[PATCH] D135276: [AArch64] Add support for the SEH opcode for return address signing
Martin Storsjö via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Tue Oct 11 00:35:19 PDT 2022
mstorsjo added a comment.
In D135276#3845051 <https://reviews.llvm.org/D135276#3845051>, @mstorsjo wrote:
> In D135276#3838357 <https://reviews.llvm.org/D135276#3838357>, @mstorsjo wrote:
>
>> In D135276#3838355 <https://reviews.llvm.org/D135276#3838355>, @efriedma wrote:
>>
>>> I guess if you run Windows in a virtual machine on a computer with PAC instructions (like a Mac), you might theoretically have access to them? I don't currently have a setup like that, though.
>>
>> Oh, thanks, that's a good hint, I'll try to dig around to see if I can find someone with such a setup to run some tests for me.
>
> I did get hold of a person with such a setup, but apparently either the PAC extensions weren't visible in the VM guest, or the OS hadn't set up the signing keys, so after either `paciasp` or `pacibsp`, the return address was unchanged - so the experiment didn't teach us anything about how this bug affects code on future devices. :-( (I did verify that the same test binaries do show the expected changes if I run them in Wine on Linux on Graviton 3 though.)
The PR to add public docs about this was merged - and I did get a clarification that unwinding through a signed return address without this opcode doesn't work: https://github.com/MicrosoftDocs/cpp-docs/pull/4202#issuecomment-1273849028 So with that settled, any binaries built with current versions of LLVM, with `-mbranch-protection=standard` (or similar), will be sublty broken in the future once this feature is taken into use, if those binaries expect to do any unwinding.
So in hindsight, it would have been better to have errored out on this combination for previous releases, but there's not much we can do about that now, and sneaking that into 15.0.3 is a bit late too, and the best we can do probably is just to fix this. Too bad that we can't really test run the generated unwind info here for now, but we can at least match MSVC.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D135276/new/
https://reviews.llvm.org/D135276
More information about the llvm-commits
mailing list