[clang] [PAC] Add support for __ptrauth type qualifier (PR #100830)
Daniil Kovalev via cfe-commits
cfe-commits at lists.llvm.org
Sun Aug 4 22:57:36 PDT 2024
================
@@ -1758,6 +1758,34 @@ Also see the documentation for `@available
}];
}
+def PtrAuthDocs : Documentation {
+ let Category = DocCatVariable;
+ let Heading = "__ptrauth, __ptrauth_restricted_intptr";
+ let Content = [{
+The ``__ptrauth`` qualifier allows the programmer to directly control
+how pointers are signed when they are stored in a particular variable.
+This can be used to strengthen the default protections of pointer
+authentication and make it more difficult for an attacker to escalate
+an ability to alter memory into full control of a process.
+
+.. code-block:: c
+
+ #include <ptrauth.h>
+
+ typedef void (*my_callback)(const void*);
+ my_callback __ptrauth(ptrauth_key_process_dependent_code, 1, 0xe27a) callback;
+
+The first argument to ``__ptrauth`` is the name of the signing key.
+Valid key names for the target are defined in ``<ptrauth.h>``.
+
+The second argument to ``__ptrauth`` is a flag (0 or 1) specifying whether
+the object should use address discrimination.
+
+The third argument to ``__ptrauth`` is a small non-negative integer
----------------
kovdan01 wrote:
> a small non-negative integer
Nit: it's probably worth providing explicit integer width (e.g. 16 bits) rather than just saying "small". It looks like 16 bits is the only allowed max width now (see `PointerAuthQualifier::DiscriminatorBits`)
https://github.com/llvm/llvm-project/pull/100830
More information about the cfe-commits
mailing list