EdgeSet = MachineGadgetGraph::EdgeSet; 155 using NodeSet = MachineGadgetGraph::NodeSet; 156 157 const X86Subtarget *STI; 158 const TargetInstrInfo *TII; 159 const TargetRegisterInfo *TRI; 160 161 std::unique_ptr<MachineGadgetGraph> 162 getGadgetGraph(MachineFunction &MF, const MachineLoopInfo &MLI, 163 const MachineDominatorTree &MDT, 164 const MachineDominanceFrontier &MDF) const; 165 int hardenLoadsWithPlugin(MachineFunction &MF, 166 std::unique_ptr<MachineGadgetGraph> Graph) const; 167 int hardenLoadsWithHeuristic(MachineFunction &MF, 168 std::unique_ptr<MachineGadgetGraph> Graph) const; 169 int elimMitigatedEdgesAndNodes(MachineGadgetGraph &G, 170 EdgeSet &ElimEdges /* in, out */, 171 NodeSet &ElimNodes /* in, out */) const; 172 std::unique_ptr<MachineGadgetGraph> 173 trimMitigatedEdges(std::unique_ptr<MachineGadgetGraph> Graph) const; 174 void findAndCutEdges(MachineGadgetGraph &G, 175 EdgeSet &CutEdges /* out */) const; 176 int insertFences(MachineFunction &MF, MachineGadgetGraph &G, 177 EdgeSet &CutEdges /* in, out */) const; 178 bool instrUsesRegToAccessMemory(const MachineInstr &I, unsigned Reg) const; 179 bool instrUsesRegToBranch(const MachineInstr &I, unsigned Reg) const; 180 inline bool isFence(const MachineInstr *MI) const { 181 return MI && (MI->getOpcode() == X86::LFENCE || 182 (STI->useLVIControlFlowIntegrity() && MI->isCall())); 183 } 184 }; 185 186 } // end anonymous namespace 187 188 namespace llvm { 189 190 template <> 191 struct GraphTraits<MachineGadgetGraph *> 192 : GraphTraits<ImmutableGraph<MachineInstr *, int> *> {}; 193 194 template <> 195 struct DOTGraphTraits<MachineGadgetGraph *> : DefaultDOTGraphTraits { 196 using GraphType = MachineGadgetGraph; 197 using Traits = llvm::GraphTraits<GraphType *>; 198 using NodeRef = typename Traits::NodeRef; 199 using EdgeRef = typename Traits::EdgeRef; 200 using ChildIteratorType = typename Traits::ChildIteratorType; 201 using ChildEdgeIteratorType = typename Traits::ChildEdgeIteratorType; 202 203 DOTGraphTraits(bool IsSimple = false) : DefaultDOTGraphTraits(IsSimple) {} 204 205 std::string getNodeLabel(NodeRef Node, GraphType *) { 206 if (Node->getValue() == MachineGadgetGraph::ArgNodeSentinel) 207 return "ARGS"; 208 209 std::string Str; 210 raw_string_ostream OS(Str); 211 OS << *Node->getValue(); 212 return OS.str(); 213 } 214 215 static std::string getNodeAttributes(NodeRef Node, GraphType *) { 216 MachineInstr *MI = Node->getValue(); 217 if (MI == MachineGadgetGraph::ArgNodeSentinel) 218 return "color = blue"; 219 if (MI->getOpcode() == X86::LFENCE) 220 return "color = green"; 221 return ""; 222 } 223 224 static std::string getEdgeAttributes(NodeRef, ChildIteratorType E, 225 GraphType *) { 226 int EdgeVal = (*E.getCurrent()).getValue(); 227 return EdgeVal >= 0 ? "label = " + std::to_string(EdgeVal) 228 : "color = red, style = \"dashed\""; 229 } 230 }; 231 232 } // end namespace llvm 233 234 constexpr MachineInstr *MachineGadgetGraph::ArgNodeSentinel; 235 constexpr int MachineGadgetGraph::GadgetEdgeSentinel; 236 237 char X86LoadValueInjectionLoadHardeningPass::ID = 0; 238 239 void X86LoadValueInjectionLoadHardeningPass::getAnalysisUsage( 240 AnalysisUsage &AU) const { 241 MachineFunctionPass::getAnalysisUsage(AU); 242 AU.addRequired<MachineLoopInfo>(); 243 AU.addRequired<MachineDominatorTree>(); 244 AU.addRequired<MachineDominanceFrontier>(); 245 AU.setPreservesCFG(); 246 } 247 248 static void writeGadgetGraph(raw_ostream &OS, MachineFunction &MF, 249 MachineGadgetGraph *G) { 250 WriteGraph(OS, G, /*ShortNames*/ false, 251 "Speculative gadgets for \"" + MF.getName() + "\" function"); 252 } 253 254 bool X86LoadValueInjectionLoadHardeningPass::runOnMachineFunction( 255 MachineFunction &MF) { 256 LLVM_DEBUG(dbgs() << "***** " << getPassName() << " : " << MF.getName() 257 << " *****\n"); 258 STI = &MF.getSubtarget<X86Subtarget>(); 259 if (!STI->useLVILoadHardening()) 260 return false; 261 262 // FIXME: support 32-bit 263 if (!STI->is64Bit()) 264 report_fatal_error("LVI load hardening is only supported on 64-bit", false); 265 266 // Don't skip functions with the "optnone" attr but participate in opt-bisect. 267 const Function &F = MF.getFunction(); 268 if (!F.hasOptNone() && skipFunction(F)) 269 return false; 270 271 ++NumFunctionsConsidered; 272 TII = STI->getInstrInfo(); 273 TRI = STI->getRegisterInfo(); 274 LLVM_DEBUG(dbgs() << "Building gadget graph...\n"); 275 const auto &MLI = getAnalysis<MachineLoopInfo>(); 276 const auto &MDT = getAnalysis<MachineDominatorTree>(); 277 const auto &MDF = getAnalysis<MachineDominanceFrontier>(); 278 std::unique_ptr<MachineGadgetGraph> Graph = getGadgetGraph(MF, MLI, MDT, MDF); 279 LLVM_DEBUG(dbgs() << "Building gadget graph... Done\n"); 280 if (Graph == nullptr) 281 return false; // didn't find any gadgets 282 283 if (EmitDotVerify) { 284 writeGadgetGraph(outs(), MF, Graph.get()); 285 return false; 286 } 287 288 if (EmitDot || EmitDotOnly) { 289 LLVM_DEBUG(dbgs() << "Emitting gadget graph...\n"); 290 std::error_code FileError; 291 std::string FileName = "lvi."; 292 FileName += MF.getName(); 293 FileName += ".dot"; 294 raw_fd_ostream FileOut(FileName, FileError); 295 if (FileError) 296 errs() << FileError.message(); 297 writeGadgetGraph(FileOut, MF, Graph.get()); 298 FileOut.close(); 299 LLVM_DEBUG(dbgs() << "Emitting gadget graph... Done\n"); 300 if (EmitDotOnly) 301 return false; 302 } 303 304 int FencesInserted; 305 if (!OptimizePluginPath.empty()) { 306 if (!OptimizeDL.isValid()) { 307 std::string ErrorMsg; 308 OptimizeDL = llvm::sys::DynamicLibrary::getPermanentLibrary( 309 OptimizePluginPath.c_str(), &ErrorMsg); 310 if (!ErrorMsg.empty()) 311 report_fatal_error("Failed to load opt plugin: \"" + ErrorMsg + '\"'); 312 OptimizeCut = (OptimizeCutT)OptimizeDL.getAddressOfSymbol("optimize_cut"); 313 if (!OptimizeCut) 314 report_fatal_error("Invalid optimization plugin"); 315 } 316 FencesInserted = hardenLoadsWithPlugin(MF, std::move(Graph)); 317 } else { // Use the default greedy heuristic 318 FencesInserted = hardenLoadsWithHeuristic(MF, std::move(Graph)); 319 } 320 321 if (FencesInserted > 0) 322 ++NumFunctionsMitigated; 323 NumFences += FencesInserted; 324 return (FencesInserted > 0); 325 } 326 327 std::unique_ptr<MachineGadgetGraph> 328 X86LoadValueInjectionLoadHardeningPass::getGadgetGraph( 329 MachineFunction &MF, const MachineLoopInfo &MLI, 330 const MachineDominatorTree &MDT, 331 const MachineDominanceFrontier &MDF) const { 332 using namespace rdf; 333 334 // Build the Register Dataflow Graph using the RDF framework 335 TargetOperandInfo TOI{*TII}; 336 DataFlowGraph DFG{MF, *TII, *TRI, MDT, MDF, TOI}; 337 DFG.build(); 338 Liveness L{MF.getRegInfo(), DFG}; 339 L.computePhiInfo(); 340 341 GraphBuilder Builder; 342 using GraphIter = typename GraphBuilder::BuilderNodeRef; 343 DenseMap<MachineInstr *, GraphIter> NodeMap; 344 int FenceCount = 0, GadgetCount = 0; 345 auto MaybeAddNode = [&NodeMap, &Builder](MachineInstr *MI) { 346 auto Ref = NodeMap.find(MI); 347 if (Ref == NodeMap.end()) { 348 auto I = Builder.addVertex(MI); 349 NodeMap[MI] = I; 350 return std::pair<GraphIter, bool>{I, true}; 351 } 352 return std::pair<GraphIter, bool>{Ref->getSecond(), false}; 353 }; 354 355 // The `Transmitters` map memoizes transmitters found for each def. If a def 356 // has not yet been analyzed, then it will not appear in the map. If a def 357 // has been analyzed and was determined not to have any transmitters, then 358 // its list of transmitters will be empty. 359 DenseMap<NodeId, std::vector<NodeId>> Transmitters; 360 361 // Analyze all machine instructions to find gadgets and LFENCEs, adding 362 // each interesting value to `Nodes` 363 auto AnalyzeDef = [&](NodeAddr<DefNode *> SourceDef) { 364 SmallSet<NodeId, 8> UsesVisited, DefsVisited; 365 std::function<void(NodeAddr<DefNode *>)> AnalyzeDefUseChain = 366 [&](NodeAddr<DefNode *> Def) { 367 if (Transmitters.find(Def.Id) != Transmitters.end()) 368 return; // Already analyzed `Def` 369 370 // Use RDF to find all the uses of `Def` 371 rdf::NodeSet Uses; 372 RegisterRef DefReg = Def.Addr->getRegRef(DFG); 373 for (auto UseID : L.getAllReachedUses(DefReg, Def)) { 374 auto Use = DFG.addr<UseNode *>(UseID); 375 if (Use.Addr->getFlags() & NodeAttrs::PhiRef) { // phi node 376 NodeAddr<PhiNode *> Phi = Use.Addr->getOwner(DFG); 377 for (auto I : L.getRealUses(Phi.Id)) { 378 if (DFG.getPRI().alias(RegisterRef(I.first), DefReg)) { 379 for (auto UA : I.second) 380 Uses.emplace(UA.first); 381 } 382 } 383 } else { // not a phi node 384 Uses.emplace(UseID); 385 } 386 } 387 388 // For each use of `Def`, we want to know whether: 389 // (1) The use can leak the Def'ed value, 390 // (2) The use can further propagate the Def'ed value to more defs 391 for (auto UseID : Uses) { 392 if (!UsesVisited.insert(UseID).second) 393 continue; // Already visited this use of `Def` 394 395 auto Use = DFG.addr<UseNode *>(UseID); 396 assert(!(Use.Addr->getFlags() & NodeAttrs::PhiRef)); 397 MachineOperand &UseMO = Use.Addr->getOp(); 398 MachineInstr &UseMI = *UseMO.getParent(); 399 assert(UseMO.isReg()); 400 401 // We naively assume that an instruction propagates any loaded 402 // uses to all defs unless the instruction is a call, in which 403 // case all arguments will be treated as gadget sources during 404 // analysis of the callee function. 405 if (UseMI.isCall()) 406 continue; 407 408 // Check whether this use can transmit (leak) its value. 409 if (instrUsesRegToAccessMemory(UseMI, UseMO.getReg()) || 410 (!NoConditionalBranches && 411 instrUsesRegToBranch(UseMI, UseMO.getReg()))) { 412 Transmitters[Def.Id].push_back(Use.Addr->getOwner(DFG).Id); 413 if (UseMI.mayLoad()) 414 continue; // Found a transmitting load -- no need to continue 415 // traversing its defs (i.e., this load will become 416 // a new gadget source anyways). 417 } 418 419 // Check whether the use propagates to more defs. 420 NodeAddr<InstrNode *> Owner{Use.Addr->getOwner(DFG)}; 421 rdf::NodeList AnalyzedChildDefs; 422 for (auto &ChildDef : 423 Owner.Addr->members_if(DataFlowGraph::IsDef, DFG)) { 424 if (!DefsVisited.insert(ChildDef.Id).second) 425 continue; // Already visited this def 426 if (Def.Addr->getAttrs() & NodeAttrs::Dead) 427 continue; 428 if (Def.Id == ChildDef.Id) 429 continue; // `Def` uses itself (e.g., increment loop counter) 430 431 AnalyzeDefUseChain(ChildDef); 432 433 // `Def` inherits all of its child defs' transmitters. 434 for (auto TransmitterId : Transmitters[ChildDef.Id]) 435 Transmitters[Def.Id].push_back(TransmitterId); 436 } 437 } 438 439 // Note that this statement adds `Def.Id` to the map if no 440 // transmitters were found for `Def`. 441 auto &DefTransmitters = Transmitters[Def.Id]; 442 443 // Remove duplicate transmitters 444 llvm::sort(DefTransmitters); 445 DefTransmitters.erase( 446 std::unique(DefTransmitters.begin(), DefTransmitters.end()), 447 DefTransmitters.end()); 448 }; 449 450 // Find all of the transmitters 451 AnalyzeDefUseChain(SourceDef); 452 auto &SourceDefTransmitters = Transmitters[SourceDef.Id]; 453 if (SourceDefTransmitters.empty()) 454 return; // No transmitters for `SourceDef` 455 456 MachineInstr *Source = SourceDef.Addr->getFlags() & NodeAttrs::PhiRef 457 ? MachineGadgetGraph::ArgNodeSentinel 458 : SourceDef.Addr->getOp().getParent(); 459 auto GadgetSource = MaybeAddNode(Source); 460 // Each transmitter is a sink for `SourceDef`. 461 for (auto TransmitterId : SourceDefTransmitters) { 462 MachineInstr *Sink = DFG.addr<StmtNode *>(TransmitterId).Addr->getCode(); 463 auto GadgetSink = MaybeAddNode(Sink); 464 // Add the gadget edge to the graph. 465 Builder.addEdge(MachineGadgetGraph::GadgetEdgeSentinel, 466 GadgetSource.first, GadgetSink.first); 467 ++GadgetCount; 468 } 469 }; 470 471 LLVM_DEBUG(dbgs() << "Analyzing def-use chains to find gadgets\n"); 472 // Analyze function arguments 473 NodeAddr<BlockNode *> EntryBlock = DFG.getFunc().Addr->getEntryBlock(DFG); 474 for (NodeAddr<PhiNode *> ArgPhi : 475 EntryBlock.Addr->members_if(DataFlowGraph::IsPhi, DFG)) { 476 NodeList Defs = ArgPhi.Addr->members_if(DataFlowGraph::IsDef, DFG); 477 llvm::for_each(Defs, AnalyzeDef); 478 } 479 // Analyze every instruction in MF 480 for (NodeAddr<BlockNode *> BA : DFG.getFunc().Addr->members(DFG)) { 481 for (NodeAddr<StmtNode *> SA : 482 BA.Addr->members_if(DataFlowGraph::IsCode<NodeAttrs::Stmt>, DFG)) { 483 MachineInstr *MI = SA.Addr->getCode(); 484 if (isFence(MI)) { 485 MaybeAddNode(MI); 486 ++FenceCount; 487 } else if (MI->mayLoad()) { 488 NodeList Defs = SA.Addr->members_if(DataFlowGraph::IsDef, DFG); 489 llvm::for_each(Defs, AnalyzeDef); 490 } 491 } 492 } 493 LLVM_DEBUG(dbgs() << "Found " << FenceCount << " fences\n"); 494 LLVM_DEBUG(dbgs() << "Found " << GadgetCount << " gadgets\n"); 495 if (GadgetCount == 0) 496 return nullptr; 497 NumGadgets += GadgetCount; 498 499 // Traverse CFG to build the rest of the graph 500 SmallSet<MachineBasicBlock *, 8> BlocksVisited; 501 std::function<void(MachineBasicBlock *, GraphIter, unsigned)> TraverseCFG = 502 [&](MachineBasicBlock *MBB, GraphIter GI, unsigned ParentDepth) { 503 unsigned LoopDepth = MLI.getLoopDepth(MBB); 504 if (!MBB->empty()) { 505 // Always add the first instruction in each block 506 auto NI = MBB->begin(); 507 auto BeginBB = MaybeAddNode(&*NI); 508 Builder.addEdge(ParentDepth, GI, BeginBB.first); 509 if (!BlocksVisited.insert(MBB).second) 510 return; 511 512 // Add any instructions within the block that are gadget components 513 GI = BeginBB.first; 514 while (++NI != MBB->end()) { 515 auto Ref = NodeMap.find(&*NI); 516 if (Ref != NodeMap.end()) { 517 Builder.addEdge(LoopDepth, GI, Ref->getSecond()); 518 GI = Ref->getSecond(); 519 } 520 } 521 522 // Always add the terminator instruction, if one exists 523 auto T = MBB->getFirstTerminator(); 524 if (T != MBB->end()) { 525 auto EndBB = MaybeAddNode(&*T); 526 if (EndBB.second) 527 Builder.addEdge(LoopDepth, GI, EndBB.first); 528 GI = EndBB.first; 529 } 530 } 531 for (MachineBasicBlock *Succ : MBB->successors()) 532 TraverseCFG(Succ, GI, LoopDepth); 533 }; 534 // ArgNodeSentinel is a pseudo-instruction that represents MF args in the 535 // GadgetGraph 536 GraphIter ArgNode = MaybeAddNode(MachineGadgetGraph::ArgNodeSentinel).first; 537 TraverseCFG(&MF.front(), ArgNode, 0); 538 std::unique_ptr<MachineGadgetGraph> G{Builder.get(FenceCount, GadgetCount)}; 539 LLVM_DEBUG(dbgs() << "Found " << G->nodes_size() << " nodes\n"); 540 return G; 541 } 542 543 // Returns the number of remaining gadget edges that could not be eliminated 544 int X86LoadValueInjectionLoadHardeningPass::elimMitigatedEdgesAndNodes( 545 MachineGadgetGraph &G, EdgeSet &ElimEdges /* in, out */, 546 NodeSet &ElimNodes /* in, out */) const { 547 if (G.NumFences > 0) { 548 // Eliminate fences and CFG edges that ingress and egress the fence, as 549 // they are trivially mitigated. 550 for (const Edge &E : G.edges()) { 551 const Node *Dest = E.getDest(); 552 if (isFence(Dest->getValue())) { 553 ElimNodes.insert(*Dest); 554 ElimEdges.insert(E); 555 for (const Edge &DE : Dest->edges()) 556 ElimEdges.insert(DE); 557 } 558 } 559 } 560 561 // Find and eliminate gadget edges that have been mitigated. 562 int MitigatedGadgets = 0, RemainingGadgets = 0; 563 NodeSet ReachableNodes{G}; 564 for (const Node &RootN : G.nodes()) { 565 if (llvm::none_of(RootN.edges(), MachineGadgetGraph::isGadgetEdge)) 566 continue; // skip this node if it isn't a gadget source 567 568 // Find all of the nodes that are CFG-reachable from RootN using DFS 569 ReachableNodes.clear(); 570 std::function<void(const Node *, bool)> FindReachableNodes = 571 [&](const Node *N, bool FirstNode) { 572 if (!FirstNode) 573 ReachableNodes.insert(*N); 574 for (const Edge &E : N->edges()) { 575 const Node *Dest = E.getDest(); 576 if (MachineGadgetGraph::isCFGEdge(E) && !ElimEdges.contains(E) && 577 !ReachableNodes.contains(*Dest)) 578 FindReachableNodes(Dest, false); 579 } 580 }; 581 FindReachableNodes(&RootN, true); 582 583 // Any gadget whose sink is unreachable has been mitigated 584 for (const Edge &E : RootN.edges()) { 585 if (MachineGadgetGraph::isGadgetEdge(E)) { 586 if (ReachableNodes.contains(*E.getDest())) { 587 // This gadget's sink is reachable 588 ++RemainingGadgets; 589 } else { // This gadget's sink is unreachable, and therefore mitigated 590 ++MitigatedGadgets; 591 ElimEdges.insert(E); 592 } 593 } 594 } 595 } 596 return RemainingGadgets; 597 } 598 599 std::unique_ptr<MachineGadgetGraph> 600 X86LoadValueInjectionLoadHardeningPass::trimMitigatedEdges( 601 std::unique_ptr<MachineGadgetGraph> Graph) const { 602 NodeSet ElimNodes{*Graph}; 603 EdgeSet ElimEdges{*Graph}; 604 int RemainingGadgets = 605 elimMitigatedEdgesAndNodes(*Graph, ElimEdges, ElimNodes); 606 if (ElimEdges.empty() && ElimNodes.empty()) { 607 Graph->NumFences = 0; 608 Graph->NumGadgets = RemainingGadgets; 609 } else { 610 Graph = GraphBuilder::trim(*Graph, ElimNodes, ElimEdges, 0 /* NumFences */, 611 RemainingGadgets); 612 } 613 return Graph; 614 } 615 616 int X86LoadValueInjectionLoadHardeningPass::hardenLoadsWithPlugin( 617 MachineFunction &MF, std::unique_ptr<MachineGadgetGraph> Graph) const { 618 int FencesInserted = 0; 619 620 do { 621 LLVM_DEBUG(dbgs() << "Eliminating mitigated paths...\n"); 622 Graph = trimMitigatedEdges(std::move(Graph)); 623 LLVM_DEBUG(dbgs() << "Eliminating mitigated paths... Done\n"); 624 if (Graph->NumGadgets == 0) 625 break; 626 627 LLVM_DEBUG(dbgs() << "Cutting edges...\n"); 628 EdgeSet CutEdges{*Graph}; 629 auto Nodes = std::make_unique<unsigned int[]>(Graph->nodes_size() + 630 1 /* terminator node */); 631 auto Edges = std::make_unique<unsigned int[]>(Graph->edges_size()); 632 auto EdgeCuts = std::make_unique<int[]>(Graph->edges_size()); 633 auto EdgeValues = std::make_unique<int[]>(Graph->edges_size()); 634 for (const Node &N : Graph->nodes()) { 635 Nodes[Graph->getNodeIndex(N)] = Graph->getEdgeIndex(*N.edges_begin()); 636 } 637 Nodes[Graph->nodes_size()] = Graph->edges_size(); // terminator node 638 for (const Edge &E : Graph->edges()) { 639 Edges[Graph->getEdgeIndex(E)] = Graph->getNodeIndex(*E.getDest()); 640 EdgeValues[Graph->getEdgeIndex(E)] = E.getValue(); 641 } 642 OptimizeCut(Nodes.get(), Graph->nodes_size(), Edges.get(), EdgeValues.get(), 643 EdgeCuts.get(), Graph->edges_size()); 644 for (int I = 0; I < Graph->edges_size(); ++I) 645 if (EdgeCuts[I]) 646 CutEdges.set(I); 647 LLVM_DEBUG(dbgs() << "Cutting edges... Done\n"); 648 LLVM_DEBUG(dbgs() << "Cut " << CutEdges.count() << " edges\n"); 649 650 LLVM_DEBUG(dbgs() << "Inserting LFENCEs...\n"); 651 FencesInserted += insertFences(MF, *Graph, CutEdges); 652 LLVM_DEBUG(dbgs() << "Inserting LFENCEs... Done\n"); 653 LLVM_DEBUG(dbgs() << "Inserted " << FencesInserted << " fences\n"); 654 655 Graph = GraphBuilder::trim(*Graph, NodeSet{*Graph}, CutEdges); 656 } while (true); 657 658 return FencesInserted; 659 } 660 661 int X86LoadValueInjectionLoadHardeningPass::hardenLoadsWithHeuristic( 662 MachineFunction &MF, std::unique_ptr<MachineGadgetGraph> Graph) const { 663 // If `MF` does not have any fences, then no gadgets would have been 664 // mitigated at this point. 665 if (Graph->NumFences > 0) { 666 LLVM_DEBUG(dbgs() << "Eliminating mitigated paths...\n"); 667 Graph = trimMitigatedEdges(std::move(Graph)); 668 LLVM_DEBUG(dbgs() << "Eliminating mitigated paths... Done\n"); 669 } 670 671 if (Graph->NumGadgets == 0) 672 return 0; 673 674 LLVM_DEBUG(dbgs() << "Cutting edges...\n"); 675 EdgeSet CutEdges{*Graph}; 676 677 // Begin by collecting all ingress CFG edges for each node 678 DenseMap<const Node *, SmallVector<const Edge *, 2>> IngressEdgeMap; 679 for (const Edge &E : Graph->edges()) 680 if (MachineGadgetGraph::isCFGEdge(E)) 681 IngressEdgeMap[E.getDest()].push_back(&E); 682 683 // For each gadget edge, make cuts that guarantee the gadget will be 684 // mitigated. A computationally efficient way to achieve this is to either: 685 // (a) cut all egress CFG edges from the gadget source, or 686 // (b) cut all ingress CFG edges to the gadget sink. 687 // 688 // Moreover, the algorithm tries not to make a cut into a loop by preferring 689 // to make a (b)-type cut if the gadget source resides at a greater loop depth 690 // than the gadget sink, or an (a)-type cut otherwise. 691 for (const Node &N : Graph->nodes()) { 692 for (const Edge &E : N.edges()) { 693 if (!MachineGadgetGraph::isGadgetEdge(E)) 694 continue; 695 696 SmallVector<const Edge *, 2> EgressEdges; 697 SmallVector<const Edge *, 2> &IngressEdges = IngressEdgeMap[E.getDest()]; 698 for (const Edge &EgressEdge : N.edges()) 699 if (MachineGadgetGraph::isCFGEdge(EgressEdge)) 700 EgressEdges.push_back(&EgressEdge); 701 702 int EgressCutCost = 0, IngressCutCost = 0; 703 for (const Edge *EgressEdge : EgressEdges) 704 if (!CutEdges.contains(*EgressEdge)) 705 EgressCutCost += EgressEdge->getValue(); 706 for (const Edge *IngressEdge : IngressEdges) 707 if (!CutEdges.contains(*IngressEdge)) 708 IngressCutCost += IngressEdge->getValue(); 709 710 auto &EdgesToCut = 711 IngressCutCost < EgressCutCost ? IngressEdges : EgressEdges; 712 for (const Edge *E : EdgesToCut) 713 CutEdges.insert(*E); 714 } 715 } 716 LLVM_DEBUG(dbgs() << "Cutting edges... Done\n"); 717 LLVM_DEBUG(dbgs() << "Cut " << CutEdges.count() << " edges\n"); 718 719 LLVM_DEBUG(dbgs() << "Inserting LFENCEs...\n"); 720 int FencesInserted = insertFences(MF, *Graph, CutEdges); 721 LLVM_DEBUG(dbgs() << "Inserting LFENCEs... Done\n"); 722 LLVM_DEBUG(dbgs() << "Inserted " << FencesInserted << " fences\n"); 723 724 return FencesInserted; 725 } 726 727 int X86LoadValueInjectionLoadHardeningPass::insertFences( 728 MachineFunction &MF, MachineGadgetGraph &G, 729 EdgeSet &CutEdges /* in, out */) const { 730 int FencesInserted = 0; 731 for (const Node &N : G.nodes()) { 732 for (const Edge &E : N.edges()) { 733 if (CutEdges.contains(E)) { 734 MachineInstr *MI = N.getValue(), *Prev; 735 MachineBasicBlock *MBB; // Insert an LFENCE in this MBB 736 MachineBasicBlock::iterator InsertionPt; // ...at this point 737 if (MI == MachineGadgetGraph::ArgNodeSentinel) { 738 // insert LFENCE at beginning of entry block 739 MBB = &MF.front(); 740 InsertionPt = MBB->begin(); 741 Prev = nullptr; 742 } else if (MI->isBranch()) { // insert the LFENCE before the branch 743 MBB = MI->getParent(); 744 InsertionPt = MI; 745 Prev = MI->getPrevNode(); 746 // Remove all egress CFG edges from this branch because the inserted 747 // LFENCE prevents gadgets from crossing the branch. 748 for (const Edge &E : N.edges()) { 749 if (MachineGadgetGraph::isCFGEdge(E)) 750 CutEdges.insert(E); 751 } 752 } else { // insert the LFENCE after the instruction 753 MBB = MI->getParent(); 754 InsertionPt = MI->getNextNode() ? MI->getNextNode() : MBB->end(); 755 Prev = InsertionPt == MBB->end() 756 ? (MBB->empty() ? nullptr : &MBB->back()) 757 : InsertionPt->getPrevNode(); 758 } 759 // Ensure this insertion is not redundant (two LFENCEs in sequence). 760 if ((InsertionPt == MBB->end() || !isFence(&*InsertionPt)) && 761 (!Prev || !isFence(Prev))) { 762 BuildMI(*MBB, InsertionPt, DebugLoc(), TII->get(X86::LFENCE)); 763 ++FencesInserted; 764 } 765 } 766 } 767 } 768 return FencesInserted; 769 } 770 771 bool X86LoadValueInjectionLoadHardeningPass::instrUsesRegToAccessMemory( 772 const MachineInstr &MI, unsigned Reg) const { 773 if (!MI.mayLoadOrStore() || MI.getOpcode() == X86::MFENCE || 774 MI.getOpcode() == X86::SFENCE || MI.getOpcode() == X86::LFENCE) 775 return false; 776 777 // FIXME: This does not handle pseudo loading instruction like TCRETURN* 778 const MCInstrDesc &Desc = MI.getDesc(); 779 int MemRefBeginIdx = X86II::getMemoryOperandNo(Desc.TSFlags); 780 if (MemRefBeginIdx < 0) { 781 LLVM_DEBUG(dbgs() << "Warning: unable to obtain memory operand for loading " 782 "instruction:\n"; 783 MI.print(dbgs()); dbgs() << '\n';); 784 return false; 785 } 786 MemRefBeginIdx += X86II::getOperandBias(Desc); 787 788 const MachineOperand &BaseMO = 789 MI.getOperand(MemRefBeginIdx + X86::AddrBaseReg); 790 const MachineOperand &IndexMO = 791 MI.getOperand(MemRefBeginIdx + X86::AddrIndexReg); 792 return (BaseMO.isReg() && BaseMO.getReg() != X86::NoRegister && 793 TRI->regsOverlap(BaseMO.getReg(), Reg)) || 794 (IndexMO.isReg() && IndexMO.getReg() != X86::NoRegister && 795 TRI->regsOverlap(IndexMO.getReg(), Reg)); 796 } 797 798 bool X86LoadValueInjectionLoadHardeningPass::instrUsesRegToBranch( 799 const MachineInstr &MI, unsigned Reg) const { 800 if (!MI.isConditionalBranch()) 801 return false; 802 for (const MachineOperand &Use : MI.uses()) 803 if (Use.isReg() && Use.getReg() == Reg) 804 return true; 805 return false; 806 } 807 808 INITIALIZE_PASS_BEGIN(X86LoadValueInjectionLoadHardeningPass, PASS_KEY, 809 "X86 LVI load hardening", false, false) 810 INITIALIZE_PASS_DEPENDENCY(MachineLoopInfo) 811 INITIALIZE_PASS_DEPENDENCY(MachineDominatorTree) 812 INITIALIZE_PASS_DEPENDENCY(MachineDominanceFrontier) 813 INITIALIZE_PASS_END(X86LoadValueInjectionLoadHardeningPass, PASS_KEY, 814 "X86 LVI load hardening", false, false) 815 816 FunctionPass *llvm::createX86LoadValueInjectionLoadHardeningPass() { 817 return new X86LoadValueInjectionLoadHardeningPass(); 818 } 819