Skip to content

Commit de07cde

Browse files
DanielKristofKissDanielKristofKiss
committed
[AArch64] Emit .cfi_negate_ra_state for PAC-auth instructions.
autiasp, autibsp instructions are the counterpart of paciasp/pacibsp instructions therefore let's emit .cfi_negate_ra_state for these too. In case of Armv8.3 instruction set the retaa/retbb will do the return and authentication in one step here we can't emit the . cfi_negate_ra_state because that would be point after the ret* instruction. Reviewed By: nickdesaulniers, MaskRay Differential Revision: https://reviews.llvm.org/D111780
1 parent b09ba42 commit de07cde

7 files changed

+87
-32
lines changed

llvm/lib/Target/AArch64/AArch64FrameLowering.cpp

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1719,7 +1719,8 @@ static void InsertReturnAddressAuth(MachineFunction &MF,
17191719
// The AUTIASP instruction assembles to a hint instruction before v8.3a so
17201720
// this instruction can safely used for any v8a architecture.
17211721
// From v8.3a onwards there are optimised authenticate LR and return
1722-
// instructions, namely RETA{A,B}, that can be used instead.
1722+
// instructions, namely RETA{A,B}, that can be used instead. In this case the
1723+
// DW_CFA_AARCH64_negate_ra_state can't be emitted.
17231724
if (Subtarget.hasPAuth() && MBBI != MBB.end() &&
17241725
MBBI->getOpcode() == AArch64::RET_ReallyLR) {
17251726
BuildMI(MBB, MBBI, DL,
@@ -1731,6 +1732,12 @@ static void InsertReturnAddressAuth(MachineFunction &MF,
17311732
MBB, MBBI, DL,
17321733
TII->get(MFI.shouldSignWithBKey() ? AArch64::AUTIBSP : AArch64::AUTIASP))
17331734
.setMIFlag(MachineInstr::FrameDestroy);
1735+
1736+
unsigned CFIIndex =
1737+
MF.addFrameInst(MCCFIInstruction::createNegateRAState(nullptr));
1738+
BuildMI(MBB, MBBI, DL, TII->get(TargetOpcode::CFI_INSTRUCTION))
1739+
.addCFIIndex(CFIIndex)
1740+
.setMIFlags(MachineInstr::FrameDestroy);
17341741
}
17351742
}
17361743

llvm/lib/Target/AArch64/AArch64InstrInfo.cpp

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7596,7 +7596,8 @@ static void signOutlinedFunction(MachineFunction &MF, MachineBasicBlock &MBB,
75967596
}
75977597

75987598
// If v8.3a features are available we can replace a RET instruction by
7599-
// RETAA or RETAB and omit the AUT instructions
7599+
// RETAA or RETAB and omit the AUT instructions. In this case the
7600+
// DW_CFA_AARCH64_negate_ra_state can't be emitted.
76007601
if (Subtarget.hasPAuth() && MBBAUT != MBB.end() &&
76017602
MBBAUT->getOpcode() == AArch64::RET) {
76027603
BuildMI(MBB, MBBAUT, DL,
@@ -7609,6 +7610,11 @@ static void signOutlinedFunction(MachineFunction &MF, MachineBasicBlock &MBB,
76097610
TII->get(ShouldSignReturnAddrWithAKey ? AArch64::AUTIASP
76107611
: AArch64::AUTIBSP))
76117612
.setMIFlag(MachineInstr::FrameDestroy);
7613+
unsigned CFIIndexAuth =
7614+
MF.addFrameInst(MCCFIInstruction::createNegateRAState(nullptr));
7615+
BuildMI(MBB, MBBAUT, DL, TII->get(TargetOpcode::CFI_INSTRUCTION))
7616+
.addCFIIndex(CFIIndexAuth)
7617+
.setMIFlags(MachineInstr::FrameDestroy);
76127618
}
76137619
}
76147620
}

llvm/test/CodeGen/AArch64/machine-outliner-retaddr-sign-cfi.ll

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,8 @@ define void @a() "sign-return-address"="all" "sign-return-address-key"="b_key" {
2828
; CHECK-NOT: bl OUTLINED_FUNCTION_{{[0-9]+}}
2929
; V8A: hint #31
3030
; V83A: autibsp
31-
; CHECK-NEXT: ret
31+
; V8A-NEXT, V83A-NEXT: .cfi_negate_ra_state
32+
; V8A-NEXT, V83A-NEXT: ret
3233
ret void
3334
}
3435

llvm/test/CodeGen/AArch64/machine-outliner-retaddr-sign-regsave.mir

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,7 @@
3232
# CHECK: BL @[[OUTLINED_FUNCTION]]
3333
# CHECK: bb.5:
3434
# CHECK: frame-destroy AUTIBSP
35+
# CHECK-NEXT: frame-destroy CFI_INSTRUCTION negate_ra_sign_state
3536
# CHECK-NEXT: RET
3637
name: foo
3738
tracksRegLiveness: true

llvm/test/CodeGen/AArch64/machine-outliner-retaddr-sign-sp-mod.mir

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,7 @@ body: |
8181
STRXui killed renamable $x9, killed renamable $x8, target-flags(aarch64-pageoff, aarch64-nc) @v :: (volatile store (s64) into @v)
8282
$sp = frame-destroy ADDXri $sp, 16, 0
8383
frame-destroy AUTIASP implicit-def $lr, implicit killed $lr, implicit $sp
84+
frame-destroy CFI_INSTRUCTION negate_ra_sign_state
8485
RET undef $lr
8586
8687
# CHECK-LABEL: name: legal0
@@ -91,6 +92,7 @@ body: |
9192
# CHECK-NEXT: frame-setup CFI_INSTRUCTION negate_ra_sign_state
9293
# CHECK: BL @[[OUTLINED_FUNC:OUTLINED_FUNCTION_[0-9]+]]
9394
# CHECK: frame-destroy AUTIASP implicit-def $lr, implicit killed $lr, implicit $sp
95+
# CHECK-NEXT: frame-destroy CFI_INSTRUCTION negate_ra_sign_state
9496
# CHECK-NEXT: RET undef $lr
9597

9698
...
@@ -114,6 +116,7 @@ body: |
114116
STRXui killed renamable $x9, killed renamable $x8, target-flags(aarch64-pageoff, aarch64-nc) @v :: (volatile store (s64) into @v)
115117
$sp = frame-destroy ADDXri $sp, 16, 0
116118
frame-destroy AUTIASP implicit-def $lr, implicit killed $lr, implicit $sp
119+
frame-destroy CFI_INSTRUCTION negate_ra_sign_state
117120
RET undef $lr
118121
119122
# CHECK-LABEL: name: legal1
@@ -124,6 +127,7 @@ body: |
124127
# CHECK-NEXT: frame-setup CFI_INSTRUCTION negate_ra_sign_state
125128
# CHECK: BL @[[OUTLINED_FUNC]]
126129
# CHECK: frame-destroy AUTIASP implicit-def $lr, implicit killed $lr, implicit $sp
130+
# CHECK-NEXT: frame-destroy CFI_INSTRUCTION negate_ra_sign_state
127131
# CHECK-NEXT: RET undef $lr
128132

129133
...
@@ -147,6 +151,7 @@ body: |
147151
STRXui killed renamable $x9, killed renamable $x8, target-flags(aarch64-pageoff, aarch64-nc) @v :: (volatile store (s64) into @v)
148152
$sp = frame-destroy ADDXri $sp, 12, 0
149153
frame-destroy AUTIASP implicit-def $lr, implicit killed $lr, implicit $sp
154+
frame-destroy CFI_INSTRUCTION negate_ra_sign_state
150155
RET undef $lr
151156
152157
...
@@ -170,6 +175,7 @@ body: |
170175
STRXui killed renamable $x9, killed renamable $x8, target-flags(aarch64-pageoff, aarch64-nc) @v :: (volatile store (s64) into @v)
171176
$sp = frame-destroy ADDXri $sp, 12, 0
172177
frame-destroy AUTIASP implicit-def $lr, implicit killed $lr, implicit $sp
178+
frame-destroy CFI_INSTRUCTION negate_ra_sign_state
173179
RET undef $lr
174180
175181
# CHECK-LABEL: name: illegal0
@@ -180,6 +186,7 @@ body: |
180186
# CHECK-NEXT: frame-setup CFI_INSTRUCTION negate_ra_sign_state
181187
# CHECK-NOT: BL @OUTLINED_FUNCTION_{{.*}}
182188
# CHECK: frame-destroy AUTIASP implicit-def $lr, implicit killed $lr, implicit $sp
189+
# CHECK-NEXT: frame-destroy CFI_INSTRUCTION negate_ra_sign_state
183190
# CHECK-NEXT: RET undef $lr
184191

185192
# CHECK-LABEL: name: illegal1
@@ -190,6 +197,7 @@ body: |
190197
# CHECK-NEXT: frame-setup CFI_INSTRUCTION negate_ra_sign_state
191198
# CHECK-NOT: BL @OUTLINED_FUNCTION_{{.*}}
192199
# CHECK: frame-destroy AUTIASP implicit-def $lr, implicit killed $lr, implicit $sp
200+
# CHECK-NEXT: frame-destroy CFI_INSTRUCTION negate_ra_sign_state
193201
# CHECK-NEXT: RET undef $lr
194202

195203
# Outlined function that contains only legal sp modifications
@@ -203,4 +211,5 @@ body: |
203211
# CHECK-NEXT: $sp = frame-setup SUBXri $sp, 16, 0
204212
# CHECK: $sp = frame-destroy ADDXri $sp, 16, 0
205213
# CHECK-NEXT: frame-destroy AUTIASP implicit-def $lr, implicit $lr, implicit $sp
214+
# CHECK-NEXT: frame-destroy CFI_INSTRUCTION negate_ra_sign_state
206215
# CHECK-NEXT: RET $lr

llvm/test/CodeGen/AArch64/machine-outliner-retaddr-sign-thunk.ll

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,10 @@ define i32 @a() #0 {
1111
; CHECK: // %bb.0: // %entry
1212
; V8A-NEXT: hint #25
1313
; V83A-NEXT: paciasp
14+
; CHECK-NEXT: .cfi_negate_ra_state
1415
; V8A: hint #29
1516
; V83A: autiasp
17+
; CHECK-NEXT: .cfi_negate_ra_state
1618
; CHECK-NEXT: ret
1719
entry:
1820
%call = tail call i32 @thunk_called_fn(i32 1, i32 2, i32 3, i32 4)
@@ -28,6 +30,7 @@ define i32 @b() #0 {
2830
; CHECK-NEXT: .cfi_negate_ra_state
2931
; V8A: hint #29
3032
; V83A: autiasp
33+
; CHECK-NEXT: .cfi_negate_ra_state
3134
; CHECK-NEXT: ret
3235
entry:
3336
%call = tail call i32 @thunk_called_fn(i32 1, i32 2, i32 3, i32 4)
@@ -43,6 +46,7 @@ define hidden i32 @c(i32 (i32, i32, i32, i32)* %fptr) #0 {
4346
; CHECK-NEXT: .cfi_negate_ra_state
4447
; V8A: hint #29
4548
; V83A: autiasp
49+
; CHECK-NEXT: .cfi_negate_ra_state
4650
; CHECK-NEXT: ret
4751
entry:
4852
%call = tail call i32 %fptr(i32 1, i32 2, i32 3, i32 4)
@@ -58,6 +62,7 @@ define hidden i32 @d(i32 (i32, i32, i32, i32)* %fptr) #0 {
5862
; CHECK-NEXT: .cfi_negate_ra_state
5963
; V8A: hint #29
6064
; V83A: autiasp
65+
; CHECK-NEXT: .cfi_negate_ra_state
6166
; CHECK-NEXT: ret
6267
entry:
6368
%call = tail call i32 %fptr(i32 1, i32 2, i32 3, i32 4)

llvm/test/CodeGen/AArch64/sign-return-address.ll

Lines changed: 55 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,9 @@ define i32 @leaf_sign_non_leaf(i32 %x) "sign-return-address"="non-leaf" {
2424

2525
; CHECK-LABEL: @leaf_sign_all
2626
; CHECK: hint #25
27+
; CHECK-NEXT: .cfi_negate_ra_state
2728
; CHECK: hint #29
29+
; CHECK-NEXT: .cfi_negate_ra_state
2830
; CHECK: ret
2931
; CHECK-V83A: pacia x30, sp
3032
; CHECK-V83A: retaa
@@ -34,10 +36,12 @@ define i32 @leaf_sign_all(i32 %x) "sign-return-address"="all" {
3436

3537
; CHECK: @leaf_clobbers_lr
3638
; CHECK: hint #25
39+
; CHECK-NEXT: .cfi_negate_ra_state
3740
; CHECK-V83A: pacia x30, sp
3841
; CHECK, CHECK-V83A: str x30, [sp, #-16]!
3942
; CHECK, CHECK-V83A: ldr x30, [sp], #16
4043
; CHECK: hint #29
44+
; CHECK-NEXT: .cfi_negate_ra_state
4145
; CHECK: ret
4246
; CHECK-V32A-NEXT: retaa
4347
define i64 @leaf_clobbers_lr(i64 %x) "sign-return-address"="non-leaf" {
@@ -49,7 +53,9 @@ declare i32 @foo(i32)
4953

5054
; CHECK: @non_leaf_sign_all
5155
; CHECK: hint #25
56+
; CHECK-NEXT: .cfi_negate_ra_state
5257
; CHECK: hint #29
58+
; CHECK-NEXT: .cfi_negate_ra_state
5359
; CHECK: ret
5460
; CHECK-V83A: pacia x30, sp
5561
; CHECK-V83A: retaa
@@ -60,10 +66,12 @@ define i32 @non_leaf_sign_all(i32 %x) "sign-return-address"="all" {
6066

6167
; CHECK: @non_leaf_sign_non_leaf
6268
; CHECK: hint #25
69+
; CHECK-NEXT: .cfi_negate_ra_state
6370
; CHECK-V83A: pacia x30, sp
6471
; CHECK, CHECK-V83A: str x30, [sp, #-16]!
6572
; CHECK, CHECK-V83A: ldr x30, [sp], #16
6673
; CHECK: hint #29
74+
; CHECK-NEXT: .cfi_negate_ra_state
6775
; CHECK: ret
6876
; CHECK-V83A: retaa
6977
define i32 @non_leaf_sign_non_leaf(i32 %x) "sign-return-address"="non-leaf" {
@@ -72,10 +80,11 @@ define i32 @non_leaf_sign_non_leaf(i32 %x) "sign-return-address"="non-leaf" {
7280
}
7381

7482
; CHECK-LABEL: @leaf_sign_all_v83
75-
; CHECK: pacia x30, sp
76-
; CHECK-NOT: ret
77-
; CHECK: retaa
78-
; CHECK-NOT: ret
83+
; CHECK: pacia x30, sp
84+
; CHECK-NEXT: .cfi_negate_ra_state
85+
; CHECK-NOT: ret
86+
; CHECK: retaa
87+
; CHECK-NOT: ret
7988
define i32 @leaf_sign_all_v83(i32 %x) "sign-return-address"="all" "target-features"="+v8.3a" {
8089
ret i32 %x
8190
}
@@ -84,11 +93,14 @@ declare fastcc i64 @bar(i64)
8493

8594
; CHECK-LABEL: @spill_lr_and_tail_call
8695
; CHECK: hint #25
96+
; CHECK-NEXT: .cfi_negate_ra_state
8797
; CHECK-V83A: pacia x30, sp
98+
; CHECK-V83A-NEXT: .cfi_negate_ra_state
8899
; CHECK, CHECK-V83A: str x30, [sp, #-16]!
89100
; CHECK, CHECK-V83A: ldr x30, [sp], #16
90101
; CHECK-V83A: autiasp
91102
; CHECK: hint #29
103+
; CHECK-NEXT: .cfi_negate_ra_state
92104
; CHECK: b bar
93105
define fastcc void @spill_lr_and_tail_call(i64 %x) "sign-return-address"="all" {
94106
call void asm sideeffect "mov x30, $0", "r,~{lr}"(i64 %x) #1
@@ -97,57 +109,71 @@ define fastcc void @spill_lr_and_tail_call(i64 %x) "sign-return-address"="all" {
97109
}
98110

99111
; CHECK-LABEL: @leaf_sign_all_a_key
100-
; CHECK: hint #25
101-
; CHECK: hint #29
102-
; CHECK-V83A: pacia x30, sp
103-
; CHECK-V83A: retaa
112+
; CHECK: hint #25
113+
; CHECK-NEXT: .cfi_negate_ra_state
114+
; CHECK: hint #29
115+
; CHECK-NEXT: .cfi_negate_ra_state
116+
; CHECK-V83A: pacia x30, sp
117+
; CHECK-V83A-NEXT: .cfi_negate_ra_state
118+
; CHECK-V83A: retaa
104119
define i32 @leaf_sign_all_a_key(i32 %x) "sign-return-address"="all" "sign-return-address-key"="a_key" {
105120
ret i32 %x
106121
}
107122

108123
; CHECK-LABEL: @leaf_sign_all_b_key
109-
; CHECK: hint #27
110-
; CHECK: hint #31
111-
; CHECK-V83A: pacib x30, sp
112-
; CHECK-V83A: retab
124+
; CHECK: hint #27
125+
; CHECK-NEXT: .cfi_negate_ra_state
126+
; CHECK: hint #31
127+
; CHECK-NEXT: .cfi_negate_ra_state
128+
; CHECK-V83A: pacib x30, sp
129+
; CHECK-V83A-NEXT: .cfi_negate_ra_state
130+
; CHECK-V83A: retab
113131
define i32 @leaf_sign_all_b_key(i32 %x) "sign-return-address"="all" "sign-return-address-key"="b_key" {
114132
ret i32 %x
115133
}
116134

117135
; CHECK-LABEL: @leaf_sign_all_v83_b_key
118-
; CHECK: pacib x30, sp
119-
; CHECK-NOT: ret
120-
; CHECK: retab
121-
; CHECK-NOT: ret
136+
; CHECK: pacib x30, sp
137+
; CHECK-NEXT: .cfi_negate_ra_state
138+
; CHECK-NOT: ret
139+
; CHECK: retab
140+
; CHECK-NOT: ret
122141
define i32 @leaf_sign_all_v83_b_key(i32 %x) "sign-return-address"="all" "target-features"="+v8.3a" "sign-return-address-key"="b_key" {
123142
ret i32 %x
124143
}
125144

126145
; CHECK-LABEL: @leaf_sign_all_a_key_bti
127-
; CHECK-NOT: hint #34
128-
; CHECK: hint #25
129-
; CHECK: hint #29
130-
; CHECK-V83A: pacia x30, sp
131-
; CHECK-V83A: retaa
146+
; CHECK-NOT: hint #34
147+
; CHECK: hint #25
148+
; CHECK-NEXT: .cfi_negate_ra_state
149+
; CHECK: hint #29
150+
; CHECK-NEXT: .cfi_negate_ra_state
151+
; CHECK-V83A: pacia x30, sp
152+
; CHECK-V83A-NEXT: .cfi_negate_ra_state
153+
; CHECK-V83A: retaa
132154
define i32 @leaf_sign_all_a_key_bti(i32 %x) "sign-return-address"="all" "sign-return-address-key"="a_key" "branch-target-enforcement"="true"{
133155
ret i32 %x
134156
}
135157

136158
; CHECK-LABEL: @leaf_sign_all_b_key_bti
137-
; CHECK-NOT: hint #34
138-
; CHECK: hint #27
139-
; CHECK: hint #31
140-
; CHECK-V83A: pacib x30, sp
141-
; CHECK-V83A: retab
159+
; CHECK-NOT: hint #34
160+
; CHECK: hint #27
161+
; CHECK-NEXT: .cfi_negate_ra_state
162+
; CHECK: hint #31
163+
; CHECK-NEXT: .cfi_negate_ra_state
164+
; CHECK-V83A: pacib x30, sp
165+
; CHECK-V83A-NEXT: .cfi_negate_ra_state
166+
; CHECK-V83A: retab
142167
define i32 @leaf_sign_all_b_key_bti(i32 %x) "sign-return-address"="all" "sign-return-address-key"="b_key" "branch-target-enforcement"="true"{
143168
ret i32 %x
144169
}
145170

146171
; CHECK-LABEL: @leaf_sign_all_v83_b_key_bti
147172
; CHECK: pacib x30, sp
148-
; CHECK-NOT: ret
149-
; CHECK: retab
150-
; CHECK-NOT: ret
173+
; CHECK-NEXT: .cfi_negate_ra_state
174+
; CHECK-NOT: ret
175+
; CHECK: retab
176+
; CHECK-NOT: ret
151177
define i32 @leaf_sign_all_v83_b_key_bti(i32 %x) "sign-return-address"="all" "target-features"="+v8.3a" "sign-return-address-key"="b_key" "branch-target-enforcement"="true" {
152178
ret i32 %x
153179
}

0 commit comments

Comments
 (0)