[PATCH] D112426: [ARM] Implement BTI placement pass for PACBTI-M
Ties Stuij via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Oct 25 03:26:42 PDT 2021
stuij created this revision.
Herald added subscribers: hiraditya, kristof.beyls, mgorny.
stuij requested review of this revision.
Herald added a project: LLVM.
Herald added a subscriber: llvm-commits.
This patch implements a new MachineFunction in the ARM backend for
placing BTI instructions. It is similar to the existing AArch64
aarch64-branch-targets pass.
BTI instructions are inserted into basic blocks that:
- Have their address taken
- Are the entry block of a function, if the function has external linkage or has its address taken
- Are mentioned in jump tables
- Are exception/cleanup landing pads
Each BTI instructions is placed in the beginning of a BB after the
so-called meta instructions (e.g. exception handler labels).
Each outlining candidate and the outlined function need to be in agreement about
whether BTI placement is enabled or not. If branch target enforcement is
disabled for a function, the outliner should not covertly enable it by emitting
a call to an outlined function, which begins with BTI.
The cost mode of the outliner is adjusted to account for the extra BTI
instructions in the outlined function.
The ARM Constant Islands pass will maintain the count of the jump tables, which
reference a block. A `BTI` instruction is removed from a block only if the
reference count reaches zero.
PAC instructions in entry blocks are replaced with PACBTI instructions (tests
for this case will be added in a later patch because the compiler currently does
not generate PAC instructions).
The ARM Constant Island pass is adjusted to handle BTI
instructions correctly.
Functions with static linkage that don't have their address taken can
still be called indirectly by linker-generated veneers and thus their
entry points need be marked with BTI or PACBTI.
The changes are tested using "LLVM IR -> assembly" tests, jump tables
also have a MIR test. Unfortunately it is not possible add MIR tests
for exception handling and computed gotos because of MIR parser
limitations.
This patch is part of a series that adds support for the PACBTI-M extension of
the Armv8.1-M architecture, as detailed here:
https://community.arm.com/arm-community-blogs/b/architectures-and-processors-blog/posts/armv8-1-m-pointer-authentication-and-branch-target-identification-extension
The PACBTI-M specification can be found in the Armv8-M Architecture Reference
Manual:
https://developer.arm.com/documentation/ddi0553/latest
The following people contributed to this patch:
- Mikhail Maltsev
- Momchil Velikov
- Ties Stuij
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D112426
Files:
llvm/include/llvm/CodeGen/TargetInstrInfo.h
llvm/lib/CodeGen/MachineOutliner.cpp
llvm/lib/CodeGen/TargetInstrInfo.cpp
llvm/lib/Target/ARM/ARM.h
llvm/lib/Target/ARM/ARMBaseInstrInfo.cpp
llvm/lib/Target/ARM/ARMBaseInstrInfo.h
llvm/lib/Target/ARM/ARMBranchTargets.cpp
llvm/lib/Target/ARM/ARMConstantIslandPass.cpp
llvm/lib/Target/ARM/ARMTargetMachine.cpp
llvm/lib/Target/ARM/CMakeLists.txt
llvm/test/CodeGen/ARM/O3-pipeline.ll
llvm/test/CodeGen/Thumb2/bti-const-island-multiple-jump-tables.mir
llvm/test/CodeGen/Thumb2/bti-const-island.mir
llvm/test/CodeGen/Thumb2/bti-entry-blocks.ll
llvm/test/CodeGen/Thumb2/bti-indirect-branches.ll
llvm/test/CodeGen/Thumb2/bti-jump-table.mir
llvm/test/CodeGen/Thumb2/bti-outliner-1.ll
llvm/test/CodeGen/Thumb2/bti-outliner-2.ll
llvm/test/CodeGen/Thumb2/bti-outliner-cost-1.ll
llvm/test/CodeGen/Thumb2/bti-outliner-cost-2.ll
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D112426.381910.patch
Type: text/x-patch
Size: 57262 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20211025/0a9c606a/attachment-0001.bin>
More information about the llvm-commits
mailing list