Revert "Insert random noops to increase security against ROP attacks …

…(llvm)" This reverts commit: http://reviews.llvm.org/D3392 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@225948 91177308-0d34-0410-b5e6-96231b3b80d8
hacxman · Jan 14, 2015 · 7f0cbb5 · 7f0cbb5
1 parent 1f62091
commit 7f0cbb5
Show file tree

Hide file tree

Showing 17 changed files with 4 additions and 432 deletions.
diff --git a/include/llvm/CodeGen/CommandFlags.h b/include/llvm/CodeGen/CommandFlags.h
@@ -207,12 +207,6 @@ FunctionSections("function-sections",
                  cl::desc("Emit functions into separate sections"),
                  cl::init(false));
 
-cl::opt<bool>
-NoopInsertion("noop-insertion",
-             cl::desc("Randomly add Noop instructions to create fine-grained "
-                      "code layout diversity."),
-             cl::init(false));
-
 cl::opt<llvm::JumpTable::JumpTableType>
 JTableType("jump-table-type",
           cl::desc("Choose the type of Jump-Instruction Table for jumptable."),
@@ -290,7 +284,6 @@ static inline TargetOptions InitTargetOptionsFromCodeGenFlags() {
   Options.UseInitArray = !UseCtors;
   Options.DataSections = DataSections;
   Options.FunctionSections = FunctionSections;
-  Options.NoopInsertion = NoopInsertion;
 
   Options.MCOptions = InitMCTargetOptionsFromFlags();
   Options.JTType = JTableType;

diff --git a/include/llvm/CodeGen/NoopInsertion.h b/include/llvm/CodeGen/NoopInsertion.h
diff --git a/include/llvm/CodeGen/Passes.h b/include/llvm/CodeGen/Passes.h
@@ -603,10 +603,6 @@ namespace llvm {
   /// the intrinsic for later emission to the StackMap.
   extern char &StackMapLivenessID;
 
-  /// NoopInsertion - This pass adds fine-grained diversity by displacing code
-  /// using randomly placed (optionally target supplied) Noop instructions.
-  extern char &NoopInsertionID;
-
   /// createJumpInstrTables - This pass creates jump-instruction tables.
   ModulePass *createJumpInstrTablesPass();
 

diff --git a/include/llvm/InitializePasses.h b/include/llvm/InitializePasses.h
@@ -205,7 +205,6 @@ void initializeMetaRenamerPass(PassRegistry&);
 void initializeMergeFunctionsPass(PassRegistry&);
 void initializeModuleDebugInfoPrinterPass(PassRegistry&);
 void initializeNoAAPass(PassRegistry&);
-void initializeNoopInsertionPass(PassRegistry&);
 void initializeObjCARCAliasAnalysisPass(PassRegistry&);
 void initializeObjCARCAPElimPass(PassRegistry&);
 void initializeObjCARCExpandPass(PassRegistry&);

diff --git a/include/llvm/Support/RandomNumberGenerator.h b/include/llvm/Support/RandomNumberGenerator.h
@@ -31,20 +31,8 @@ namespace llvm {
 /// module.
 class RandomNumberGenerator {
 public:
-  typedef std::mt19937_64 RNG;
-  typedef RNG::result_type result_type;
-
   /// Returns a random number in the range [0, Max).
-  result_type operator()();
-
-  // Must define min and max to be compatible with URNG as used by
-  // std::uniform_*_distribution
-  static LLVM_CONSTEXPR result_type min() {
-    return RNG::min();
-  }
-  static LLVM_CONSTEXPR result_type max() {
-    return RNG::max();
-  }
+  uint_fast64_t operator()();
 
 private:
   /// Seeds and salts the underlying RNG engine.
@@ -57,7 +45,7 @@ class RandomNumberGenerator {
   // http://en.cppreference.com/w/cpp/numeric/random/mersenne_twister_engine
   // This RNG is deterministically portable across C++11
   // implementations.
-  RNG Generator;
+  std::mt19937_64 Generator;
 
   // Noncopyable.
   RandomNumberGenerator(const RandomNumberGenerator &other)

diff --git a/include/llvm/Target/TargetInstrInfo.h b/include/llvm/Target/TargetInstrInfo.h
@@ -32,7 +32,6 @@ class MDNode;
 class MCInst;
 struct MCSchedModel;
 class MCSymbolRefExpr;
-class RandomNumberGenerator;
 class SDNode;
 class ScheduleHazardRecognizer;
 class SelectionDAG;
@@ -876,14 +875,6 @@ class TargetInstrInfo : public MCInstrInfo {
   virtual void insertNoop(MachineBasicBlock &MBB,
                           MachineBasicBlock::iterator MI) const;
 
-  /// insertNoop - Insert a type of noop into the instruction stream at the
-  /// specified point to introduce fine-grained diversity. A target may randomly
-  /// choose from a pool of valid noops using the provided RNG.
-  virtual void insertNoop(MachineBasicBlock &MBB,
-                          MachineBasicBlock::iterator MI,
-                          RandomNumberGenerator&) const {
-    insertNoop(MBB, MI);
-  }
 
   /// Return the noop instruction to use for a noop.
   virtual void getNoopForMachoTarget(MCInst &NopInst) const;

diff --git a/include/llvm/Target/TargetOptions.h b/include/llvm/Target/TargetOptions.h
@@ -78,8 +78,8 @@ namespace llvm {
           EnableFastISel(false), PositionIndependentExecutable(false),
           UseInitArray(false), DisableIntegratedAS(false),
           CompressDebugSections(false), FunctionSections(false),
-          DataSections(false), NoopInsertion(false), TrapUnreachable(false),
-          TrapFuncName(), FloatABIType(FloatABI::Default),
+          DataSections(false), TrapUnreachable(false), TrapFuncName(),
+          FloatABIType(FloatABI::Default),
           AllowFPOpFusion(FPOpFusion::Standard), JTType(JumpTable::Single),
           FCFI(false), ThreadModel(ThreadModel::POSIX),
           CFIType(CFIntegrity::Sub), CFIEnforcing(false), CFIFuncName() {}
@@ -198,10 +198,6 @@ namespace llvm {
     /// Emit data into separate sections.
     unsigned DataSections : 1;
 
-    /// Randomly insert noop instructions to create fine-grained code
-    /// layout diversity.
-    unsigned NoopInsertion : 1;
-
     /// Emit target-specific trap instruction for 'unreachable' IR instructions.
     unsigned TrapUnreachable : 1;
 

diff --git a/lib/CodeGen/CMakeLists.txt b/lib/CodeGen/CMakeLists.txt
@@ -71,7 +71,6 @@ add_llvm_library(LLVMCodeGen
   MachineSink.cpp
   MachineTraceMetrics.cpp
   MachineVerifier.cpp
-  NoopInsertion.cpp
   OcamlGC.cpp
   OptimizePHIs.cpp
   PHIElimination.cpp

diff --git a/lib/CodeGen/CodeGen.cpp b/lib/CodeGen/CodeGen.cpp
@@ -51,7 +51,6 @@ void llvm::initializeCodeGen(PassRegistry &Registry) {
   initializeMachineSchedulerPass(Registry);
   initializeMachineSinkingPass(Registry);
   initializeMachineVerifierPassPass(Registry);
-  initializeNoopInsertionPass(Registry);
   initializeOptimizePHIsPass(Registry);
   initializePHIEliminationPass(Registry);
   initializePeepholeOptimizerPass(Registry);

diff --git a/lib/CodeGen/NoopInsertion.cpp b/lib/CodeGen/NoopInsertion.cpp
diff --git a/lib/CodeGen/Passes.cpp b/lib/CodeGen/Passes.cpp
@@ -583,9 +583,6 @@ void TargetPassConfig::addMachinePasses() {
       addPass(createGCInfoPrinter(dbgs()), false, false);
   }
 
-  if (TM->Options.NoopInsertion)
-    addPass(&NoopInsertionID);
-
   // Basic block placement.
   if (getOptLevel() != CodeGenOpt::None)
     addBlockPlacement();

diff --git a/lib/Target/X86/X86InstrInfo.cpp b/lib/Target/X86/X86InstrInfo.cpp
@@ -34,7 +34,6 @@
 #include "llvm/Support/CommandLine.h"
 #include "llvm/Support/Debug.h"
 #include "llvm/Support/ErrorHandling.h"
-#include "llvm/Support/RandomNumberGenerator.h"
 #include "llvm/Support/raw_ostream.h"
 #include "llvm/Target/TargetOptions.h"
 #include <limits>
@@ -5621,66 +5620,6 @@ void X86InstrInfo::setExecutionDomain(MachineInstr *MI, unsigned Domain) const {
   MI->setDesc(get(table[Domain-1]));
 }
 
-/// insertNoop - Insert a noop into the instruction stream at the specified
-/// point.
-void X86InstrInfo::insertNoop(MachineBasicBlock &MBB,
-                              MachineBasicBlock::iterator MI) const {
-  DebugLoc DL;
-  BuildMI(MBB, MI, DL, get(X86::NOOP));
-}
-
-/// insertNoop - Insert a randomly chosen type of noop into the instruction
-/// stream at the specified point to introduce fine-grained diversity.
-void X86InstrInfo::insertNoop(MachineBasicBlock &MBB,
-                              MachineBasicBlock::iterator MI,
-                              RandomNumberGenerator &RNG) const {
-  // This set of Noop instructions was carefully chosen so that
-  // misaligned parses of these instructions do not introduce new,
-  // useful ROP gadgets. The ASM instructions noted are for misaligned
-  // parses of the noop in 32 and 64 bits.
-  enum {
-    NOP,    // 90
-    MOV_BP, // 89 ed, 48 89 ed -- IN EAX, IN AL (privileged)
-    MOV_SP, // 89 e4, 48 89 e4 -- IN AL, IN EAX (privileged)
-    LEA_SI, // 8d 36, 48 8d 36 -- SS segment override, NULL
-            // prefix (does not add new gadget)
-    LEA_DI, // 8d 3f, 48 8d 3f -- AAS (bcd->hex), invalid
-    MAX_NOPS
-  };
-
-  static const unsigned NopRegs[MAX_NOPS][2] = {
-      {0, 0},
-      {X86::EBP, X86::RBP},
-      {X86::ESP, X86::RSP},
-      {X86::ESI, X86::RSI},
-      {X86::EDI, X86::RDI},
-  };
-
-  std::uniform_int_distribution<unsigned> Distribution(0, MAX_NOPS - 1);
-
-  unsigned Type = Distribution(RNG);
-
-  DebugLoc DL;
-  bool is64Bit = Subtarget.is64Bit();
-  unsigned Reg = NopRegs[Type][is64Bit];
-
-  switch (Type) {
-  case NOP:
-    BuildMI(MBB, MI, DL, get(X86::NOOP));
-    break;
-  case MOV_BP:
-  case MOV_SP:
-    copyPhysReg(MBB, MI, DL, Reg, Reg, false);
-    break;
-  case LEA_SI:
-  case LEA_DI: {
-    unsigned opc = is64Bit ? X86::LEA64r : X86::LEA32r;
-    addRegOffset(BuildMI(MBB, MI, DL, get(opc), Reg), Reg, false, 0);
-    break;
-  }
-  }
-}
-
 /// getNoopForMachoTarget - Return the noop instruction to use for a noop.
 void X86InstrInfo::getNoopForMachoTarget(MCInst &NopInst) const {
   NopInst.setOpcode(X86::NOOP);

diff --git a/lib/Target/X86/X86InstrInfo.h b/lib/Target/X86/X86InstrInfo.h
@@ -361,13 +361,6 @@ class X86InstrInfo final : public X86GenInstrInfo {
   bool shouldScheduleAdjacent(MachineInstr* First,
                               MachineInstr *Second) const override;
 
-  void insertNoop(MachineBasicBlock &MBB,
-                  MachineBasicBlock::iterator MI) const override;
-
-  void insertNoop(MachineBasicBlock &MBB,
-                  MachineBasicBlock::iterator MI,
-                  RandomNumberGenerator &RNG) const override;
-
   void getNoopForMachoTarget(MCInst &NopInst) const override;
 
   bool