xref: /freebsd/contrib/llvm-project/llvm/lib/Target/X86/X86LoadValueInjectionLoadHardening.cpp (revision 2938ecc85c29202824e83d65af5c3a4fb7b3e5fb)
1 //==-- X86LoadValueInjectionLoadHardening.cpp - LVI load hardening for x86 --=//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 ///
9 /// Description: This pass finds Load Value Injection (LVI) gadgets consisting
10 /// of a load from memory (i.e., SOURCE), and any operation that may transmit
11 /// the value loaded from memory over a covert channel, or use the value loaded
12 /// from memory to determine a branch/call target (i.e., SINK). After finding
13 /// all such gadgets in a given function, the pass minimally inserts LFENCE
14 /// instructions in such a manner that the following property is satisfied: for
15 /// all SOURCE+SINK pairs, all paths in the CFG from SOURCE to SINK contain at
16 /// least one LFENCE instruction. The algorithm that implements this minimal
17 /// insertion is influenced by an academic paper that minimally inserts memory
18 /// fences for high-performance concurrent programs:
19 ///         http://www.cs.ucr.edu/~lesani/companion/oopsla15/OOPSLA15.pdf
20 /// The algorithm implemented in this pass is as follows:
21 /// 1. Build a condensed CFG (i.e., a GadgetGraph) consisting only of the
22 /// following components:
23 ///    - SOURCE instructions (also includes function arguments)
24 ///    - SINK instructions
25 ///    - Basic block entry points
26 ///    - Basic block terminators
27 ///    - LFENCE instructions
28 /// 2. Analyze the GadgetGraph to determine which SOURCE+SINK pairs (i.e.,
29 /// gadgets) are already mitigated by existing LFENCEs. If all gadgets have been
30 /// mitigated, go to step 6.
31 /// 3. Use a heuristic or plugin to approximate minimal LFENCE insertion.
32 /// 4. Insert one LFENCE along each CFG edge that was cut in step 3.
33 /// 5. Go to step 2.
34 /// 6. If any LFENCEs were inserted, return `true` from runOnMachineFunction()
35 /// to tell LLVM that the function was modified.
36 ///
37 //===----------------------------------------------------------------------===//
38 
39 #include "ImmutableGraph.h"
40 #include "X86.h"
41 #include "X86Subtarget.h"
42 #include "X86TargetMachine.h"
43 #include "llvm/ADT/DenseMap.h"
44 #include "llvm/ADT/DenseSet.h"
45 #include "llvm/ADT/SmallSet.h"
46 #include "llvm/ADT/Statistic.h"
47 #include "llvm/ADT/StringRef.h"
48 #include "llvm/CodeGen/MachineBasicBlock.h"
49 #include "llvm/CodeGen/MachineDominanceFrontier.h"
50 #include "llvm/CodeGen/MachineDominators.h"
51 #include "llvm/CodeGen/MachineFunction.h"
52 #include "llvm/CodeGen/MachineFunctionPass.h"
53 #include "llvm/CodeGen/MachineInstr.h"
54 #include "llvm/CodeGen/MachineInstrBuilder.h"
55 #include "llvm/CodeGen/MachineLoopInfo.h"
56 #include "llvm/CodeGen/MachineRegisterInfo.h"
57 #include "llvm/CodeGen/RDFGraph.h"
58 #include "llvm/CodeGen/RDFLiveness.h"
59 #include "llvm/InitializePasses.h"
60 #include "llvm/Support/CommandLine.h"
61 #include "llvm/Support/DOTGraphTraits.h"
62 #include "llvm/Support/Debug.h"
63 #include "llvm/Support/DynamicLibrary.h"
64 #include "llvm/Support/GraphWriter.h"
65 #include "llvm/Support/raw_ostream.h"
66 
67 using namespace llvm;
68 
69 #define PASS_KEY "x86-lvi-load"
70 #define DEBUG_TYPE PASS_KEY
71 
72 STATISTIC(NumFences, "Number of LFENCEs inserted for LVI mitigation");
73 STATISTIC(NumFunctionsConsidered, "Number of functions analyzed");
74 STATISTIC(NumFunctionsMitigated, "Number of functions for which mitigations "
75                                  "were deployed");
76 STATISTIC(NumGadgets, "Number of LVI gadgets detected during analysis");
77 
78 static cl::opt<std::string> OptimizePluginPath(
79     PASS_KEY "-opt-plugin",
80     cl::desc("Specify a plugin to optimize LFENCE insertion"), cl::Hidden);
81 
82 static cl::opt<bool> NoConditionalBranches(
83     PASS_KEY "-no-cbranch",
84     cl::desc("Don't treat conditional branches as disclosure gadgets. This "
85              "may improve performance, at the cost of security."),
86     cl::init(false), cl::Hidden);
87 
88 static cl::opt<bool> EmitDot(
89     PASS_KEY "-dot",
90     cl::desc(
91         "For each function, emit a dot graph depicting potential LVI gadgets"),
92     cl::init(false), cl::Hidden);
93 
94 static cl::opt<bool> EmitDotOnly(
95     PASS_KEY "-dot-only",
96     cl::desc("For each function, emit a dot graph depicting potential LVI "
97              "gadgets, and do not insert any fences"),
98     cl::init(false), cl::Hidden);
99 
100 static cl::opt<bool> EmitDotVerify(
101     PASS_KEY "-dot-verify",
102     cl::desc("For each function, emit a dot graph to stdout depicting "
103              "potential LVI gadgets, used for testing purposes only"),
104     cl::init(false), cl::Hidden);
105 
106 static llvm::sys::DynamicLibrary OptimizeDL;
107 typedef int (*OptimizeCutT)(unsigned int *nodes, unsigned int nodes_size,
108                             unsigned int *edges, int *edge_values,
109                             int *cut_edges /* out */, unsigned int edges_size);
110 static OptimizeCutT OptimizeCut = nullptr;
111 
112 namespace {
113 
114 struct MachineGadgetGraph : ImmutableGraph<MachineInstr *, int> {
115   static constexpr int GadgetEdgeSentinel = -1;
116   static constexpr MachineInstr *const ArgNodeSentinel = nullptr;
117 
118   using GraphT = ImmutableGraph<MachineInstr *, int>;
119   using Node = typename GraphT::Node;
120   using Edge = typename GraphT::Edge;
121   using size_type = typename GraphT::size_type;
122   MachineGadgetGraph(std::unique_ptr<Node[]> Nodes,
123                      std::unique_ptr<Edge[]> Edges, size_type NodesSize,
124                      size_type EdgesSize, int NumFences = 0, int NumGadgets = 0)
125       : GraphT(std::move(Nodes), std::move(Edges), NodesSize, EdgesSize),
126         NumFences(NumFences), NumGadgets(NumGadgets) {}
127   static inline bool isCFGEdge(const Edge &E) {
128     return E.getValue() != GadgetEdgeSentinel;
129   }
130   static inline bool isGadgetEdge(const Edge &E) {
131     return E.getValue() == GadgetEdgeSentinel;
132   }
133   int NumFences;
134   int NumGadgets;
135 };
136 
137 class X86LoadValueInjectionLoadHardeningPass : public MachineFunctionPass {
138 public:
139   X86LoadValueInjectionLoadHardeningPass() : MachineFunctionPass(ID) {}
140 
141   StringRef getPassName() const override {
142     return "X86 Load Value Injection (LVI) Load Hardening";
143   }
144   void getAnalysisUsage(AnalysisUsage &AU) const override;
145   bool runOnMachineFunction(MachineFunction &MF) override;
146 
147   static char ID;
148 
149 private:
150   using GraphBuilder = ImmutableGraphBuilder<MachineGadgetGraph>;
151   using EdgeSet = MachineGadgetGraph::EdgeSet;
152   using NodeSet = MachineGadgetGraph::NodeSet;
153   using Gadget = std::pair<MachineInstr *, MachineInstr *>;
154 
155   const X86Subtarget *STI;
156   const TargetInstrInfo *TII;
157   const TargetRegisterInfo *TRI;
158 
159   std::unique_ptr<MachineGadgetGraph>
160   getGadgetGraph(MachineFunction &MF, const MachineLoopInfo &MLI,
161                  const MachineDominatorTree &MDT,
162                  const MachineDominanceFrontier &MDF) const;
163   int hardenLoadsWithPlugin(MachineFunction &MF,
164                             std::unique_ptr<MachineGadgetGraph> Graph) const;
165   int hardenLoadsWithGreedyHeuristic(
166       MachineFunction &MF, std::unique_ptr<MachineGadgetGraph> Graph) const;
167   int elimMitigatedEdgesAndNodes(MachineGadgetGraph &G,
168                                  EdgeSet &ElimEdges /* in, out */,
169                                  NodeSet &ElimNodes /* in, out */) const;
170   std::unique_ptr<MachineGadgetGraph>
171   trimMitigatedEdges(std::unique_ptr<MachineGadgetGraph> Graph) const;
172   void findAndCutEdges(MachineGadgetGraph &G,
173                        EdgeSet &CutEdges /* out */) const;
174   int insertFences(MachineFunction &MF, MachineGadgetGraph &G,
175                    EdgeSet &CutEdges /* in, out */) const;
176   bool instrUsesRegToAccessMemory(const MachineInstr &I, unsigned Reg) const;
177   bool instrUsesRegToBranch(const MachineInstr &I, unsigned Reg) const;
178   inline bool isFence(const MachineInstr *MI) const {
179     return MI && (MI->getOpcode() == X86::LFENCE ||
180                   (STI->useLVIControlFlowIntegrity() && MI->isCall()));
181   }
182 };
183 
184 } // end anonymous namespace
185 
186 namespace llvm {
187 
188 template <>
189 struct GraphTraits<MachineGadgetGraph *>
190     : GraphTraits<ImmutableGraph<MachineInstr *, int> *> {};
191 
192 template <>
193 struct DOTGraphTraits<MachineGadgetGraph *> : DefaultDOTGraphTraits {
194   using GraphType = MachineGadgetGraph;
195   using Traits = llvm::GraphTraits<GraphType *>;
196   using NodeRef = typename Traits::NodeRef;
197   using EdgeRef = typename Traits::EdgeRef;
198   using ChildIteratorType = typename Traits::ChildIteratorType;
199   using ChildEdgeIteratorType = typename Traits::ChildEdgeIteratorType;
200 
201   DOTGraphTraits(bool isSimple = false) : DefaultDOTGraphTraits(isSimple) {}
202 
203   std::string getNodeLabel(NodeRef Node, GraphType *) {
204     if (Node->getValue() == MachineGadgetGraph::ArgNodeSentinel)
205       return "ARGS";
206 
207     std::string Str;
208     raw_string_ostream OS(Str);
209     OS << *Node->getValue();
210     return OS.str();
211   }
212 
213   static std::string getNodeAttributes(NodeRef Node, GraphType *) {
214     MachineInstr *MI = Node->getValue();
215     if (MI == MachineGadgetGraph::ArgNodeSentinel)
216       return "color = blue";
217     if (MI->getOpcode() == X86::LFENCE)
218       return "color = green";
219     return "";
220   }
221 
222   static std::string getEdgeAttributes(NodeRef, ChildIteratorType E,
223                                        GraphType *) {
224     int EdgeVal = (*E.getCurrent()).getValue();
225     return EdgeVal >= 0 ? "label = " + std::to_string(EdgeVal)
226                         : "color = red, style = \"dashed\"";
227   }
228 };
229 
230 } // end namespace llvm
231 
232 constexpr MachineInstr *MachineGadgetGraph::ArgNodeSentinel;
233 constexpr int MachineGadgetGraph::GadgetEdgeSentinel;
234 
235 char X86LoadValueInjectionLoadHardeningPass::ID = 0;
236 
237 void X86LoadValueInjectionLoadHardeningPass::getAnalysisUsage(
238     AnalysisUsage &AU) const {
239   MachineFunctionPass::getAnalysisUsage(AU);
240   AU.addRequired<MachineLoopInfo>();
241   AU.addRequired<MachineDominatorTree>();
242   AU.addRequired<MachineDominanceFrontier>();
243   AU.setPreservesCFG();
244 }
245 
246 static void WriteGadgetGraph(raw_ostream &OS, MachineFunction &MF,
247                              MachineGadgetGraph *G) {
248   WriteGraph(OS, G, /*ShortNames*/ false,
249              "Speculative gadgets for \"" + MF.getName() + "\" function");
250 }
251 
252 bool X86LoadValueInjectionLoadHardeningPass::runOnMachineFunction(
253     MachineFunction &MF) {
254   LLVM_DEBUG(dbgs() << "***** " << getPassName() << " : " << MF.getName()
255                     << " *****\n");
256   STI = &MF.getSubtarget<X86Subtarget>();
257   if (!STI->useLVILoadHardening())
258     return false;
259 
260   // FIXME: support 32-bit
261   if (!STI->is64Bit())
262     report_fatal_error("LVI load hardening is only supported on 64-bit", false);
263 
264   // Don't skip functions with the "optnone" attr but participate in opt-bisect.
265   const Function &F = MF.getFunction();
266   if (!F.hasOptNone() && skipFunction(F))
267     return false;
268 
269   ++NumFunctionsConsidered;
270   TII = STI->getInstrInfo();
271   TRI = STI->getRegisterInfo();
272   LLVM_DEBUG(dbgs() << "Building gadget graph...\n");
273   const auto &MLI = getAnalysis<MachineLoopInfo>();
274   const auto &MDT = getAnalysis<MachineDominatorTree>();
275   const auto &MDF = getAnalysis<MachineDominanceFrontier>();
276   std::unique_ptr<MachineGadgetGraph> Graph = getGadgetGraph(MF, MLI, MDT, MDF);
277   LLVM_DEBUG(dbgs() << "Building gadget graph... Done\n");
278   if (Graph == nullptr)
279     return false; // didn't find any gadgets
280 
281   if (EmitDotVerify) {
282     WriteGadgetGraph(outs(), MF, Graph.get());
283     return false;
284   }
285 
286   if (EmitDot || EmitDotOnly) {
287     LLVM_DEBUG(dbgs() << "Emitting gadget graph...\n");
288     std::error_code FileError;
289     std::string FileName = "lvi.";
290     FileName += MF.getName();
291     FileName += ".dot";
292     raw_fd_ostream FileOut(FileName, FileError);
293     if (FileError)
294       errs() << FileError.message();
295     WriteGadgetGraph(FileOut, MF, Graph.get());
296     FileOut.close();
297     LLVM_DEBUG(dbgs() << "Emitting gadget graph... Done\n");
298     if (EmitDotOnly)
299       return false;
300   }
301 
302   int FencesInserted;
303   if (!OptimizePluginPath.empty()) {
304     if (!OptimizeDL.isValid()) {
305       std::string ErrorMsg;
306       OptimizeDL = llvm::sys::DynamicLibrary::getPermanentLibrary(
307           OptimizePluginPath.c_str(), &ErrorMsg);
308       if (!ErrorMsg.empty())
309         report_fatal_error("Failed to load opt plugin: \"" + ErrorMsg + '\"');
310       OptimizeCut = (OptimizeCutT)OptimizeDL.getAddressOfSymbol("optimize_cut");
311       if (!OptimizeCut)
312         report_fatal_error("Invalid optimization plugin");
313     }
314     FencesInserted = hardenLoadsWithPlugin(MF, std::move(Graph));
315   } else { // Use the default greedy heuristic
316     FencesInserted = hardenLoadsWithGreedyHeuristic(MF, std::move(Graph));
317   }
318 
319   if (FencesInserted > 0)
320     ++NumFunctionsMitigated;
321   NumFences += FencesInserted;
322   return (FencesInserted > 0);
323 }
324 
325 std::unique_ptr<MachineGadgetGraph>
326 X86LoadValueInjectionLoadHardeningPass::getGadgetGraph(
327     MachineFunction &MF, const MachineLoopInfo &MLI,
328     const MachineDominatorTree &MDT,
329     const MachineDominanceFrontier &MDF) const {
330   using namespace rdf;
331 
332   // Build the Register Dataflow Graph using the RDF framework
333   TargetOperandInfo TOI{*TII};
334   DataFlowGraph DFG{MF, *TII, *TRI, MDT, MDF, TOI};
335   DFG.build();
336   Liveness L{MF.getRegInfo(), DFG};
337   L.computePhiInfo();
338 
339   GraphBuilder Builder;
340   using GraphIter = typename GraphBuilder::BuilderNodeRef;
341   DenseMap<MachineInstr *, GraphIter> NodeMap;
342   int FenceCount = 0, GadgetCount = 0;
343   auto MaybeAddNode = [&NodeMap, &Builder](MachineInstr *MI) {
344     auto Ref = NodeMap.find(MI);
345     if (Ref == NodeMap.end()) {
346       auto I = Builder.addVertex(MI);
347       NodeMap[MI] = I;
348       return std::pair<GraphIter, bool>{I, true};
349     }
350     return std::pair<GraphIter, bool>{Ref->getSecond(), false};
351   };
352 
353   // The `Transmitters` map memoizes transmitters found for each def. If a def
354   // has not yet been analyzed, then it will not appear in the map. If a def
355   // has been analyzed and was determined not to have any transmitters, then
356   // its list of transmitters will be empty.
357   DenseMap<NodeId, std::vector<NodeId>> Transmitters;
358 
359   // Analyze all machine instructions to find gadgets and LFENCEs, adding
360   // each interesting value to `Nodes`
361   auto AnalyzeDef = [&](NodeAddr<DefNode *> SourceDef) {
362     SmallSet<NodeId, 8> UsesVisited, DefsVisited;
363     std::function<void(NodeAddr<DefNode *>)> AnalyzeDefUseChain =
364         [&](NodeAddr<DefNode *> Def) {
365           if (Transmitters.find(Def.Id) != Transmitters.end())
366             return; // Already analyzed `Def`
367 
368           // Use RDF to find all the uses of `Def`
369           rdf::NodeSet Uses;
370           RegisterRef DefReg = DFG.getPRI().normalize(Def.Addr->getRegRef(DFG));
371           for (auto UseID : L.getAllReachedUses(DefReg, Def)) {
372             auto Use = DFG.addr<UseNode *>(UseID);
373             if (Use.Addr->getFlags() & NodeAttrs::PhiRef) { // phi node
374               NodeAddr<PhiNode *> Phi = Use.Addr->getOwner(DFG);
375               for (auto I : L.getRealUses(Phi.Id)) {
376                 if (DFG.getPRI().alias(RegisterRef(I.first), DefReg)) {
377                   for (auto UA : I.second)
378                     Uses.emplace(UA.first);
379                 }
380               }
381             } else { // not a phi node
382               Uses.emplace(UseID);
383             }
384           }
385 
386           // For each use of `Def`, we want to know whether:
387           // (1) The use can leak the Def'ed value,
388           // (2) The use can further propagate the Def'ed value to more defs
389           for (auto UseID : Uses) {
390             if (!UsesVisited.insert(UseID).second)
391               continue; // Already visited this use of `Def`
392 
393             auto Use = DFG.addr<UseNode *>(UseID);
394             assert(!(Use.Addr->getFlags() & NodeAttrs::PhiRef));
395             MachineOperand &UseMO = Use.Addr->getOp();
396             MachineInstr &UseMI = *UseMO.getParent();
397             assert(UseMO.isReg());
398 
399             // We naively assume that an instruction propagates any loaded
400             // uses to all defs unless the instruction is a call, in which
401             // case all arguments will be treated as gadget sources during
402             // analysis of the callee function.
403             if (UseMI.isCall())
404               continue;
405 
406             // Check whether this use can transmit (leak) its value.
407             if (instrUsesRegToAccessMemory(UseMI, UseMO.getReg()) ||
408                 (!NoConditionalBranches &&
409                  instrUsesRegToBranch(UseMI, UseMO.getReg()))) {
410               Transmitters[Def.Id].push_back(Use.Addr->getOwner(DFG).Id);
411               if (UseMI.mayLoad())
412                 continue; // Found a transmitting load -- no need to continue
413                           // traversing its defs (i.e., this load will become
414                           // a new gadget source anyways).
415             }
416 
417             // Check whether the use propagates to more defs.
418             NodeAddr<InstrNode *> Owner{Use.Addr->getOwner(DFG)};
419             rdf::NodeList AnalyzedChildDefs;
420             for (auto &ChildDef :
421                  Owner.Addr->members_if(DataFlowGraph::IsDef, DFG)) {
422               if (!DefsVisited.insert(ChildDef.Id).second)
423                 continue; // Already visited this def
424               if (Def.Addr->getAttrs() & NodeAttrs::Dead)
425                 continue;
426               if (Def.Id == ChildDef.Id)
427                 continue; // `Def` uses itself (e.g., increment loop counter)
428 
429               AnalyzeDefUseChain(ChildDef);
430 
431               // `Def` inherits all of its child defs' transmitters.
432               for (auto TransmitterId : Transmitters[ChildDef.Id])
433                 Transmitters[Def.Id].push_back(TransmitterId);
434             }
435           }
436 
437           // Note that this statement adds `Def.Id` to the map if no
438           // transmitters were found for `Def`.
439           auto &DefTransmitters = Transmitters[Def.Id];
440 
441           // Remove duplicate transmitters
442           llvm::sort(DefTransmitters);
443           DefTransmitters.erase(
444               std::unique(DefTransmitters.begin(), DefTransmitters.end()),
445               DefTransmitters.end());
446         };
447 
448     // Find all of the transmitters
449     AnalyzeDefUseChain(SourceDef);
450     auto &SourceDefTransmitters = Transmitters[SourceDef.Id];
451     if (SourceDefTransmitters.empty())
452       return; // No transmitters for `SourceDef`
453 
454     MachineInstr *Source = SourceDef.Addr->getFlags() & NodeAttrs::PhiRef
455                                ? MachineGadgetGraph::ArgNodeSentinel
456                                : SourceDef.Addr->getOp().getParent();
457     auto GadgetSource = MaybeAddNode(Source);
458     // Each transmitter is a sink for `SourceDef`.
459     for (auto TransmitterId : SourceDefTransmitters) {
460       MachineInstr *Sink = DFG.addr<StmtNode *>(TransmitterId).Addr->getCode();
461       auto GadgetSink = MaybeAddNode(Sink);
462       // Add the gadget edge to the graph.
463       Builder.addEdge(MachineGadgetGraph::GadgetEdgeSentinel,
464                       GadgetSource.first, GadgetSink.first);
465       ++GadgetCount;
466     }
467   };
468 
469   LLVM_DEBUG(dbgs() << "Analyzing def-use chains to find gadgets\n");
470   // Analyze function arguments
471   NodeAddr<BlockNode *> EntryBlock = DFG.getFunc().Addr->getEntryBlock(DFG);
472   for (NodeAddr<PhiNode *> ArgPhi :
473        EntryBlock.Addr->members_if(DataFlowGraph::IsPhi, DFG)) {
474     NodeList Defs = ArgPhi.Addr->members_if(DataFlowGraph::IsDef, DFG);
475     llvm::for_each(Defs, AnalyzeDef);
476   }
477   // Analyze every instruction in MF
478   for (NodeAddr<BlockNode *> BA : DFG.getFunc().Addr->members(DFG)) {
479     for (NodeAddr<StmtNode *> SA :
480          BA.Addr->members_if(DataFlowGraph::IsCode<NodeAttrs::Stmt>, DFG)) {
481       MachineInstr *MI = SA.Addr->getCode();
482       if (isFence(MI)) {
483         MaybeAddNode(MI);
484         ++FenceCount;
485       } else if (MI->mayLoad()) {
486         NodeList Defs = SA.Addr->members_if(DataFlowGraph::IsDef, DFG);
487         llvm::for_each(Defs, AnalyzeDef);
488       }
489     }
490   }
491   LLVM_DEBUG(dbgs() << "Found " << FenceCount << " fences\n");
492   LLVM_DEBUG(dbgs() << "Found " << GadgetCount << " gadgets\n");
493   if (GadgetCount == 0)
494     return nullptr;
495   NumGadgets += GadgetCount;
496 
497   // Traverse CFG to build the rest of the graph
498   SmallSet<MachineBasicBlock *, 8> BlocksVisited;
499   std::function<void(MachineBasicBlock *, GraphIter, unsigned)> TraverseCFG =
500       [&](MachineBasicBlock *MBB, GraphIter GI, unsigned ParentDepth) {
501         unsigned LoopDepth = MLI.getLoopDepth(MBB);
502         if (!MBB->empty()) {
503           // Always add the first instruction in each block
504           auto NI = MBB->begin();
505           auto BeginBB = MaybeAddNode(&*NI);
506           Builder.addEdge(ParentDepth, GI, BeginBB.first);
507           if (!BlocksVisited.insert(MBB).second)
508             return;
509 
510           // Add any instructions within the block that are gadget components
511           GI = BeginBB.first;
512           while (++NI != MBB->end()) {
513             auto Ref = NodeMap.find(&*NI);
514             if (Ref != NodeMap.end()) {
515               Builder.addEdge(LoopDepth, GI, Ref->getSecond());
516               GI = Ref->getSecond();
517             }
518           }
519 
520           // Always add the terminator instruction, if one exists
521           auto T = MBB->getFirstTerminator();
522           if (T != MBB->end()) {
523             auto EndBB = MaybeAddNode(&*T);
524             if (EndBB.second)
525               Builder.addEdge(LoopDepth, GI, EndBB.first);
526             GI = EndBB.first;
527           }
528         }
529         for (MachineBasicBlock *Succ : MBB->successors())
530           TraverseCFG(Succ, GI, LoopDepth);
531       };
532   // ArgNodeSentinel is a pseudo-instruction that represents MF args in the
533   // GadgetGraph
534   GraphIter ArgNode = MaybeAddNode(MachineGadgetGraph::ArgNodeSentinel).first;
535   TraverseCFG(&MF.front(), ArgNode, 0);
536   std::unique_ptr<MachineGadgetGraph> G{Builder.get(FenceCount, GadgetCount)};
537   LLVM_DEBUG(dbgs() << "Found " << G->nodes_size() << " nodes\n");
538   return G;
539 }
540 
541 // Returns the number of remaining gadget edges that could not be eliminated
542 int X86LoadValueInjectionLoadHardeningPass::elimMitigatedEdgesAndNodes(
543     MachineGadgetGraph &G, MachineGadgetGraph::EdgeSet &ElimEdges /* in, out */,
544     MachineGadgetGraph::NodeSet &ElimNodes /* in, out */) const {
545   if (G.NumFences > 0) {
546     // Eliminate fences and CFG edges that ingress and egress the fence, as
547     // they are trivially mitigated.
548     for (const auto &E : G.edges()) {
549       const MachineGadgetGraph::Node *Dest = E.getDest();
550       if (isFence(Dest->getValue())) {
551         ElimNodes.insert(*Dest);
552         ElimEdges.insert(E);
553         for (const auto &DE : Dest->edges())
554           ElimEdges.insert(DE);
555       }
556     }
557   }
558 
559   // Find and eliminate gadget edges that have been mitigated.
560   int MitigatedGadgets = 0, RemainingGadgets = 0;
561   MachineGadgetGraph::NodeSet ReachableNodes{G};
562   for (const auto &RootN : G.nodes()) {
563     if (llvm::none_of(RootN.edges(), MachineGadgetGraph::isGadgetEdge))
564       continue; // skip this node if it isn't a gadget source
565 
566     // Find all of the nodes that are CFG-reachable from RootN using DFS
567     ReachableNodes.clear();
568     std::function<void(const MachineGadgetGraph::Node *, bool)>
569         FindReachableNodes =
570             [&](const MachineGadgetGraph::Node *N, bool FirstNode) {
571               if (!FirstNode)
572                 ReachableNodes.insert(*N);
573               for (const auto &E : N->edges()) {
574                 const MachineGadgetGraph::Node *Dest = E.getDest();
575                 if (MachineGadgetGraph::isCFGEdge(E) &&
576                     !ElimEdges.contains(E) && !ReachableNodes.contains(*Dest))
577                   FindReachableNodes(Dest, false);
578               }
579             };
580     FindReachableNodes(&RootN, true);
581 
582     // Any gadget whose sink is unreachable has been mitigated
583     for (const auto &E : RootN.edges()) {
584       if (MachineGadgetGraph::isGadgetEdge(E)) {
585         if (ReachableNodes.contains(*E.getDest())) {
586           // This gadget's sink is reachable
587           ++RemainingGadgets;
588         } else { // This gadget's sink is unreachable, and therefore mitigated
589           ++MitigatedGadgets;
590           ElimEdges.insert(E);
591         }
592       }
593     }
594   }
595   return RemainingGadgets;
596 }
597 
598 std::unique_ptr<MachineGadgetGraph>
599 X86LoadValueInjectionLoadHardeningPass::trimMitigatedEdges(
600     std::unique_ptr<MachineGadgetGraph> Graph) const {
601   MachineGadgetGraph::NodeSet ElimNodes{*Graph};
602   MachineGadgetGraph::EdgeSet ElimEdges{*Graph};
603   int RemainingGadgets =
604       elimMitigatedEdgesAndNodes(*Graph, ElimEdges, ElimNodes);
605   if (ElimEdges.empty() && ElimNodes.empty()) {
606     Graph->NumFences = 0;
607     Graph->NumGadgets = RemainingGadgets;
608   } else {
609     Graph = GraphBuilder::trim(*Graph, ElimNodes, ElimEdges, 0 /* NumFences */,
610                                RemainingGadgets);
611   }
612   return Graph;
613 }
614 
615 int X86LoadValueInjectionLoadHardeningPass::hardenLoadsWithPlugin(
616     MachineFunction &MF, std::unique_ptr<MachineGadgetGraph> Graph) const {
617   int FencesInserted = 0;
618 
619   do {
620     LLVM_DEBUG(dbgs() << "Eliminating mitigated paths...\n");
621     Graph = trimMitigatedEdges(std::move(Graph));
622     LLVM_DEBUG(dbgs() << "Eliminating mitigated paths... Done\n");
623     if (Graph->NumGadgets == 0)
624       break;
625 
626     LLVM_DEBUG(dbgs() << "Cutting edges...\n");
627     EdgeSet CutEdges{*Graph};
628     auto Nodes = std::make_unique<unsigned int[]>(Graph->nodes_size() +
629                                                   1 /* terminator node */);
630     auto Edges = std::make_unique<unsigned int[]>(Graph->edges_size());
631     auto EdgeCuts = std::make_unique<int[]>(Graph->edges_size());
632     auto EdgeValues = std::make_unique<int[]>(Graph->edges_size());
633     for (const auto &N : Graph->nodes()) {
634       Nodes[Graph->getNodeIndex(N)] = Graph->getEdgeIndex(*N.edges_begin());
635     }
636     Nodes[Graph->nodes_size()] = Graph->edges_size(); // terminator node
637     for (const auto &E : Graph->edges()) {
638       Edges[Graph->getEdgeIndex(E)] = Graph->getNodeIndex(*E.getDest());
639       EdgeValues[Graph->getEdgeIndex(E)] = E.getValue();
640     }
641     OptimizeCut(Nodes.get(), Graph->nodes_size(), Edges.get(), EdgeValues.get(),
642                 EdgeCuts.get(), Graph->edges_size());
643     for (int I = 0; I < Graph->edges_size(); ++I)
644       if (EdgeCuts[I])
645         CutEdges.set(I);
646     LLVM_DEBUG(dbgs() << "Cutting edges... Done\n");
647     LLVM_DEBUG(dbgs() << "Cut " << CutEdges.count() << " edges\n");
648 
649     LLVM_DEBUG(dbgs() << "Inserting LFENCEs...\n");
650     FencesInserted += insertFences(MF, *Graph, CutEdges);
651     LLVM_DEBUG(dbgs() << "Inserting LFENCEs... Done\n");
652     LLVM_DEBUG(dbgs() << "Inserted " << FencesInserted << " fences\n");
653 
654     Graph = GraphBuilder::trim(*Graph, MachineGadgetGraph::NodeSet{*Graph},
655                                CutEdges);
656   } while (true);
657 
658   return FencesInserted;
659 }
660 
661 int X86LoadValueInjectionLoadHardeningPass::hardenLoadsWithGreedyHeuristic(
662     MachineFunction &MF, std::unique_ptr<MachineGadgetGraph> Graph) const {
663   LLVM_DEBUG(dbgs() << "Eliminating mitigated paths...\n");
664   Graph = trimMitigatedEdges(std::move(Graph));
665   LLVM_DEBUG(dbgs() << "Eliminating mitigated paths... Done\n");
666   if (Graph->NumGadgets == 0)
667     return 0;
668 
669   LLVM_DEBUG(dbgs() << "Cutting edges...\n");
670   MachineGadgetGraph::NodeSet ElimNodes{*Graph}, GadgetSinks{*Graph};
671   MachineGadgetGraph::EdgeSet ElimEdges{*Graph}, CutEdges{*Graph};
672   auto IsCFGEdge = [&ElimEdges, &CutEdges](const MachineGadgetGraph::Edge &E) {
673     return !ElimEdges.contains(E) && !CutEdges.contains(E) &&
674            MachineGadgetGraph::isCFGEdge(E);
675   };
676   auto IsGadgetEdge = [&ElimEdges,
677                        &CutEdges](const MachineGadgetGraph::Edge &E) {
678     return !ElimEdges.contains(E) && !CutEdges.contains(E) &&
679            MachineGadgetGraph::isGadgetEdge(E);
680   };
681 
682   // FIXME: this is O(E^2), we could probably do better.
683   do {
684     // Find the cheapest CFG edge that will eliminate a gadget (by being
685     // egress from a SOURCE node or ingress to a SINK node), and cut it.
686     const MachineGadgetGraph::Edge *CheapestSoFar = nullptr;
687 
688     // First, collect all gadget source and sink nodes.
689     MachineGadgetGraph::NodeSet GadgetSources{*Graph}, GadgetSinks{*Graph};
690     for (const auto &N : Graph->nodes()) {
691       if (ElimNodes.contains(N))
692         continue;
693       for (const auto &E : N.edges()) {
694         if (IsGadgetEdge(E)) {
695           GadgetSources.insert(N);
696           GadgetSinks.insert(*E.getDest());
697         }
698       }
699     }
700 
701     // Next, look for the cheapest CFG edge which, when cut, is guaranteed to
702     // mitigate at least one gadget by either:
703     // (a) being egress from a gadget source, or
704     // (b) being ingress to a gadget sink.
705     for (const auto &N : Graph->nodes()) {
706       if (ElimNodes.contains(N))
707         continue;
708       for (const auto &E : N.edges()) {
709         if (IsCFGEdge(E)) {
710           if (GadgetSources.contains(N) || GadgetSinks.contains(*E.getDest())) {
711             if (!CheapestSoFar || E.getValue() < CheapestSoFar->getValue())
712               CheapestSoFar = &E;
713           }
714         }
715       }
716     }
717 
718     assert(CheapestSoFar && "Failed to cut an edge");
719     CutEdges.insert(*CheapestSoFar);
720     ElimEdges.insert(*CheapestSoFar);
721   } while (elimMitigatedEdgesAndNodes(*Graph, ElimEdges, ElimNodes));
722   LLVM_DEBUG(dbgs() << "Cutting edges... Done\n");
723   LLVM_DEBUG(dbgs() << "Cut " << CutEdges.count() << " edges\n");
724 
725   LLVM_DEBUG(dbgs() << "Inserting LFENCEs...\n");
726   int FencesInserted = insertFences(MF, *Graph, CutEdges);
727   LLVM_DEBUG(dbgs() << "Inserting LFENCEs... Done\n");
728   LLVM_DEBUG(dbgs() << "Inserted " << FencesInserted << " fences\n");
729 
730   return FencesInserted;
731 }
732 
733 int X86LoadValueInjectionLoadHardeningPass::insertFences(
734     MachineFunction &MF, MachineGadgetGraph &G,
735     EdgeSet &CutEdges /* in, out */) const {
736   int FencesInserted = 0;
737   for (const auto &N : G.nodes()) {
738     for (const auto &E : N.edges()) {
739       if (CutEdges.contains(E)) {
740         MachineInstr *MI = N.getValue(), *Prev;
741         MachineBasicBlock *MBB;                  // Insert an LFENCE in this MBB
742         MachineBasicBlock::iterator InsertionPt; // ...at this point
743         if (MI == MachineGadgetGraph::ArgNodeSentinel) {
744           // insert LFENCE at beginning of entry block
745           MBB = &MF.front();
746           InsertionPt = MBB->begin();
747           Prev = nullptr;
748         } else if (MI->isBranch()) { // insert the LFENCE before the branch
749           MBB = MI->getParent();
750           InsertionPt = MI;
751           Prev = MI->getPrevNode();
752           // Remove all egress CFG edges from this branch because the inserted
753           // LFENCE prevents gadgets from crossing the branch.
754           for (const auto &E : N.edges()) {
755             if (MachineGadgetGraph::isCFGEdge(E))
756               CutEdges.insert(E);
757           }
758         } else { // insert the LFENCE after the instruction
759           MBB = MI->getParent();
760           InsertionPt = MI->getNextNode() ? MI->getNextNode() : MBB->end();
761           Prev = InsertionPt == MBB->end()
762                      ? (MBB->empty() ? nullptr : &MBB->back())
763                      : InsertionPt->getPrevNode();
764         }
765         // Ensure this insertion is not redundant (two LFENCEs in sequence).
766         if ((InsertionPt == MBB->end() || !isFence(&*InsertionPt)) &&
767             (!Prev || !isFence(Prev))) {
768           BuildMI(*MBB, InsertionPt, DebugLoc(), TII->get(X86::LFENCE));
769           ++FencesInserted;
770         }
771       }
772     }
773   }
774   return FencesInserted;
775 }
776 
777 bool X86LoadValueInjectionLoadHardeningPass::instrUsesRegToAccessMemory(
778     const MachineInstr &MI, unsigned Reg) const {
779   if (!MI.mayLoadOrStore() || MI.getOpcode() == X86::MFENCE ||
780       MI.getOpcode() == X86::SFENCE || MI.getOpcode() == X86::LFENCE)
781     return false;
782 
783   // FIXME: This does not handle pseudo loading instruction like TCRETURN*
784   const MCInstrDesc &Desc = MI.getDesc();
785   int MemRefBeginIdx = X86II::getMemoryOperandNo(Desc.TSFlags);
786   if (MemRefBeginIdx < 0) {
787     LLVM_DEBUG(dbgs() << "Warning: unable to obtain memory operand for loading "
788                          "instruction:\n";
789                MI.print(dbgs()); dbgs() << '\n';);
790     return false;
791   }
792   MemRefBeginIdx += X86II::getOperandBias(Desc);
793 
794   const MachineOperand &BaseMO =
795       MI.getOperand(MemRefBeginIdx + X86::AddrBaseReg);
796   const MachineOperand &IndexMO =
797       MI.getOperand(MemRefBeginIdx + X86::AddrIndexReg);
798   return (BaseMO.isReg() && BaseMO.getReg() != X86::NoRegister &&
799           TRI->regsOverlap(BaseMO.getReg(), Reg)) ||
800          (IndexMO.isReg() && IndexMO.getReg() != X86::NoRegister &&
801           TRI->regsOverlap(IndexMO.getReg(), Reg));
802 }
803 
804 bool X86LoadValueInjectionLoadHardeningPass::instrUsesRegToBranch(
805     const MachineInstr &MI, unsigned Reg) const {
806   if (!MI.isConditionalBranch())
807     return false;
808   for (const MachineOperand &Use : MI.uses())
809     if (Use.isReg() && Use.getReg() == Reg)
810       return true;
811   return false;
812 }
813 
814 INITIALIZE_PASS_BEGIN(X86LoadValueInjectionLoadHardeningPass, PASS_KEY,
815                       "X86 LVI load hardening", false, false)
816 INITIALIZE_PASS_DEPENDENCY(MachineLoopInfo)
817 INITIALIZE_PASS_DEPENDENCY(MachineDominatorTree)
818 INITIALIZE_PASS_DEPENDENCY(MachineDominanceFrontier)
819 INITIALIZE_PASS_END(X86LoadValueInjectionLoadHardeningPass, PASS_KEY,
820                     "X86 LVI load hardening", false, false)
821 
822 FunctionPass *llvm::createX86LoadValueInjectionLoadHardeningPass() {
823   return new X86LoadValueInjectionLoadHardeningPass();
824 }
825 
826 namespace {
827 
828 /// The `X86LoadValueInjectionLoadHardeningPass` above depends on expensive
829 /// analysis passes that add complexity to the pipeline. This complexity
830 /// can cause noticable overhead when no optimizations are enabled, i.e., -O0.
831 /// The purpose of `X86LoadValueInjectionLoadHardeningUnoptimizedPass` is to
832 /// provide the same security as the optimized pass, but without adding
833 /// unnecessary complexity to the LLVM pipeline.
834 ///
835 /// The behavior of this pass is simply to insert an LFENCE after every load
836 /// instruction.
837 class X86LoadValueInjectionLoadHardeningUnoptimizedPass
838     : public MachineFunctionPass {
839 public:
840   X86LoadValueInjectionLoadHardeningUnoptimizedPass()
841       : MachineFunctionPass(ID) {}
842 
843   StringRef getPassName() const override {
844     return "X86 Load Value Injection (LVI) Load Hardening (Unoptimized)";
845   }
846   bool runOnMachineFunction(MachineFunction &MF) override;
847   static char ID;
848 };
849 
850 } // end anonymous namespace
851 
852 char X86LoadValueInjectionLoadHardeningUnoptimizedPass::ID = 0;
853 
854 bool X86LoadValueInjectionLoadHardeningUnoptimizedPass::runOnMachineFunction(
855     MachineFunction &MF) {
856   LLVM_DEBUG(dbgs() << "***** " << getPassName() << " : " << MF.getName()
857                     << " *****\n");
858   const X86Subtarget *STI = &MF.getSubtarget<X86Subtarget>();
859   if (!STI->useLVILoadHardening())
860     return false;
861 
862   // FIXME: support 32-bit
863   if (!STI->is64Bit())
864     report_fatal_error("LVI load hardening is only supported on 64-bit", false);
865 
866   // Don't skip functions with the "optnone" attr but participate in opt-bisect.
867   const Function &F = MF.getFunction();
868   if (!F.hasOptNone() && skipFunction(F))
869     return false;
870 
871   bool Modified = false;
872   ++NumFunctionsConsidered;
873 
874   const TargetInstrInfo *TII = STI->getInstrInfo();
875   for (auto &MBB : MF) {
876     for (auto &MI : MBB) {
877       if (!MI.mayLoad() || MI.getOpcode() == X86::LFENCE ||
878           MI.getOpcode() == X86::MFENCE)
879         continue;
880 
881       MachineBasicBlock::iterator InsertionPt =
882           MI.getNextNode() ? MI.getNextNode() : MBB.end();
883       BuildMI(MBB, InsertionPt, DebugLoc(), TII->get(X86::LFENCE));
884       ++NumFences;
885       Modified = true;
886     }
887   }
888 
889   if (Modified)
890     ++NumFunctionsMitigated;
891 
892   return Modified;
893 }
894 
895 INITIALIZE_PASS(X86LoadValueInjectionLoadHardeningUnoptimizedPass, PASS_KEY,
896                 "X86 LVI load hardening", false, false)
897 
898 FunctionPass *llvm::createX86LoadValueInjectionLoadHardeningUnoptimizedPass() {
899   return new X86LoadValueInjectionLoadHardeningUnoptimizedPass();
900 }
901