search

intel / intel-ipsec-mb

Intel(R) Multi-Buffer Crypto for IPSec
BSD 3-Clause "New" or "Revised" License
292 stars 88 forks source link

CRT CF Guard issue on Windows #96

Closed tkanteck closed 2 years ago

tkanteck commented 2 years ago

If compiler supports /guard:cf option then library and application compilation leverages this extension and generates CET compatible binary.

However, when testing the binary with Intel(R) SDE the tools may throw a number of control flow ENDBRANCH errors (see below) that trace back to linked CRT library.

At this moment, fix to this problem is not known and it's being investigated.

Please note that no errors against original library have been observed.

> sde -cet -cet-stderr -cet_call_stack -cet_endbr_include_image libIPSec_MB.dll -cet-endbr-exe -- ipsec_MB_testapp.exe

IMG: c:\intel-ipsec-mb\test\ipsec_MB_testapp.exe Address: 0x7ff6a303dfff:0x7ff6a2e80000 added to the checked image map
IMG: C:\WINDOWS\System32\KERNELBASE.dll Address: 0x7ffc2e147fff:0x7ffc2de80000 added to the legacy images list
IMG: C:\WINDOWS\System32\KERNEL32.DLL Address: 0x7ffc2fc2dfff:0x7ffc2fb70000 added to the legacy images list
IMG: C:\WINDOWS\SYSTEM32\ntdll.dll Address: 0x7ffc30304fff:0x7ffc30110000 added to the legacy images list
IMG: c:\intel-ipsec-mb\test\libIPSec_MB.dll Address: 0x7ffbb91c6fff:0x7ffbb5c00000 added to the checked image map
Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c012f0 INS:  jmp 0x7ffbb90f19c0
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb90f19c0  _DllMainCRTStartup  c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f19c0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:324
 1# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6
 2# 0x00007ffc301299bc  RtlActivateActivationContextUnsafeFastC:\WINDOWS\SYSTEM32\ntdll.dll:0x0000199bc
 3# 0x00007ffc3017c014  LdrGetProcedureAddressExC:\WINDOWS\SYSTEM32\ntdll.dll:0x00006c014
 4# 0x00007ffc3017bf38  LdrGetProcedureAddressExC:\WINDOWS\SYSTEM32\ntdll.dll:0x00006bf38
 5# 0x00007ffc3017bf38  LdrGetProcedureAddressExC:\WINDOWS\SYSTEM32\ntdll.dll:0x00006bf38

Control flow ENDBRANCH error detected at IP: 0x00007ffbb9129660 INS:  lea rax, ptr [rip+0x87fd9]
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb9129660  initialize_global_variablesc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003529660 at minkernel\crts\ucrt\src\appcrt\internal\initialization.cpp:28
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb913f42c  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f42c at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:14
 3# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 4# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 5# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 6# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 7# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 8# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 9# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6

Control flow ENDBRANCH error detected at IP: 0x00007ffbb9129710 INS:  push rbx
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb9129710  initialize_pointers c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003529710 at minkernel\crts\ucrt\src\appcrt\internal\initialization.cpp:152
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb913f42c  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f42c at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:14
 3# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 4# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 5# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 6# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 7# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 8# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 9# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6

Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c01b30 INS:  jmp 0x7ffbb912ec30
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb912ec30  __acrt_initialize_winapi_thunksc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00352ec30 at minkernel\crts\ucrt\src\appcrt\internal\winapi_thunks.cpp:153
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb913f42c  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f42c at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:14
 3# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 4# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 5# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 6# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 7# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 8# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 9# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6

Control flow ENDBRANCH error detected at IP: 0x00007ffbb91296f0 INS:  mov al, 0x1
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb91296f0  initialize_global_state_isolationc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0035296f0 at minkernel\crts\ucrt\src\appcrt\internal\initialization.cpp:138
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb913f42c  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f42c at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:14
 3# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 4# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 5# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 6# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 7# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 8# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 9# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6

Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c06750 INS:  jmp 0x7ffbb913a1f0
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb913a1f0  __acrt_initialize_locksc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353a1f0 at minkernel\crts\ucrt\src\appcrt\internal\locks.cpp:26
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb913f42c  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f42c at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:14
 3# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 4# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 5# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 6# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 7# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 8# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 9# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6

Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c06e60 INS:  jmp 0x7ffbb913f3e0
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb913f3e0  __acrt_initialize_heapc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f3e0 at minkernel\crts\ucrt\src\appcrt\heap\heap_handle.cpp:22
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb913f42c  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f42c at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:14
 3# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 4# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 5# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 6# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 7# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 8# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 9# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6

Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c018e0 INS:  jmp 0x7ffbb91327e0
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb91327e0  __acrt_initialize_ptdc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0035327e0 at minkernel\crts\ucrt\src\appcrt\internal\per_thread_data.cpp:28
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb913f42c  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f42c at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:14
 3# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 4# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 5# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 6# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 7# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 8# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 9# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6

Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c096b0 INS:  jmp 0x7ffbb912f9c0
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb912f9c0  __acrt_initialize_lowioc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00352f9c0 at minkernel\crts\ucrt\src\appcrt\lowio\ioinit.cpp:225
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb913f42c  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f42c at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:14
 3# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 4# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 5# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 6# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 7# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 8# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 9# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6

Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c03cb0 INS:  jmp 0x7ffbb913e010
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb913e010  __acrt_initialize_command_linec:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353e010 at minkernel\crts\ucrt\src\appcrt\startup\argv_data.cpp:62
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb913f42c  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f42c at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:14
 3# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 4# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 5# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 6# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 7# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 8# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 9# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6

Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c06230 INS:  jmp 0x7ffbb913d740
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb913d740  __acrt_initialize_multibytec:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353d740 at minkernel\crts\ucrt\src\appcrt\mbstring\mbctype.cpp:894
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 3# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 4# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 5# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 6# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 7# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 8# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6
 9# 0x00007ffc301299bc  RtlActivateActivationContextUnsafeFastC:\WINDOWS\SYSTEM32\ntdll.dll:0x0000199bc

Control flow ENDBRANCH error detected at IP: 0x00007ffbb91296c0 INS:  mov al, 0x1
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb91296c0  initialize_environmentc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0035296c0 at minkernel\crts\ucrt\src\appcrt\internal\initialization.cpp:97
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 3# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 4# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 5# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 6# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 7# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 8# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6
 9# 0x00007ffc301299bc  RtlActivateActivationContextUnsafeFastC:\WINDOWS\SYSTEM32\ntdll.dll:0x0000199bc

Control flow ENDBRANCH error detected at IP: 0x00007ffbb9129680 INS:  sub rsp, 0x28
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb9129680  initialize_c        c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003529680 at minkernel\crts\ucrt\src\appcrt\internal\initialization.cpp:83
 1# 0x00007ffbb913f45b  __acrt_execute_initializersc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00353f45b at minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp:20
 2# 0x00007ffbb5c08890  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000008890
 3# 0x00007ffbb90f22ec  __scrt_initialize_crtc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f22ec at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\utility\utility.cpp:185
 4# 0x00007ffbb5c0b3d0  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00000b3d0
 5# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 6# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 7# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 8# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6
 9# 0x00007ffc301299bc  RtlActivateActivationContextUnsafeFastC:\WINDOWS\SYSTEM32\ntdll.dll:0x0000199bc

Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c08120 INS:  jmp 0x7ffbb9105a40
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb9105a40  __acrt_initialize_stdioc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003505a40 at minkernel\crts\ucrt\src\appcrt\stdio\_file.cpp:60
 1# 0x00007ffbb9126b67  _initterm_e         c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003526b67 at minkernel\crts\ucrt\src\appcrt\startup\initterm.cpp:35
 2# 0x00007ffbb9126b40  _initterm_e         c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003526b40 at minkernel\crts\ucrt\src\appcrt\startup\initterm.cpp:34
 3# 0x00007ffbb5c05c00  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000005c00
 4# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 5# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 6# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 7# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6
 8# 0x00007ffc301299bc  RtlActivateActivationContextUnsafeFastC:\WINDOWS\SYSTEM32\ntdll.dll:0x0000199bc
 9# 0x00007ffc3017c014  LdrGetProcedureAddressExC:\WINDOWS\SYSTEM32\ntdll.dll:0x00006c014

Control flow ENDBRANCH error detected at IP: 0x00007ffbb914cc90 INS:  sub rsp, 0x28
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb914cc90  initialize_multibytec:\intel-ipsec-mb\test\libIPSec_MB.dll:0x00354cc90 at minkernel\crts\ucrt\src\appcrt\initializers\multibyte_initializer.cpp:16
 1# 0x00007ffbb9126b67  _initterm_e         c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003526b67 at minkernel\crts\ucrt\src\appcrt\startup\initterm.cpp:35
 2# 0x00007ffbb9126b40  _initterm_e         c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003526b40 at minkernel\crts\ucrt\src\appcrt\startup\initterm.cpp:34
 3# 0x00007ffbb5c05c00  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000005c00
 4# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 5# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 6# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 7# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6
 8# 0x00007ffc301299bc  RtlActivateActivationContextUnsafeFastC:\WINDOWS\SYSTEM32\ntdll.dll:0x0000199bc
 9# 0x00007ffc3017c014  LdrGetProcedureAddressExC:\WINDOWS\SYSTEM32\ntdll.dll:0x00006c014

Control flow ENDBRANCH error detected at IP: 0x00007ffbb5c01e10 INS:  jmp 0x7ffbb9152a90
     Last branch IP: 0x00007ffc3019c643 INS:  jmp rax
Call stack:
#                IP           FUNCTION                                        IMAGE NAME                                                                                                    FILE NAME:LINE:COLUMN
 0# 0x00007ffbb9152a90  __acrt_initialize_fma3c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003552a90 at minkernel\crts\ucrt\src\appcrt\tran\fma3_available.c:32
 1# 0x00007ffbb9126b67  _initterm_e         c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003526b67 at minkernel\crts\ucrt\src\appcrt\startup\initterm.cpp:35
 2# 0x00007ffbb9126b40  _initterm_e         c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x003526b40 at minkernel\crts\ucrt\src\appcrt\startup\initterm.cpp:34
 3# 0x00007ffbb5c05c00  unnamedImageEntryPointc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x000005c00
 4# 0x00007ffbb90f1614  dllmain_crt_process_attachc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1614 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:34
 5# 0x00007ffbb90f15b0  dllmain_crt_dispatchc:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f15b0 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:216
 6# 0x00007ffbb90f1818  dllmain_dispatch    c:\intel-ipsec-mb\test\libIPSec_MB.dll:0x0034f1818 at D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\dll_dllmain.cpp:257
 7# 0x00007ffc301bdac6  memset              C:\WINDOWS\SYSTEM32\ntdll.dll:0x0000adac6
 8# 0x00007ffc301299bc  RtlActivateActivationContextUnsafeFastC:\WINDOWS\SYSTEM32\ntdll.dll:0x0000199bc
 9# 0x00007ffc3017c014  LdrGetProcedureAddressExC:\WINDOWS\SYSTEM32\ntdll.dll:0x00006c014

IMG: C:\WINDOWS\System32\umppc14406.dll Address: 0x16bdc6c2fff:0x16bdc6b0000 added to the legacy images list
IMG: C:\WINDOWS\System32\umppc14406.dll Address: 0x16bdc6c2fff:0x16bdc6b0000 added to the legacy images list
tkanteck commented 2 years ago

It turns out that MSVC is not producing endbranch opcodes and it implements control flow enforcement in a different way.

https://techcommunity.microsoft.com/t5/windows-kernel-internals-blog/developer-guidance-for-hardware-enforced-stack-protection/ba-p/2163340 https://techcommunity.microsoft.com/t5/windows-kernel-internals-blog/understanding-hardware-enforced-stack-protection/ba-p/1247815

As the result, in the library windows build endbranch instructions will be removed from the assembly code.

tkanteck commented 2 years ago

https://github.com/intel/intel-ipsec-mb/commit/2f7e890c0a7ed66b019189450e8312ecd850b907