1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
;
; RUN: llc %s -o - -mtriple=thumbv8m.main -verify-machineinstrs \
; RUN: -mattr=+fp-armv8d16sp,+fix-cmse-cve-2021-35465 | \
; RUN: FileCheck %s --check-prefix=CHECK-8M-FP-CVE-2021-35465
;
; RUN: llc %s -o - -mtriple=thumbv8m.main -mcpu=cortex-m33 -verify-machineinstrs | \
; RUN: FileCheck %s --check-prefix=CHECK-8M-FP-CVE-2021-35465
;
; RUN: llc %s -o - -mtriple=thumbv8m.main -mcpu=cortex-m35p -verify-machineinstrs | \
; RUN: FileCheck %s --check-prefix=CHECK-8M-FP-CVE-2021-35465
;
; RUN: llc %s -o - -mtriple=thumbv8m.main -verify-machineinstrs \
; RUN: -mattr=-fpregs,+fix-cmse-cve-2021-35465 | \
; RUN: FileCheck %s --check-prefix=CHECK-8M-NOFP-CVE-2021-35465
;
; RUN: llc %s -o - -mtriple=thumbv8m.main -mcpu=cortex-m33 -mattr=-fpregs -verify-machineinstrs | \
; RUN: FileCheck %s --check-prefix=CHECK-8M-NOFP-CVE-2021-35465
;
; RUN: llc %s -o - -mtriple=thumbv8m.main -mcpu=cortex-m35p -mattr=-fpregs -verify-machineinstrs | \
; RUN: FileCheck %s --check-prefix=CHECK-8M-NOFP-CVE-2021-35465
;
; RUN: llc %s -o - -mtriple=thumbv8.1m.main -verify-machineinstrs \
; RUN: -mattr=+fp-armv8d16sp,+fix-cmse-cve-2021-35465 | \
; RUN: FileCheck %s --check-prefix=CHECK-81M-CVE-2021-35465
;
; RUN: llc %s -o - -mtriple=thumbv8.1m.main -mcpu=cortex-m55 -verify-machineinstrs | \
; RUN: FileCheck %s --check-prefix=CHECK-81M-CVE-2021-35465
;
; RUN: llc %s -o - -mtriple=thumbv8.1m.main -verify-machineinstrs \
; RUN: -mattr=-fpregs,+fix-cmse-cve-2021-35465 | \
; RUN: FileCheck %s --check-prefix=CHECK-81M-CVE-2021-35465
;
; RUN: llc %s -o - -mtriple=thumbv8.1m.main -mcpu=cortex-m55 -mattr=-fpregs -verify-machineinstrs | \
; RUN: FileCheck %s --check-prefix=CHECK-81M-CVE-2021-35465
;
define void @non_secure_call(void ()* %fptr) {
; CHECK-8M-FP-CVE-2021-35465-LABEL: non_secure_call:
; CHECK-8M-FP-CVE-2021-35465: @ %bb.0:
; CHECK-8M-FP-CVE-2021-35465-NEXT: push {r7, lr}
; CHECK-8M-FP-CVE-2021-35465-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11}
; CHECK-8M-FP-CVE-2021-35465-NEXT: bic r0, r0, #1
; CHECK-8M-FP-CVE-2021-35465-NEXT: sub sp, #136
; CHECK-8M-FP-CVE-2021-35465-NEXT: vlstm sp
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r1, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r2, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r3, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r4, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r5, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r6, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r7, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r8, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r9, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r10, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r11, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mov r12, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: msr apsr_nzcvq{{g?}}, r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: blxns r0
; CHECK-8M-FP-CVE-2021-35465-NEXT: mrs r12, control
; CHECK-8M-FP-CVE-2021-35465-NEXT: tst.w r12, #8
; CHECK-8M-FP-CVE-2021-35465-NEXT: it ne
; CHECK-8M-FP-CVE-2021-35465-NEXT: vmovne.f32 s0, s0
; CHECK-8M-FP-CVE-2021-35465-NEXT: vlldm sp
; CHECK-8M-FP-CVE-2021-35465-NEXT: add sp, #136
; CHECK-8M-FP-CVE-2021-35465-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
; CHECK-8M-FP-CVE-2021-35465-NEXT: pop {r7, pc}
;
; CHECK-8M-NOFP-CVE-2021-35465-LABEL: non_secure_call:
; CHECK-8M-NOFP-CVE-2021-35465: @ %bb.0:
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: push {r7, lr}
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11}
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: bic r0, r0, #1
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: sub sp, #136
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: vlstm sp
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r1, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r2, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r3, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r4, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r5, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r6, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r7, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r8, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r9, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r10, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r11, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mov r12, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: msr apsr_nzcvq{{g?}}, r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: blxns r0
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: mrs r12, control
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: tst.w r12, #8
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: it ne
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: @APP
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: .inst.w 0xeeb00a40
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: @NO_APP
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: vlldm sp
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: add sp, #136
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
; CHECK-8M-NOFP-CVE-2021-35465-NEXT: pop {r7, pc}
;
; CHECK-81M-CVE-2021-35465-LABEL: non_secure_call:
; CHECK-81M-CVE-2021-35465: @ %bb.0:
; CHECK-81M-CVE-2021-35465-NEXT: push {r7, lr}
; CHECK-81M-CVE-2021-35465-NEXT: push.w {r4, r5, r6, r7, r8, r9, r10, r11}
; CHECK-81M-CVE-2021-35465-NEXT: bic r0, r0, #1
; CHECK-81M-CVE-2021-35465-NEXT: sub sp, #136
; CHECK-81M-CVE-2021-35465-NEXT: vlstm sp
; CHECK-81M-CVE-2021-35465-NEXT: clrm {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11, r12, apsr}
; CHECK-81M-CVE-2021-35465-NEXT: blxns r0
; CHECK-81M-CVE-2021-35465-NEXT: vscclrm {vpr}
; CHECK-81M-CVE-2021-35465-NEXT: vlldm sp
; CHECK-81M-CVE-2021-35465-NEXT: add sp, #136
; CHECK-81M-CVE-2021-35465-NEXT: pop.w {r4, r5, r6, r7, r8, r9, r10, r11}
; CHECK-81M-CVE-2021-35465-NEXT: pop {r7, pc}
call void %fptr() #0
ret void
}
attributes #0 = { "cmse_nonsecure_call" }
|
