[clang] [llvm] [PAC][Driver] Implement `-mbranch-protection=pauthabi` option (PR #97237)
Daniil Kovalev via cfe-commits
cfe-commits at lists.llvm.org
Wed Jul 10 01:15:03 PDT 2024
kovdan01 wrote:
Thanks @smithp35 for a detailed description!
> Use the environment part of the triple
I suppose we should use this this option since it's harder for end users to use that incorrectly - it looks like that many real-world code and corresponding build environments rely on triple and do not encounter other options (for example, as you said, hard/soft float are encoded in triple or normalized to triple if passed separately).
I'll implement initial support for that and update current PR.
> I think we should require the `+pauth` feature (default in armv8.3-A) for `-mabi=pauth<signing-schema>` to be accepted.
We actually have a similar issue already opened, see #97332, so yes, it's a known feature request.
> If we are being as careful to avoid prematurly fixing a signing schema for the linux target we could use a of test and no `-mabi=pauth` default. For example `-mabi=pauthtest`.
I like this idea. Of course, we can mark functionality as "alpha" or "experimental", but just using a different option value makes this more explicit and end users will not have a chance to mix "alpha" stuff with "released" stuff when we have one.
> I think that this has to be under control of the platform. My intuition is that we trust the user, perhaps with a warning, and
> record the high-level signing schema.
In general, I agree with that point, but for the first "adoption" phase (while we have `-mabi=pauthtest` or `-mabi=pauth` marked as "alpha") it might be useful to encode the low-level schema - we let users compile with `-fptrauth-*` flags if they want (probably with a huge warning that they are using this at their own risk), but we do not let them link incompatible binaries. At least, I suggest to limit scope of the PR to implementing `-mabi=pauth` (normalizing to triple), parsing the triple and enabling proper features correspondingly, while leaving low-level encoding of signing schema in pauth core info (inside elf's gnu property) already implemented untouched as for now.
https://github.com/llvm/llvm-project/pull/97237
More information about the cfe-commits
mailing list