Internal shadow stack on_clone

zwimer / DrShadowStack

A software defined dynamic shadow stack utilizing dynamorio

http://www.zwimer.com/DrShadowStack/

GNU General Public License v3.0

5 stars 0 forks source link

Internal shadow stack on_clone #71

Closed zwimer closed 6 years ago

zwimer commented 6 years ago

The internal shadow stack needs to handle threading events.

zwimer commented 6 years ago

Specifically, clone calls that lead to threads. Use drmgr for the thread init event (does not get called for fork, this was tested) Note: thread exit event does get called when even a single threaded process dies. Instead of one stack, maybe keep a map<tid, shadowstack> ?

zwimer commented 6 years ago

Also: thread SS should clear stack on thread event

zwimer commented 6 years ago

This map requires syscall get tid on each call. Maybe try to do this once and store the result in TLS?

Drmgr gives an interface to store things in a thread local context. Look up the memtrace sample, it had a per_thread_t struct that's manipulated.

Also need to figure out what happens to TLS for k threads on fork event?

zwimer commented 6 years ago

Uses drmgr_register_tls_field, drmgr_get_tls_field, and drmgr_set_tls_field.

zwimer commented 6 years ago

Done