[PATCH] D159357: [AArch64] Move PAuth codegen down the machine pipeline
Anatoly Trosinenko via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Sep 18 07:51:55 PDT 2023
atrosinenko added inline comments.
================
Comment at: llvm/lib/Target/AArch64/AArch64FrameLowering.cpp:1421-1426
+ if (MFnI.shouldSignReturnAddress(MF)) {
+ BuildMI(MBB, MBBI, DL, TII->get(AArch64::PAUTH_PROLOGUE))
+ .setMIFlag(MachineInstr::FrameSetup);
+ if (NeedsWinCFI)
+ HasWinCFI = true; // AArch64PointerAuth pass will insert SEH_PACSignLR
+ }
----------------
pratlucas wrote:
> Why do we need these to be added as pseudo-instructions during frame lowering? Is there any chance the criteria for making the decision is lost before the new pass is executed?
One reason is that the insertion points computed by the shrink-wrapping pass are actually lost after PEI. Though, inserting PAC on entry and AUT before every return may be considered both as a bug (from the performance point of view) or as a feature (from the security point of view as it makes things easier to observe).
Another reason (mostly for the PAUTH_EPILOGUE instruction) is that the naive approach would wrap the Shadow Call Stack code inside PAuth one, but now it is explicitly checked in tests that the LR value is actually restored by SCS if both are enabled. I wonder if it is meaningful at all to sign and authenticate LR when SCS is enabled for the particular function, though.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D159357/new/
https://reviews.llvm.org/D159357
More information about the llvm-commits
mailing list