[llvm-branch-commits] [lld] [PAC][lld][AArch64][ELF] Support signed TLSDESC (PR #113817)

Fri Nov 1 11:12:45 PDT 2024

================
@@ -1355,6 +1355,36 @@ unsigned RelocationScanner::handleTlsRelocation(RelExpr expr, RelType type,
     return 1;
   }
 
+  auto fatalBothAuthAndNonAuth = [&sym]() {
+    fatal("both AUTH and non-AUTH TLSDESC entries for '" + sym.getName() +
+          "' requested, but only one type of TLSDESC entry per symbol is "
+          "supported");
+  };
+
+  // Do not optimize signed TLSDESC as described in pauthabielf64 to LE/IE.
+  // https://github.com/ARM-software/abi-aa/blob/main/pauthabielf64/pauthabielf64.rst#general-restrictions
+  // > PAUTHELF64 only supports the descriptor based TLS (TLSDESC).
+  if (oneof<R_AARCH64_AUTH_TLSDESC_PAGE, RelExpr::R_AARCH64_AUTH_TLSDESC>(
+          expr)) {
+    assert(ctx.arg.emachine == EM_AARCH64);
+    if (!sym.hasFlag(NEEDS_TLSDESC))
+      sym.setFlags(NEEDS_TLSDESC | NEEDS_TLSDESC_AUTH);
+    else if (!sym.hasFlag(NEEDS_TLSDESC_AUTH))
+      fatalBothAuthAndNonAuth();
+    sec->addReloc({expr, type, offset, addend, &sym});
+    return 1;
+  }
+
+  if (sym.hasFlag(NEEDS_TLSDESC_AUTH)) {
+    assert(ctx.arg.emachine == EM_AARCH64);
+    // TLSDESC_CALL hint relocation probably should not be emitted by compiler
+    // with signed TLSDESC enabled since it does not give any value, but leave a
+    // check against that just in case someone uses it.
+    if (expr != R_TLSDESC_CALL)
+      fatalBothAuthAndNonAuth();
----------------
ilovepi wrote:

Thanks for the clarification. I was thinking something could reach here w/ `NEEDS_TLSDESC_AUTH` set that isn't a `TLSDESC_CALL` reloc, but wouldn't be both Auth and non-Auth (e.g. just plain invalid, rather than this flavor of invalid).

https://github.com/llvm/llvm-project/pull/113817
