From b40da79ea964f48dc9b324f4dab392fad54cb489 Mon Sep 17 00:00:00 2001
From: jdh8d <jdh8d@git.zephyr-software.com>
Date: Mon, 1 Feb 2016 18:23:58 +0000
Subject: [PATCH] Former-commit-id: d0c27ea228e3e181395dd0c8eafeec29d86fb2d4

---
 SConscript                          |  3 --
 SConstruct                          |  2 +-
 tools/selective_cfi/color_map.cpp   | 22 +++++++++++++-
 tools/selective_cfi/color_map.hpp   |  2 +-
 tools/selective_cfi/scfi_driver.cpp | 47 +++++++++++++++++++++++++++--
 tools/selective_cfi/scfi_instr.cpp  | 29 ++++++++++++------
 tools/selective_cfi/scfi_instr.hpp  |  3 ++
 7 files changed, 90 insertions(+), 18 deletions(-)

diff --git a/SConscript b/SConscript
index 072cdd25e..e236def15 100644
--- a/SConscript
+++ b/SConscript
@@ -89,7 +89,4 @@ if 'build_appfw' in env:
     if int(env['build_appfw']) == 1:		 
         SConscript("appfw/src/SConscript.64", variant_dir='scons_build/appfw.64')
         SConscript("appfw/src/SConscript.32", variant_dir='scons_build/appfw.32')
-else:
-    SConscript("appfw/src/SConscript.64", variant_dir='scons_build/appfw.64')
-    SConscript("appfw/src/SConscript.32", variant_dir='scons_build/appfw.32')
 
diff --git a/SConstruct b/SConstruct
index 4c1df6d02..8c18d6cf2 100644
--- a/SConstruct
+++ b/SConstruct
@@ -18,7 +18,7 @@ env.Replace(SECURITY_TRANSFORMS_HOME=os.environ['SECURITY_TRANSFORMS_HOME'])
 env.Replace(SMPSA_HOME=os.environ['SMPSA_HOME'])
 env.Replace(do_64bit_build=ARGUMENTS.get("do_64bit_build",None))
 env.Replace(debug=ARGUMENTS.get("debug",0))
-env.Replace(build_appfw=ARGUMENTS.get("build_appfw", 1))
+env.Replace(build_appfw=ARGUMENTS.get("build_appfw", 0))
 env.Replace(build_tools=ARGUMENTS.get("build_tools", 1))
 env.Replace(build_stars=ARGUMENTS.get("build_stars", 1))
 env.Replace(build_cgc=ARGUMENTS.get("build_cgc", 0))
diff --git a/tools/selective_cfi/color_map.cpp b/tools/selective_cfi/color_map.cpp
index d0a878de9..f152a59cd 100644
--- a/tools/selective_cfi/color_map.cpp
+++ b/tools/selective_cfi/color_map.cpp
@@ -23,7 +23,7 @@ bool ColoredInstructionNonces_t::create()
 	{
 		const ICFS_t& the_icfs=*it;
 
-		for(int slot_no=0; ; slot_no++)
+		for(int slot_no=0; /* loop until break */ ; slot_no++)
 		{
 			// check if we need to allocate a new slot
 			if(slot_no<slots_used.size())
@@ -71,6 +71,26 @@ bool ColoredInstructionNonces_t::create()
 
 	}
 
+#if 1 /* debug code */
+	UniqueICFSSet_t used_icfs;
+	for(InstructionSet_t::iterator it=firp->GetInstructions().begin(); it!=firp->GetInstructions().end(); ++it)
+	{
+		Instruction_t* insn=*it;
+		if(insn->GetIBTargets())
+		{
+			v=GetColorOfIB(insn);
+			cout<<"IB assigned [slot][color] for "<<insn->GetBaseID()<<":"<<insn->getDisassembly()
+			    <<"=["<<v.GetPosition()<<"]["<<hex<<v.GetNonceValue()<<dec<<"]"<<endl;
+
+			used_icfs.insert(*insn->GetIBTargets());
+	
+		}
+	}
+
+	cout<<"# ATTRIBUTE Unique_Used_ICFS_size="<<dec<<used_icfs.size()<<endl;
+	cout<<"# ATTRIBUTE Unique_ICFS_size="<<dec<<unique_icfs.size()<<endl;
+#endif
+
 	// output stats
 	cout<<"# ATTRIBUTE slots_used="<<slots_used.size()<<endl;
 	int total_slots = 0;
diff --git a/tools/selective_cfi/color_map.hpp b/tools/selective_cfi/color_map.hpp
index b591c0d10..8082c7d7a 100644
--- a/tools/selective_cfi/color_map.hpp
+++ b/tools/selective_cfi/color_map.hpp
@@ -50,7 +50,7 @@ class ColoredSlotValue_t
 class ColoredSlotAllocator_t
 {
 	public:
-		ColoredSlotAllocator_t(int sn, int mv) : slot_number(sn), used(0), max_value(mv) { }
+		ColoredSlotAllocator_t(int sn, int mv) : slot_number(sn), used(1), max_value(mv) { }
 
 		bool CanReserve() const { return used < max_value; }
 		ColoredSlotValue_t Reserve() 
diff --git a/tools/selective_cfi/scfi_driver.cpp b/tools/selective_cfi/scfi_driver.cpp
index 3f4fb6f60..5fbed5e04 100644
--- a/tools/selective_cfi/scfi_driver.cpp
+++ b/tools/selective_cfi/scfi_driver.cpp
@@ -35,7 +35,13 @@ using namespace libIRDB;
 
 void usage(char* name)
 {
-	cerr<<"Usage: "<<name<<" <variant_id> [--color|--no-color] [--protect-jumps|--no-protect-jumps] [--protect-rets|--no-protect-rets]\ndefault: --no-color --protect-jumps --protect-rets\n"; 
+	cerr<<" Usage: "<<name<<" <variant_id>  \n"
+"		[--color|--no-color]  \n"
+"		[--protect-jumps|--no-protect-jumps]  \n"
+"		[--protect-rets|--no-protect-rets] \n"
+"		[ --common-slow-path | --no-common-slow-path ] \n"
+" \n"
+"default: --no-color --protect-jumps --protect-rets --common-slow-path\n"; 
 }
 
 int main(int argc, char **argv)
@@ -53,22 +59,57 @@ int main(int argc, char **argv)
 	}
 
 	bool do_coloring=false;
+	bool do_common_slow_path=true;
 	bool do_jumps=true;
 	bool do_rets=true;
-	for(int  i=0;i<argc;i++)
+	for(int  i=2;i<argc;i++)
 	{
 		if(string(argv[i])=="--color")
+		{
+			cout<<"Using coloring..."<<endl;
 			do_coloring=true;
+		}
 		else if(string(argv[i])=="--no-color")
+		{
+			cout<<"Not using coloring..."<<endl;
 			do_coloring=false;
+		}
 		else if(string(argv[i])=="--protect-jumps")
+		{
+			cout<<"protecting jumps..."<<endl;
 			do_jumps=true;
+		}
 		else if(string(argv[i])=="--no-protect-jumps")
+		{
+			cout<<"Not protecting jumps..."<<endl;
 			do_jumps=false;
+		}
 		else if(string(argv[i])=="--protect-rets")
+		{
+			cout<<"protecting returns..."<<endl;
 			do_rets=true;
+		}
 		else if(string(argv[i])=="--no-protect-rets")
+		{
+			cout<<"Not protecting returns..."<<endl;
 			do_rets=false;
+		}
+		else if(string(argv[i])=="--common-slow-path")
+		{
+			cout<<"Using common slow path..."<<endl;
+			do_common_slow_path=true;
+		}
+		else if(string(argv[i])=="--no-common-slow-path")
+		{
+			cout<<"Not using common slow path..."<<endl;
+			do_common_slow_path=false;
+		}
+		else
+		{
+			cerr<<"Unknown option: "<< argv[i] << endl;
+			usage(argv[0]);
+			exit(1);
+		}
 	}
 
         string programName(argv[0]);
@@ -99,7 +140,7 @@ int main(int argc, char **argv)
 
                 try
                 {
-			SCFI_Instrument scfii(firp, do_coloring, do_jumps, do_rets);
+			SCFI_Instrument scfii(firp, do_coloring, do_common_slow_path, do_jumps, do_rets);
 
 
 			int success=scfii.execute();
diff --git a/tools/selective_cfi/scfi_instr.cpp b/tools/selective_cfi/scfi_instr.cpp
index 214c1db57..580aef3c4 100644
--- a/tools/selective_cfi/scfi_instr.cpp
+++ b/tools/selective_cfi/scfi_instr.cpp
@@ -420,6 +420,7 @@ void SCFI_Instrument::AddJumpCFI(Instruction_t* insn)
 	string jmpBits=getJumpDataBits();
         after->SetDataBits(jmpBits);
         after->SetComment(insn->getDisassembly()+" ; scfi");
+	assert(!do_common_slow_path); /* fixme:  this defaults to the slow_cfi path.  need to color accordingly */
 	createNewRelocation(firp,after,"slow_cfi_path",0);
 	after->SetFallthrough(NULL);
 	after->SetTarget(after);
@@ -488,14 +489,24 @@ void SCFI_Instrument::AddReturnCFI(Instruction_t* insn, ColoredSlotValue_t *v)
 		
 	int size=1;
 	int position=0;
-	string slow_cfi_path_reloc_string="slow_cfi_path=(1,0xf4,1)";
-	if( v && v->IsValid())
+	string slow_cfi_path_reloc_string;
+	if(do_coloring && !do_common_slow_path)
 	{
-		slow_cfi_path_reloc_string="slow_cfi_path=("+ to_string(v->GetPosition()) +","
-			                  + to_string(v->GetNonceValue())+","+ to_string(size) +")";
-		size=v->GetPosition();
+		slow_cfi_path_reloc_string="slow_cfi_path=(pos=-1,nv=244,sz=1)";
+		if( v && v->IsValid())
+		{
+			slow_cfi_path_reloc_string="slow_cfi_path=(pos=-"+ to_string(v->GetPosition()+1) +",nv="
+						  + to_string(v->GetNonceValue())+",sz="+ to_string(size) +")";
+			size=v->GetPosition();
+		}
+	}
+	else
+	{
+		slow_cfi_path_reloc_string="slow_cfi_path";
 	}
-	cout<<"Cal'd (unused) slow-path cfi reloc as: "<<slow_cfi_path_reloc_string<<endl;
+
+	
+	cout<<"Cal'd slow-path cfi reloc as: "<<slow_cfi_path_reloc_string<<endl;
 // fixme:  would like to mark a slow path per nonce type using the variables calc'd above.
 	
 	
@@ -508,7 +519,7 @@ void SCFI_Instrument::AddReturnCFI(Instruction_t* insn, ColoredSlotValue_t *v)
 	
         after->SetDataBits(jmpBits);
         after->SetComment(insn->getDisassembly()+" ; scfi");
-	createNewRelocation(firp,after,"slow_cfi_path",0);
+	createNewRelocation(firp,after,slow_cfi_path_reloc_string,0);
 	after->SetFallthrough(NULL);
 	after->SetTarget(after);
 	return;
@@ -555,9 +566,9 @@ void SCFI_Instrument::AddReturnCFI(Instruction_t* insn, ColoredSlotValue_t *v)
 	// set the jne's target to itself, and create a reloc that zipr/strata will have to resolve.
 	jne->SetTarget(jne);	// needed so spri/spasm/irdb don't freak out about missing target for new insn.
 	Relocation_t* reloc=create_reloc(jne);
-	reloc->SetType("slow_cfi_path");
-// fixme: record nonce value for each slot.
+	reloc->SetType(slow_cfi_path_reloc_string); 
 	reloc->SetOffset(0);
+	cout<<"Setting slow path for: "<<slow_cfi_path_reloc_string<<endl;
 
 	return;
 #endif
diff --git a/tools/selective_cfi/scfi_instr.hpp b/tools/selective_cfi/scfi_instr.hpp
index f448b7b93..dfb9e4404 100644
--- a/tools/selective_cfi/scfi_instr.hpp
+++ b/tools/selective_cfi/scfi_instr.hpp
@@ -31,10 +31,12 @@ class SCFI_Instrument
 	public:
 		SCFI_Instrument(libIRDB::FileIR_t *the_firp, 
 				bool p_do_coloring=true,
+				bool p_do_common_slow_path=true,
 				bool p_do_jumps=true,
 				bool p_do_rets=true) 
 			: firp(the_firp), 
 			  do_coloring(p_do_coloring), 
+			  do_common_slow_path(p_do_common_slow_path), 
 			  do_jumps(p_do_jumps), 
 			  do_rets(p_do_rets), 
 			  color_map(NULL) {}
@@ -71,6 +73,7 @@ class SCFI_Instrument
 	
 		libIRDB::FileIR_t* firp;
 		bool do_coloring;
+		bool do_common_slow_path;
 		bool do_jumps;
 		bool do_rets;
 		ColoredInstructionNonces_t *color_map;
-- 
GitLab