-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsecurity_layer.h
More file actions
38 lines (32 loc) · 978 Bytes
/
Copy pathsecurity_layer.h
File metadata and controls
38 lines (32 loc) · 978 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#ifndef SECURITY_LAYER_H
#define SECURITY_LAYER_H
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
extern unsigned long shadow_stack[];
extern int shadow_sp;
#ifdef ENABLE_SECURITY
#define SHADOW_PROLOGUE() { \
__asm__ volatile ( \
"movq 8(%%rbp), %%rax\n\t" \
"movq %%rax, %0\n\t" \
: "=m" (shadow_stack[shadow_sp++]) \
: \
: "rax" \
); \
}
#define SHADOW_EPILOGUE() { \
unsigned long current_ra = (unsigned long)__builtin_return_address(0); \
unsigned long original_ra = shadow_stack[--shadow_sp]; \
if (current_ra != original_ra) { \
fprintf(stderr, "\n[ALERT] Security Breach! Return address mismatch.\n"); \
fprintf(stderr, "[Detail] Expected: %lx | Found: %lx\n", original_ra, current_ra); \
_exit(1); \
} \
}
#else
// If security is disabled, macros are empty and impose no CPU overhead.
#define SHADOW_PROLOGUE()
#define SHADOW_EPILOGUE()
#endif
#endif