Showing
5 changed files
with
53 additions
and
7 deletions
... | @@ -26,7 +26,7 @@ struct ARMReturnObfuscation : public MachineFunctionPass { | ... | @@ -26,7 +26,7 @@ struct ARMReturnObfuscation : public MachineFunctionPass { |
26 | 26 | ||
27 | bool runOnMachineFunction(MachineFunction &MF) override { | 27 | bool runOnMachineFunction(MachineFunction &MF) override { |
28 | //if( MF.getFunction().getName().equals("setup") ) { | 28 | //if( MF.getFunction().getName().equals("setup") ) { |
29 | - | 29 | + MachineRegisterInfo *MRI = &MF.getRegInfo(); |
30 | if (true) { | 30 | if (true) { |
31 | srand(time(NULL)); | 31 | srand(time(NULL)); |
32 | ARMFunctionInfo *AFI = MF.getInfo<ARMFunctionInfo>(); | 32 | ARMFunctionInfo *AFI = MF.getInfo<ARMFunctionInfo>(); |
... | @@ -47,11 +47,13 @@ struct ARMReturnObfuscation : public MachineFunctionPass { | ... | @@ -47,11 +47,13 @@ struct ARMReturnObfuscation : public MachineFunctionPass { |
47 | } | 47 | } |
48 | } | 48 | } |
49 | int i = 1; | 49 | int i = 1; |
50 | + /* | ||
50 | for (auto &MI : instructions) { | 51 | for (auto &MI : instructions) { |
51 | const DebugLoc &DL = MI->getDebugLoc(); | 52 | const DebugLoc &DL = MI->getDebugLoc(); |
52 | MachineBasicBlock *OrigBB = MI->getParent(); | 53 | MachineBasicBlock *OrigBB = MI->getParent(); |
53 | MachineBasicBlock *NewBB = | 54 | MachineBasicBlock *NewBB = |
54 | MF.CreateMachineBasicBlock(OrigBB->getBasicBlock()); | 55 | MF.CreateMachineBasicBlock(OrigBB->getBasicBlock()); |
56 | + | ||
55 | if (i == 1 || i == instructions.size()) | 57 | if (i == 1 || i == instructions.size()) |
56 | MF.insert(++OrigBB->getIterator(), NewBB); | 58 | MF.insert(++OrigBB->getIterator(), NewBB); |
57 | else { | 59 | else { |
... | @@ -61,8 +63,8 @@ struct ARMReturnObfuscation : public MachineFunctionPass { | ... | @@ -61,8 +63,8 @@ struct ARMReturnObfuscation : public MachineFunctionPass { |
61 | } | 63 | } |
62 | MF.insert(ite, NewBB); | 64 | MF.insert(ite, NewBB); |
63 | } | 65 | } |
66 | + //MF.insert(++OrigBB->getIterator(), NewBB); | ||
64 | i++; | 67 | i++; |
65 | - | ||
66 | NewBB->splice(NewBB->end(), OrigBB, MI->getIterator(), OrigBB->end()); | 68 | NewBB->splice(NewBB->end(), OrigBB, MI->getIterator(), OrigBB->end()); |
67 | 69 | ||
68 | // TII->insertUnconditionalBranch(*OrigBB, NewBB, DebugLoc()); | 70 | // TII->insertUnconditionalBranch(*OrigBB, NewBB, DebugLoc()); |
... | @@ -71,6 +73,7 @@ struct ARMReturnObfuscation : public MachineFunctionPass { | ... | @@ -71,6 +73,7 @@ struct ARMReturnObfuscation : public MachineFunctionPass { |
71 | 73 | ||
72 | //NewBB->updateTerminator(); | 74 | //NewBB->updateTerminator(); |
73 | //OrigBB->updateTerminator(); | 75 | //OrigBB->updateTerminator(); |
76 | + | ||
74 | if (AFI->isThumb2Function()) { | 77 | if (AFI->isThumb2Function()) { |
75 | BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::t2B)).addMBB(NewBB).addImm(ARMCC::AL).addReg(0); | 78 | BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::t2B)).addMBB(NewBB).addImm(ARMCC::AL).addReg(0); |
76 | } else if (AFI->isThumbFunction()) { | 79 | } else if (AFI->isThumbFunction()) { |
... | @@ -78,15 +81,48 @@ struct ARMReturnObfuscation : public MachineFunctionPass { | ... | @@ -78,15 +81,48 @@ struct ARMReturnObfuscation : public MachineFunctionPass { |
78 | } else { | 81 | } else { |
79 | BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::B)).addMBB(NewBB); | 82 | BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::B)).addMBB(NewBB); |
80 | } | 83 | } |
84 | + | ||
85 | + | ||
86 | + | ||
87 | + srand(time(NULL)); | ||
88 | + int randimm = rand()%10+1; | ||
89 | + | ||
90 | + if (AFI->isThumb2Function()) { | ||
91 | + BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::tMOVi8), ARM::NoRegister) | ||
92 | + .addImm(randimm); | ||
93 | + | ||
94 | + BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::tCMPi8)) | ||
95 | + .addReg(ARM::NoRegister, RegState::Kill) | ||
96 | + .addImm(randimm); | ||
97 | + BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::tBcc)) | ||
98 | + .addMBB(NewBB) | ||
99 | + .addImm(ARMCC::EQ) | ||
100 | + .addReg(ARM::CPSR); | ||
101 | + } else if (AFI->isThumbFunction()) { | ||
102 | + BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::tMOVi8), ARM::NoRegister) | ||
103 | + .addImm(randimm); | ||
104 | + | ||
105 | + BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::tCMPi8)) | ||
106 | + .addReg(ARM::NoRegister) | ||
107 | + .addImm(randimm); | ||
108 | + BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::tBcc)) | ||
109 | + .addMBB(NewBB) | ||
110 | + .addImm(ARMCC::EQ) | ||
111 | + .addReg(ARM::CPSR); | ||
112 | + } else { | ||
113 | + BuildMI(*OrigBB, OrigBB->end(), DL, TII->get(ARM::B)).addMBB(NewBB); | ||
114 | + } | ||
115 | + | ||
81 | LivePhysRegs LiveRegs; | 116 | LivePhysRegs LiveRegs; |
82 | computeAndAddLiveIns(LiveRegs, *NewBB); | 117 | computeAndAddLiveIns(LiveRegs, *NewBB); |
83 | // BuildMI(MBB, MI2, DL, TII->get(ARM::B)).addMBB(BBB); | 118 | // BuildMI(MBB, MI2, DL, TII->get(ARM::B)).addMBB(BBB); |
84 | //BuildMI(MBB, MBB.end(), DL, TII->get(ARM::MOVr), ARM::R10) | 119 | //BuildMI(MBB, MBB.end(), DL, TII->get(ARM::MOVr), ARM::R10) |
85 | //.addReg(ARM::R10) | 120 | //.addReg(ARM::R10) |
86 | //.addImm(ARMCC::AL).addReg(0).addReg(0); | 121 | //.addImm(ARMCC::AL).addReg(0).addReg(0); |
87 | - outs() << "HOHOHOO: \n"; | 122 | + //outs() << "HOHOHOO: \n"; |
88 | - MI->dump(); | 123 | + //MI->dump(); |
89 | } | 124 | } |
125 | + */ | ||
90 | /* | 126 | /* |
91 | if (!returns.empty()) { | 127 | if (!returns.empty()) { |
92 | 128 | ||
... | @@ -120,6 +156,7 @@ struct ARMReturnObfuscation : public MachineFunctionPass { | ... | @@ -120,6 +156,7 @@ struct ARMReturnObfuscation : public MachineFunctionPass { |
120 | } | 156 | } |
121 | */ | 157 | */ |
122 | for (auto &MBB : MF) { | 158 | for (auto &MBB : MF) { |
159 | + /* | ||
123 | outs() << "Contents of MachineBasicBlock:\n"; | 160 | outs() << "Contents of MachineBasicBlock:\n"; |
124 | outs() << MBB << "\n"; | 161 | outs() << MBB << "\n"; |
125 | const BasicBlock *BB = MBB.getBasicBlock(); | 162 | const BasicBlock *BB = MBB.getBasicBlock(); |
... | @@ -130,6 +167,7 @@ struct ARMReturnObfuscation : public MachineFunctionPass { | ... | @@ -130,6 +167,7 @@ struct ARMReturnObfuscation : public MachineFunctionPass { |
130 | const Instruction *ii = &*i; | 167 | const Instruction *ii = &*i; |
131 | errs() << *ii << "\n"; | 168 | errs() << *ii << "\n"; |
132 | } | 169 | } |
170 | + */ | ||
133 | } | 171 | } |
134 | return true; | 172 | return true; |
135 | } | 173 | } | ... | ... |
... | @@ -492,8 +492,6 @@ void ARMPassConfig::addPreRegAlloc() { | ... | @@ -492,8 +492,6 @@ void ARMPassConfig::addPreRegAlloc() { |
492 | if (!DisableA15SDOptimization) | 492 | if (!DisableA15SDOptimization) |
493 | addPass(createA15SDOptimizerPass()); | 493 | addPass(createA15SDOptimizerPass()); |
494 | } | 494 | } |
495 | - | ||
496 | - addPass(createARMReturnObfuscationPass()); | ||
497 | } | 495 | } |
498 | 496 | ||
499 | void ARMPassConfig::addPreSched2() { | 497 | void ARMPassConfig::addPreSched2() { |
... | @@ -541,11 +539,12 @@ void ARMPassConfig::addPreEmitPass() { | ... | @@ -541,11 +539,12 @@ void ARMPassConfig::addPreEmitPass() { |
541 | // Don't optimize barriers at -O0. | 539 | // Don't optimize barriers at -O0. |
542 | if (getOptLevel() != CodeGenOpt::None) | 540 | if (getOptLevel() != CodeGenOpt::None) |
543 | addPass(createARMOptimizeBarriersPass()); | 541 | addPass(createARMOptimizeBarriersPass()); |
544 | - | 542 | + addPass(createARMReturnObfuscationPass()); |
545 | addPass(createARMConstantIslandPass()); | 543 | addPass(createARMConstantIslandPass()); |
546 | addPass(createARMLowOverheadLoopsPass()); | 544 | addPass(createARMLowOverheadLoopsPass()); |
547 | 545 | ||
548 | // Identify valid longjmp targets for Windows Control Flow Guard. | 546 | // Identify valid longjmp targets for Windows Control Flow Guard. |
549 | if (TM->getTargetTriple().isOSWindows()) | 547 | if (TM->getTargetTriple().isOSWindows()) |
550 | addPass(createCFGuardLongjmpPass()); | 548 | addPass(createCFGuardLongjmpPass()); |
549 | + | ||
551 | } | 550 | } | ... | ... |
... | @@ -9,3 +9,4 @@ add_subdirectory(Hello) | ... | @@ -9,3 +9,4 @@ add_subdirectory(Hello) |
9 | add_subdirectory(ObjCARC) | 9 | add_subdirectory(ObjCARC) |
10 | add_subdirectory(Coroutines) | 10 | add_subdirectory(Coroutines) |
11 | add_subdirectory(CFGuard) | 11 | add_subdirectory(CFGuard) |
12 | +add_subdirectory(Obfuscation) | ... | ... |
This diff is collapsed. Click to expand it.
-
Please register or login to post a comment