[compiler-rt] 2015508 - [AArch64][compiler-rt] Add Pointer Authentication support for VFORK.

Daniel Kiss via llvm-commits llvm-commits at lists.llvm.org
Wed Mar 10 07:40:15 PST 2021 

Author: Daniel Kiss
Date: 2021-03-10T16:39:39+01:00
New Revision: 201550852be4d4213d733316c38c0a7335b0d14c

URL: https://github.com/llvm/llvm-project/commit/201550852be4d4213d733316c38c0a7335b0d14c
DIFF: https://github.com/llvm/llvm-project/commit/201550852be4d4213d733316c38c0a7335b0d14c.diff

LOG: [AArch64][compiler-rt] Add Pointer Authentication support for VFORK.

The LR is stored to off-stack spill area where it is vulnerable.
"paciasp" add an auth code to the LR while the "autiasp" verifies that so
LR can't be modiifed on the spill area.

Test: build with -DCMAKE_C_FLAGS="-mbranch-protection=standard",
run on Armv8.3 capable hardware with PAuth.

Reviewed By: eugenis

Differential Revision: https://reviews.llvm.org/D98009

Added: 
    

Modified: 
    compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_vfork_aarch64.inc.S

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_vfork_aarch64.inc.S b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_vfork_aarch64.inc.S
index 20f42f1ea94e..8a96e2d4aa95 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_vfork_aarch64.inc.S
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors_vfork_aarch64.inc.S
@@ -1,6 +1,7 @@
 #if defined(__aarch64__) && defined(__linux__)
 
 #include "sanitizer_common/sanitizer_asm.h"
+#include "builtins/assembly.h"
 
 ASM_HIDDEN(COMMON_INTERCEPTOR_SPILL_AREA)
 
@@ -9,6 +10,7 @@ ASM_HIDDEN(COMMON_INTERCEPTOR_SPILL_AREA)
 ASM_TYPE_FUNCTION(ASM_WRAPPER_NAME(vfork))
 ASM_WRAPPER_NAME(vfork):
         // Save x30 in the off-stack spill area.
+        paciasp
         stp     xzr, x30, [sp, #-16]!
         bl      COMMON_INTERCEPTOR_SPILL_AREA
         ldp     xzr, x30, [sp], 16
@@ -33,6 +35,7 @@ ASM_WRAPPER_NAME(vfork):
         bl     COMMON_INTERCEPTOR_SPILL_AREA
         ldr    x30, [x0]
         ldp    x0, xzr, [sp], 16
+        autiasp
 
         ret
 ASM_SIZE(vfork)
@@ -40,4 +43,6 @@ ASM_SIZE(vfork)
 .weak vfork
 .set vfork, ASM_WRAPPER_NAME(vfork)
 
+GNU_PROPERTY_BTI_PAC
+
 #endif

More information about the llvm-commits mailing list