[all-commits] [llvm/llvm-project] d7e8a7: [AArch64][PAC] Lower auth/resign into checked sequ...

Mon Jul 22 21:28:23 PDT 2024

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: d7e8a7487cd793df0fdf51a94afc25ab0a325a9a
      https://github.com/llvm/llvm-project/commit/d7e8a7487cd793df0fdf51a94afc25ab0a325a9a
  Author: Ahmed Bougacha <ahmed at bougacha.org>
  Date:   2024-07-22 (Mon, 22 Jul 2024)

  Changed paths:
    M llvm/lib/Target/AArch64/AArch64AsmPrinter.cpp
    M llvm/lib/Target/AArch64/AArch64Features.td
    M llvm/lib/Target/AArch64/AArch64ISelDAGToDAG.cpp
    M llvm/lib/Target/AArch64/AArch64InstrInfo.td
    M llvm/lib/Target/AArch64/GISel/AArch64InstructionSelector.cpp
    A llvm/test/CodeGen/AArch64/ptrauth-fpac.ll
    A llvm/test/CodeGen/AArch64/ptrauth-intrinsic-auth-resign-with-blend.ll
    A llvm/test/CodeGen/AArch64/ptrauth-intrinsic-auth-resign.ll

  Log Message:
  -----------
  [AArch64][PAC] Lower auth/resign into checked sequence. (#79024)

This introduces 3 hardening modes in the authentication step of
auth/resign lowering:
- unchecked, which uses the AUT instructions as-is
- poison, which detects authentication failure (using an XPAC+CMP
  sequence), explicitly yielding the XPAC result rather than the
  AUT result, to avoid leaking
- trap, which additionally traps on authentication failure,
  using BRK #0xC470 + key (IA C470, IB C471, DA C472, DB C473.)

Not all modes are necessarily useful in all contexts, and there
are more performant alternative lowerings in specific contexts
(e.g., when I/D TBI enablement is a target ABI guarantee.)
These will be implemented separately.

This is controlled by the `ptrauth-auth-traps` function attributes,
and can be overridden using `-aarch64-ptrauth-auth-checks=`.

This also adds the FPAC extension, which we haven't needed
before, to improve isel when we can rely on HW checking.

To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications