File: AArch64PointerAuth.h

package info (click to toggle)
llvm-toolchain-18 1%3A18.1.8-18
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,908,340 kB
  • sloc: cpp: 6,667,937; ansic: 1,440,452; asm: 883,619; python: 230,549; objc: 76,880; f90: 74,238; lisp: 35,989; pascal: 16,571; sh: 10,229; perl: 7,459; ml: 5,047; awk: 3,523; makefile: 2,987; javascript: 2,149; xml: 892; fortran: 649; cs: 573
file content (116 lines) | stat: -rw-r--r-- 4,549 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
 
//===-- AArch64PointerAuth.h -- Harden code using PAuth ---------*- C++ -*-===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

#ifndef LLVM_LIB_TARGET_AARCH64_AARCH64POINTERAUTH_H
#define LLVM_LIB_TARGET_AARCH64_AARCH64POINTERAUTH_H

#include "llvm/CodeGen/MachineBasicBlock.h"
#include "llvm/CodeGen/Register.h"

namespace llvm {
namespace AArch64PAuth {

/// Variants of check performed on an authenticated pointer.
///
/// In cases such as authenticating the LR value when performing a tail call
/// or when re-signing a signed pointer with a different signing schema,
/// a failed authentication may not generate an exception on its own and may
/// create an authentication or signing oracle if not checked explicitly.
///
/// A number of check methods modify control flow in a similar way by
/// rewriting the code
///
/// ```
///   <authenticate LR>
///   <more instructions>
/// ```
///
/// as follows:
///
/// ```
///   <authenticate LR>
///   <method-specific checker>
/// ret_block:
///   <more instructions>
///   ...
///
/// break_block:
///   brk <code>
/// ```
enum class AuthCheckMethod {
  /// Do not check the value at all
  None,
  /// Perform a load to a temporary register
  DummyLoad,
  /// Check by comparing bits 62 and 61 of the authenticated address.
  ///
  /// This method modifies control flow and inserts the following checker:
  ///
  /// ```
  ///   eor Xtmp, Xn, Xn, lsl #1
  ///   tbnz Xtmp, #62, break_block
  /// ```
  HighBitsNoTBI,
  /// Check by comparing the authenticated value with an XPAC-ed one without
  /// using PAuth instructions not encoded as HINT. Can only be applied to LR.
  ///
  /// This method modifies control flow and inserts the following checker:
  ///
  /// ```
  ///   mov Xtmp, LR
  ///   xpaclri           ; encoded as "hint #7"
  ///   ; Note: at this point, the LR register contains the address as if
  ///   ; the authentication succeeded and the temporary register contains the
  ///   ; *real* result of authentication.
  ///   cmp Xtmp, LR
  ///   b.ne break_block
  /// ```
  XPACHint,
};

#define AUTH_CHECK_METHOD_CL_VALUES_COMMON                                     \
      clEnumValN(AArch64PAuth::AuthCheckMethod::None, "none",                  \
                 "Do not check authenticated address"),                        \
      clEnumValN(AArch64PAuth::AuthCheckMethod::DummyLoad, "load",             \
                 "Perform dummy load from authenticated address"),             \
      clEnumValN(AArch64PAuth::AuthCheckMethod::HighBitsNoTBI,                 \
                 "high-bits-notbi",                                            \
                 "Compare bits 62 and 61 of address (TBI should be disabled)")

#define AUTH_CHECK_METHOD_CL_VALUES_LR                                         \
      AUTH_CHECK_METHOD_CL_VALUES_COMMON,                                      \
      clEnumValN(AArch64PAuth::AuthCheckMethod::XPACHint, "xpac-hint",         \
                 "Compare with the result of XPACLRI")

/// Explicitly checks that pointer authentication succeeded.
///
/// Assuming AuthenticatedReg contains a value returned by one of the AUT*
/// instructions, check the value using Method just before the instruction
/// pointed to by MBBI. If the check succeeds, execution proceeds to the
/// instruction pointed to by MBBI, otherwise a CPU exception is generated.
///
/// Some of the methods may need to know if the pointer was authenticated
/// using an I-key or D-key and which register can be used as temporary.
/// If an explicit BRK instruction is used to generate an exception, BrkImm
/// specifies its immediate operand.
///
/// \returns The machine basic block containing the code that is executed
///          after the check succeeds.
MachineBasicBlock &checkAuthenticatedRegister(MachineBasicBlock::iterator MBBI,
                                              AuthCheckMethod Method,
                                              Register AuthenticatedReg,
                                              Register TmpReg, bool UseIKey,
                                              unsigned BrkImm);

/// Returns the number of bytes added by checkAuthenticatedRegister.
unsigned getCheckerSizeInBytes(AuthCheckMethod Method);

} // end namespace AArch64PAuth
} // end namespace llvm

#endif