[compiler-rt] Normalize ptrauth handling in sanitizer runtime (PR #100483)

Anton Korobeynikov via llvm-commits llvm-commits at lists.llvm.org
Wed Jul 24 17:16:40 PDT 2024 

https://github.com/asl updated https://github.com/llvm/llvm-project/pull/100483

>From e0df857da214737ab6383611ee6a57eb60190a7e Mon Sep 17 00:00:00 2001
From: Anton Korobeynikov <anton at korobeynikov.info>
Date: Wed, 24 Jul 2024 16:09:47 -0700
Subject: [PATCH 1/2] Normalize ptrauth handling in sanitizer runtime:  1.
 Include ptrauth.h if ptrauth_intrinsics language feature is specified    
 (per ptrauth spec, this is what enables ptrauh.h usage)  2. For PAC-RET
 fallback implement two changes:    - Switch to macro, so we can ignore key
 argument    - Ensure the unsigned value is erased from LR, so the     
 possibility of gadget reuse is reduced.

Fixes #100467
---
 .../lib/sanitizer_common/sanitizer_ptrauth.h  | 34 ++++++++++---------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_ptrauth.h b/compiler-rt/lib/sanitizer_common/sanitizer_ptrauth.h
index 5200354694851..d228dd33cf938 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_ptrauth.h
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_ptrauth.h
@@ -9,24 +9,26 @@
 #ifndef SANITIZER_PTRAUTH_H
 #define SANITIZER_PTRAUTH_H
 
-#if __has_feature(ptrauth_calls)
+#if __has_feature(ptrauth_intrinsics)
 #include <ptrauth.h>
 #elif defined(__ARM_FEATURE_PAC_DEFAULT) && !defined(__APPLE__)
-inline unsigned long ptrauth_strip(void* __value, unsigned int __key) {
-  // On the stack the link register is protected with Pointer
-  // Authentication Code when compiled with -mbranch-protection.
-  // Let's stripping the PAC unconditionally because xpaclri is in
-  // the NOP space so will do nothing when it is not enabled or not available.
-  unsigned long ret;
-  asm volatile(
-      "mov x30, %1\n\t"
-      "hint #7\n\t"  // xpaclri
-      "mov %0, x30\n\t"
-      : "=r"(ret)
-      : "r"(__value)
-      : "x30");
-  return ret;
-}
+// On the stack the link register is protected with Pointer
+// Authentication Code when compiled with -mbranch-protection.
+// Let's stripping the PAC unconditionally because xpaclri is in
+// the NOP space so will do nothing when it is not enabled or not available.
+#define ptrauth_strip(__value, __key)     \
+  ({                                      \
+      unsigned long ret;                  \
+      asm volatile(                       \
+        "mov x30, %1\n\t"                 \
+        "hint #7\n\t"                     \
+        "mov %0, x30\n\t"                 \
+        "mov x30, xzr\n\t"                \
+        : "=r"(ret)                       \
+        : "r"(__value)                    \
+        : "x30");                         \
+      ret;                                \
+  })
 #define ptrauth_auth_data(__value, __old_key, __old_data) __value
 #define ptrauth_string_discriminator(__string) ((int)0)
 #else

>From 778a0e3c89eb1e2c60c44b9e6aa08beab7cc0801 Mon Sep 17 00:00:00 2001
From: Anton Korobeynikov <anton at korobeynikov.info>
Date: Wed, 24 Jul 2024 16:22:45 -0700
Subject: [PATCH 2/2] Reformat while here

---
 .../lib/sanitizer_common/sanitizer_ptrauth.h  | 38 +++++++++----------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_ptrauth.h b/compiler-rt/lib/sanitizer_common/sanitizer_ptrauth.h
index d228dd33cf938..b5215c0d49c06 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_ptrauth.h
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_ptrauth.h
@@ -10,32 +10,32 @@
 #define SANITIZER_PTRAUTH_H
 
 #if __has_feature(ptrauth_intrinsics)
-#include <ptrauth.h>
+#  include <ptrauth.h>
 #elif defined(__ARM_FEATURE_PAC_DEFAULT) && !defined(__APPLE__)
 // On the stack the link register is protected with Pointer
 // Authentication Code when compiled with -mbranch-protection.
 // Let's stripping the PAC unconditionally because xpaclri is in
 // the NOP space so will do nothing when it is not enabled or not available.
-#define ptrauth_strip(__value, __key)     \
-  ({                                      \
-      unsigned long ret;                  \
-      asm volatile(                       \
-        "mov x30, %1\n\t"                 \
-        "hint #7\n\t"                     \
-        "mov %0, x30\n\t"                 \
-        "mov x30, xzr\n\t"                \
-        : "=r"(ret)                       \
-        : "r"(__value)                    \
-        : "x30");                         \
-      ret;                                \
-  })
-#define ptrauth_auth_data(__value, __old_key, __old_data) __value
-#define ptrauth_string_discriminator(__string) ((int)0)
+#  define ptrauth_strip(__value, __key) \
+    ({                                  \
+      unsigned long ret;                \
+      asm volatile(                     \
+          "mov x30, %1\n\t"             \
+          "hint #7\n\t"                 \
+          "mov %0, x30\n\t"             \
+          "mov x30, xzr\n\t"            \
+          : "=r"(ret)                   \
+          : "r"(__value)                \
+          : "x30");                     \
+      ret;                              \
+    })
+#  define ptrauth_auth_data(__value, __old_key, __old_data) __value
+#  define ptrauth_string_discriminator(__string) ((int)0)
 #else
 // Copied from <ptrauth.h>
-#define ptrauth_strip(__value, __key) __value
-#define ptrauth_auth_data(__value, __old_key, __old_data) __value
-#define ptrauth_string_discriminator(__string) ((int)0)
+#  define ptrauth_strip(__value, __key) __value
+#  define ptrauth_auth_data(__value, __old_key, __old_data) __value
+#  define ptrauth_string_discriminator(__string) ((int)0)
 #endif
 
 #define STRIP_PAC_PC(pc) ((uptr)ptrauth_strip(pc, 0))

More information about the llvm-commits mailing list