[PATCH] D81405: [AArch64] Avoid incompatibility between SLSBLR mitigation and BTI codegen.
Kristof Beyls via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Jun 8 08:48:23 PDT 2020
kristof.beyls created this revision.
kristof.beyls added a reviewer: ostannard.
Herald added subscribers: llvm-commits, danielkiss, hiraditya.
Herald added a project: LLVM.
kristof.beyls added a parent revision: D81404: [AArch64] Add clang command line support for -mharden-sls=.
A "BTI c" instruction only allows jumping/calling to using a BLR* instruction.
However, the SLSBLR mitigation changes a BLR to a BR to implement the
function call. Therefore, a "BTI c" check that passed before could
trigger after the BLR->BL change done by the SLSBLR mitigation.
However, if the register used in BR is X16 or X17, this trigger will not
fire (see ArmARM for further details).
Therefore, this patch makes sure that indirect function calls get
lowered to BLR X16 or BLR X17 when both
(a) BTI code generation is enabled, and
(b) the SLSBLR mitigation is enabled.
When the SLSBLR mitigation later in the compilation pipeline transforms
BLR X1{17} to BR X1{67}, the check done by "BTI c" at the jump target
will still pass.
This requires introducing a pseudo instruction to represent indirect
calls, rather than directly lowering to a BLR instruction.
The new pseudo instructions are: BLRCall and BLRCallX16X17.
The BLRCallX16X17 pseudo represent an indirect call that must use the
X16 or X17 register.
Instruction selection by default selects BLRCall. When both the SLSBLR
mitigation is enabled and BTI codegen is enabled, it'll select
BLRCallX16X17 instead.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D81405
Files:
llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
llvm/lib/Target/AArch64/AArch64FastISel.cpp
llvm/lib/Target/AArch64/AArch64FrameLowering.cpp
llvm/lib/Target/AArch64/AArch64InstrInfo.cpp
llvm/lib/Target/AArch64/AArch64InstrInfo.td
llvm/lib/Target/AArch64/AArch64RegisterBankInfo.cpp
llvm/lib/Target/AArch64/AArch64SLSHardening.cpp
llvm/lib/Target/AArch64/GISel/AArch64CallLowering.cpp
llvm/lib/Target/AArch64/GISel/AArch64InstructionSelector.cpp
llvm/test/CodeGen/AArch64/GlobalISel/call-translator.ll
llvm/test/CodeGen/AArch64/GlobalISel/irtranslator-exceptions.ll
llvm/test/CodeGen/AArch64/chkstk.ll
llvm/test/CodeGen/AArch64/speculation-hardening-sls-blr.mir
llvm/test/CodeGen/AArch64/speculation-hardening-sls.ll
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D81405.269248.patch
Type: text/x-patch
Size: 14175 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20200608/c32b76e7/attachment.bin>
More information about the llvm-commits
mailing list